func NewClientWithImpersonation()

in pkg/plugin/cloudlogging/client.go [118:156]


func NewClientWithImpersonation(ctx context.Context, jsonCreds []byte, impersonateSA string) (*Client, error) {
	var ts oauth2.TokenSource
	var err error
	if jsonCreds == nil {
		ts, err = impersonate.CredentialsTokenSource(ctx, impersonate.CredentialsConfig{
			TargetPrincipal: impersonateSA,
			Scopes:          []string{"https://www.googleapis.com/auth/cloud-platform.read-only"},
		})
	} else {
		ts, err = impersonate.CredentialsTokenSource(ctx, impersonate.CredentialsConfig{
			TargetPrincipal: impersonateSA,
			Scopes:          []string{"https://www.googleapis.com/auth/cloud-platform.read-only"},
		}, option.WithCredentialsJSON(jsonCreds))
	}
	if err != nil {
		return nil, err
	}

	client, err := logging.NewClient(ctx, option.WithTokenSource(ts),
		option.WithUserAgent("googlecloud-logging-datasource"))
	if err != nil {
		return nil, err
	}
	rClient, err := resourcemanager.NewService(ctx, option.WithTokenSource(ts),
		option.WithUserAgent("googlecloud-logging-datasource"))
	if err != nil {
		return nil, err
	}
	configClient, err := logging.NewConfigClient(ctx, option.WithTokenSource(ts),
		option.WithUserAgent("googlecloud-logging-datasource"))
	if err != nil {
		return nil, err
	}
	return &Client{
		lClient:      client,
		rClient:      rClient.Projects,
		configClient: configClient,
	}, nil
}