func allowUnauthenticated()

in cmd/cloudshell_open/deploy.go [238:265]

• 25 lines of code
• 5 McCabe index (conditional complexity)

func allowUnauthenticated(project, name, region string) error {
	client, err := runapi.NewService(context.TODO())
	if err != nil {
		return fmt.Errorf("failed to initialize Run API client: %w", err)
	}

	res := fmt.Sprintf("projects/%s/locations/%s/services/%s", project, region, name)
	policy, err := client.Projects.Locations.Services.GetIamPolicy(res).Do()
	if err != nil {
		return fmt.Errorf("failed to get IAM policy for Cloud Run Service: %w", err)
	}

	policy.Bindings = append(policy.Bindings, &runapi.Binding{
		Members: []string{"allUsers"},
		Role:    "roles/run.invoker",
	})

	_, err = client.Projects.Locations.Services.SetIamPolicy(res, &runapi.SetIamPolicyRequest{Policy: policy}).Do()
	if err != nil {
		var extra string
		e, ok := err.(*googleapi.Error)
		if ok {
			extra = fmt.Sprintf("code=%d, message=%s -- %s", e.Code, e.Message, e.Body)
		}
		return fmt.Errorf("failed to set IAM policy for Cloud Run Service: %w %s", err, extra)
	}
	return nil
}