in pkg/plugin/cloudlogging/client.go [118:156]
func NewClientWithImpersonation(ctx context.Context, jsonCreds []byte, impersonateSA string) (*Client, error) {
var ts oauth2.TokenSource
var err error
if jsonCreds == nil {
ts, err = impersonate.CredentialsTokenSource(ctx, impersonate.CredentialsConfig{
TargetPrincipal: impersonateSA,
Scopes: []string{"https://www.googleapis.com/auth/cloud-platform.read-only"},
})
} else {
ts, err = impersonate.CredentialsTokenSource(ctx, impersonate.CredentialsConfig{
TargetPrincipal: impersonateSA,
Scopes: []string{"https://www.googleapis.com/auth/cloud-platform.read-only"},
}, option.WithCredentialsJSON(jsonCreds))
}
if err != nil {
return nil, err
}
client, err := logging.NewClient(ctx, option.WithTokenSource(ts),
option.WithUserAgent("googlecloud-logging-datasource"))
if err != nil {
return nil, err
}
rClient, err := resourcemanager.NewService(ctx, option.WithTokenSource(ts),
option.WithUserAgent("googlecloud-logging-datasource"))
if err != nil {
return nil, err
}
configClient, err := logging.NewConfigClient(ctx, option.WithTokenSource(ts),
option.WithUserAgent("googlecloud-logging-datasource"))
if err != nil {
return nil, err
}
return &Client{
lClient: client,
rClient: rClient.Projects,
configClient: configClient,
}, nil
}