Python 使用存储在secret Manager中的机密初始化Firebase Admin SDK
我正在尝试使用单独的服务帐户(即不是默认的服务帐户)在云运行应用程序中初始化Firebase Admin SDK 文件建议:Python 使用存储在secret Manager中的机密初始化Firebase Admin SDK,python,firebase,firebase-admin,Python,Firebase,Firebase Admin,我正在尝试使用单独的服务帐户(即不是默认的服务帐户)在云运行应用程序中初始化Firebase Admin SDK 文件建议: import firebase_admin from firebase_admin import credentials cred = credentials.Certificate("path/to/serviceAccountKey.json") firebase_admin.initialize_app(cred) 但是,我希望避免将机密打包
import firebase_admin
from firebase_admin import credentials
cred = credentials.Certificate("path/to/serviceAccountKey.json")
firebase_admin.initialize_app(cred)
但是,我希望避免将机密打包到云运行容器中,因此我正在从Secret Manager检索json文件,并尝试创建凭据,并将其传递到:firebase_admin.initialize_app(cred)
收到错误:
ValueError:提供了非法的Firebase凭据。应用程序必须是
已使用有效的凭据实例初始化
任何提示都非常感谢。您也可以使用
凭证.证书(服务\帐户\信息)
并避免使用临时文件。@HiranyaJayathilaka感谢您提供的其他信息。那样更干净。我更新了答案以反映同样的情况。
import firebase_admin
from google.cloud import secretmanager
from google.oauth2 import service_account
# Create credentials object then initialize the firebase admin client
sec_client = secretmanager.SecretManagerServiceClient()
name = sec_client.secret_version_path(GOOGLE_CLOUD_PROJECT_NUMBER, FIREBASE_SA_SECRET_NAME, "latest")
response = sec_client.access_secret_version(name)
service_account_info = json.loads(response.payload.data.decode('utf-8'))
# build credentials with the service account dict
creds = firebase_admin.credentials.Certificate(service_account_info)
# initialize firebase admin
firebase_app = firebase_admin.initialize_app(creds)
import firebase_admin
from google.cloud import secretmanager
from google.oauth2 import service_account
# Create credentials object then initialize the firebase admin client
sec_client = secretmanager.SecretManagerServiceClient()
name = sec_client.secret_version_path(GOOGLE_CLOUD_PROJECT_NUMBER, FIREBASE_SA_SECRET_NAME, "latest")
response = sec_client.access_secret_version(name)
service_account_info = json.loads(response.payload.data.decode('utf-8'))
# build credentials with the service account dict
creds = firebase_admin.credentials.Certificate(service_account_info)
# initialize firebase admin
firebase_app = firebase_admin.initialize_app(creds)