Skip to content

Commit

Permalink
fix: Fix default service account tests on GCE. (#11021)
Browse files Browse the repository at this point in the history
Tests running on GCE VMs automatically fall back to using the local
metadata service to detect the local default service account. In those
cases, tests for malformed creds won't work, but they should return a
VM-specific default service account email.
  • Loading branch information
cjc25 authored Oct 23, 2024
1 parent 6071167 commit ff06fc2
Showing 1 changed file with 11 additions and 0 deletions.
11 changes: 11 additions & 0 deletions storage/bucket_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ import (
"testing"
"time"

"cloud.google.com/go/compute/metadata"
"cloud.google.com/go/internal/testutil"
"cloud.google.com/go/storage/internal/apiv2/storagepb"
"github.com/google/go-cmp/cmp"
Expand Down Expand Up @@ -1306,6 +1307,16 @@ func TestDetectDefaultGoogleAccessID(t *testing.T) {
if id != tc.serviceAccount {
t.Errorf("service account not found correctly; got: %s, want: %s", id, tc.serviceAccount)
}
} else if metadata.OnGCE() {
// On GCE, we fall back to the default service account. Check that's
// what happened.
defaultServiceAccount, err := metadata.Email("default")
if err != nil {
t.Errorf("could not load metadata service account for fallback: %v", err)
}
if id != defaultServiceAccount {
t.Errorf("service account not found correctly on fallback; got: %s, want: %s", id, defaultServiceAccount)
}
} else if err == nil {
t.Error("expected error but detectDefaultGoogleAccessID did not return one")
}
Expand Down

0 comments on commit ff06fc2

Please sign in to comment.