From 2c4bf026bd91c3a70bb37627f869b72463483e25 Mon Sep 17 00:00:00 2001 From: Johan Andersson Date: Fri, 22 Apr 2022 11:19:47 +0200 Subject: [PATCH] Address Polaris GCP API changes (#87) --- pkg/polaris/graphql/gcp/cloud.go | 29 ++++++--- pkg/polaris/graphql/gcp/gcp.go | 11 +++- pkg/polaris/graphql/gcp/native.go | 10 +++ pkg/polaris/graphql/gcp/queries.go | 61 ++++++++++++++++--- ...ud_account_add_manual_auth_project.graphql | 19 +++--- ...account_add_manual_auth_project_v0.graphql | 3 +- ...account_add_manual_auth_project_v1.graphql | 10 +++ .../gcp_cloud_account_delete_projects.graphql | 9 ++- ...p_cloud_account_delete_projects_v0.graphql | 7 +++ .../gcp_native_disable_project.graphql | 6 +- .../gcp_native_disable_project_v1.graphql | 5 ++ ...default_service_account_jwt_config.graphql | 7 ++- ...ault_service_account_jwt_config_v0.graphql | 3 + 13 files changed, 141 insertions(+), 39 deletions(-) create mode 100644 pkg/polaris/graphql/gcp/queries/gcp_cloud_account_add_manual_auth_project_v1.graphql create mode 100644 pkg/polaris/graphql/gcp/queries/gcp_cloud_account_delete_projects_v0.graphql create mode 100644 pkg/polaris/graphql/gcp/queries/gcp_native_disable_project_v1.graphql create mode 100644 pkg/polaris/graphql/gcp/queries/gcp_set_default_service_account_jwt_config_v0.graphql diff --git a/pkg/polaris/graphql/gcp/cloud.go b/pkg/polaris/graphql/gcp/cloud.go index f44d155e..df6f577f 100644 --- a/pkg/polaris/graphql/gcp/cloud.go +++ b/pkg/polaris/graphql/gcp/cloud.go @@ -99,18 +99,22 @@ func (a API) CloudAccountAddManualAuthProject(ctx context.Context, projectID, pr query := gcpCloudAccountAddManualAuthProjectQuery if graphql.VersionOlderThan(a.Version, "master-46133", "v20220315") { query = gcpCloudAccountAddManualAuthProjectV0Query + } else if graphql.VersionOlderThan(a.Version, "master-47076", "v20220426") { + query = gcpCloudAccountAddManualAuthProjectV1Query } _, err := a.GQL.Request(ctx, query, struct { - Feature core.Feature `json:"feature"` - ID string `json:"gcpNativeProjectId"` - Name string `json:"gcpProjectName"` - Number int64 `json:"gcpProjectNumber"` - OrgName string `json:"organizationName,omitempty"` - JwtConfig string `json:"serviceAccountJwtConfigOptional,omitempty"` - }{Feature: feature, ID: projectID, Name: projectName, Number: projectNumber, OrgName: orgName, JwtConfig: jwtConfig}) + ID string `json:"gcpNativeProjectId"` + Name string `json:"gcpProjectName"` + Number int64 `json:"gcpProjectNumber"` + OrgName string `json:"organizationName,omitempty"` + JwtConfig string `json:"serviceAccountJwtConfig,omitempty"` + JwtConfigOpt string `json:"serviceAccountJwtConfigOptional,omitempty"` + Feature core.Feature `json:"feature"` + }{ID: projectID, Name: projectName, Number: projectNumber, OrgName: orgName, JwtConfig: jwtConfig, JwtConfigOpt: jwtConfig, Feature: feature}) if err != nil { return fmt.Errorf("failed to request CloudAccountAddManualAuthProject: %v", err) } + return nil } @@ -119,14 +123,19 @@ func (a API) CloudAccountAddManualAuthProject(ctx context.Context, projectID, pr func (a API) CloudAccountDeleteProject(ctx context.Context, id uuid.UUID) error { a.GQL.Log().Print(log.Trace) - buf, err := a.GQL.Request(ctx, gcpCloudAccountDeleteProjectsQuery, struct { + query := gcpCloudAccountDeleteProjectsQuery + if graphql.VersionOlderThan(a.Version, "master-47076", "v20220426") { + query = gcpCloudAccountDeleteProjectsV0Query + } + buf, err := a.GQL.Request(ctx, query, struct { + ID uuid.UUID `json:"nativeProtectionProjectId"` IDs []uuid.UUID `json:"nativeProtectionProjectUuids"` - }{IDs: []uuid.UUID{id}}) + }{ID: id, IDs: []uuid.UUID{id}}) if err != nil { return fmt.Errorf("failed to request CloudAccountDeleteProject: %v", err) } - a.GQL.Log().Printf(log.Debug, "gcpCloudAccountDeleteProjects(%q): %s", []uuid.UUID{id}, string(buf)) + a.GQL.Log().Printf(log.Debug, "%s(%q): %s", graphql.QueryName(query), id, string(buf)) var payload struct { Data struct { diff --git a/pkg/polaris/graphql/gcp/gcp.go b/pkg/polaris/graphql/gcp/gcp.go index f090ab38..cf26b59b 100644 --- a/pkg/polaris/graphql/gcp/gcp.go +++ b/pkg/polaris/graphql/gcp/gcp.go @@ -75,15 +75,20 @@ func (a API) DefaultCredentialsServiceAccount(ctx context.Context) (name string, func (a API) SetDefaultServiceAccount(ctx context.Context, name, jwtConfig string) error { a.GQL.Log().Print(log.Trace) - buf, err := a.GQL.Request(ctx, gcpSetDefaultServiceAccountJwtConfigQuery, struct { + query := gcpSetDefaultServiceAccountJwtConfigQuery + if graphql.VersionOlderThan(a.Version, "master-47076", "v20220426") { + query = gcpSetDefaultServiceAccountJwtConfigV0Query + } + buf, err := a.GQL.Request(ctx, query, struct { Name string `json:"serviceAccountName"` - JwtConfig string `json:"serviceAccountJWTConfig"` + JwtConfig string `json:"serviceAccountJwtConfig"` }{Name: name, JwtConfig: jwtConfig}) if err != nil { return fmt.Errorf("failed to request SetDefaultServiceAccount: %v", err) } - a.GQL.Log().Printf(log.Debug, "gcpSetDefaultServiceAccount(%q, %q): %s", name, jwtConfig, string(buf)) + a.GQL.Log().Printf(log.Debug, "%s(%q, %q): %s", graphql.QueryName(query), name, jwtConfig, + string(buf)) var payload struct { Data struct { diff --git a/pkg/polaris/graphql/gcp/native.go b/pkg/polaris/graphql/gcp/native.go index 47ea2534..df42c921 100644 --- a/pkg/polaris/graphql/gcp/native.go +++ b/pkg/polaris/graphql/gcp/native.go @@ -23,6 +23,7 @@ package gcp import ( "context" "encoding/json" + "errors" "fmt" "github.com/google/uuid" @@ -132,6 +133,8 @@ func (a API) NativeDisableProject(ctx context.Context, id uuid.UUID, deleteSnaps query := gcpNativeDisableProjectQuery if graphql.VersionOlderThan(a.Version, "master-46700", "v20220412") { query = gcpNativeDisableProjectV0Query + } else if graphql.VersionOlderThan(a.Version, "master-47076", "v20220426") { + query = gcpNativeDisableProjectV1Query } buf, err := a.GQL.Request(ctx, query, struct { ID uuid.UUID `json:"projectId"` @@ -148,6 +151,7 @@ func (a API) NativeDisableProject(ctx context.Context, id uuid.UUID, deleteSnaps Query struct { JobID uuid.UUID `json:"jobId"` TaskChainID uuid.UUID `json:"taskchainUuid"` + Error string `json:"error"` } `json:"gcpNativeDisableProject"` } `json:"data"` } @@ -158,5 +162,11 @@ func (a API) NativeDisableProject(ctx context.Context, id uuid.UUID, deleteSnaps if graphql.VersionOlderThan(a.Version, "master-46700", "v20220412") { return payload.Data.Query.TaskChainID, nil } + if graphql.VersionOlderThan(a.Version, "master-47076", "v20220426") { + return payload.Data.Query.JobID, nil + } + if payload.Data.Query.Error != "" { + return uuid.Nil, errors.New(payload.Data.Query.Error) + } return payload.Data.Query.JobID, nil } diff --git a/pkg/polaris/graphql/gcp/queries.go b/pkg/polaris/graphql/gcp/queries.go index 363c8683..83f7456c 100644 --- a/pkg/polaris/graphql/gcp/queries.go +++ b/pkg/polaris/graphql/gcp/queries.go @@ -50,8 +50,19 @@ var allGcpCloudAccountProjectsByFeatureQuery = `query SdkGolangAllGcpCloudAccoun }` // gcpCloudAccountAddManualAuthProject GraphQL query -var gcpCloudAccountAddManualAuthProjectQuery = `mutation SdkGolangGcpCloudAccountAddManualAuthProject($feature: CloudAccountFeature!, $gcpNativeProjectId: String!, $gcpProjectName: String!, $gcpProjectNumber: Long!, $organizationName: String, $serviceAccountJwtConfigOptional: String) -{ +var gcpCloudAccountAddManualAuthProjectQuery = `mutation SdkGolangGcpCloudAccountAddManualAuthProject($gcpNativeProjectId: String!, $gcpProjectName: String!, $gcpProjectNumber: Long!, $organizationName: String, $serviceAccountJwtConfig: String, $feature: CloudAccountFeature!) { + gcpCloudAccountAddManualAuthProject(input: { + gcpNativeProjectId: $gcpNativeProjectId, + gcpProjectName: $gcpProjectName, + gcpProjectNumber: $gcpProjectNumber, + organizationName: $organizationName, + serviceAccountJwtConfig: $serviceAccountJwtConfig, + features: [$feature], + }) +}` + +// gcpCloudAccountAddManualAuthProjectV0 GraphQL query +var gcpCloudAccountAddManualAuthProjectV0Query = `mutation SdkGolangGcpCloudAccountAddManualAuthProjectV0($feature: CloudAccountFeatureEnum!, $gcpNativeProjectId: String!, $gcpProjectName: String!, $gcpProjectNumber: Long!, $organizationName: String, $serviceAccountJwtConfigOptional: String) { gcpCloudAccountAddManualAuthProject( features: [$feature], gcpNativeProjectId: $gcpNativeProjectId, @@ -62,9 +73,8 @@ var gcpCloudAccountAddManualAuthProjectQuery = `mutation SdkGolangGcpCloudAccoun ) }` -// gcpCloudAccountAddManualAuthProjectV0 GraphQL query -var gcpCloudAccountAddManualAuthProjectV0Query = `mutation SdkGolangGcpCloudAccountAddManualAuthProjectV0($feature: CloudAccountFeatureEnum!, $gcpNativeProjectId: String!, $gcpProjectName: String!, $gcpProjectNumber: Long!, $organizationName: String, $serviceAccountJwtConfigOptional: String) -{ +// gcpCloudAccountAddManualAuthProjectV1 GraphQL query +var gcpCloudAccountAddManualAuthProjectV1Query = `mutation SdkGolangGcpCloudAccountAddManualAuthProjectV1($feature: CloudAccountFeature!, $gcpNativeProjectId: String!, $gcpProjectName: String!, $gcpProjectNumber: Long!, $organizationName: String, $serviceAccountJwtConfigOptional: String) { gcpCloudAccountAddManualAuthProject( features: [$feature], gcpNativeProjectId: $gcpNativeProjectId, @@ -76,7 +86,21 @@ var gcpCloudAccountAddManualAuthProjectV0Query = `mutation SdkGolangGcpCloudAcco }` // gcpCloudAccountDeleteProjects GraphQL query -var gcpCloudAccountDeleteProjectsQuery = `mutation SdkGolangGcpCloudAccountDeleteProjects($nativeProtectionProjectUuids: [UUID!]!) { +var gcpCloudAccountDeleteProjectsQuery = `mutation SdkGolangGcpCloudAccountDeleteProjects($nativeProtectionProjectId: UUID!) { + gcpCloudAccountDeleteProjects(input: { + nativeProtectionProjectIds: [$nativeProtectionProjectId], + sharedVpcHostProjectIds: [], + cloudAccountsProjectIds: [], + skipResourceDeletion: true, + }) { + projectUuid + success + error + } +}` + +// gcpCloudAccountDeleteProjectsV0 GraphQL query +var gcpCloudAccountDeleteProjectsV0Query = `mutation SdkGolangGcpCloudAccountDeleteProjectsV0($nativeProtectionProjectUuids: [UUID!]!) { gcpCloudAccountDeleteProjects(nativeProtectionProjectUuids: $nativeProtectionProjectUuids, sharedVpcHostProjectUuids: [], cloudAccountsProjectUuids: [], skipResourceDeletion: true) { projectUuid success @@ -141,8 +165,12 @@ var gcpGetDefaultCredentialsServiceAccountQuery = `query SdkGolangGcpGetDefaultC // gcpNativeDisableProject GraphQL query var gcpNativeDisableProjectQuery = `mutation SdkGolangGcpNativeDisableProject($projectId: UUID!, $shouldDeleteNativeSnapshots: Boolean!) { - gcpNativeDisableProject(projectId: $projectId, shouldDeleteNativeSnapshots: $shouldDeleteNativeSnapshots) { + gcpNativeDisableProject(input: { + projectId: $projectId, + shouldDeleteNativeSnapshots: $shouldDeleteNativeSnapshots + }) { jobId + error } }` @@ -153,6 +181,13 @@ var gcpNativeDisableProjectV0Query = `mutation SdkGolangGcpNativeDisableProjectV } }` +// gcpNativeDisableProjectV1 GraphQL query +var gcpNativeDisableProjectV1Query = `mutation SdkGolangGcpNativeDisableProjectV1($projectId: UUID!, $shouldDeleteNativeSnapshots: Boolean!) { + gcpNativeDisableProject(projectId: $projectId, shouldDeleteNativeSnapshots: $shouldDeleteNativeSnapshots) { + jobId + } +}` + // gcpNativeProject GraphQL query var gcpNativeProjectQuery = `query SdkGolangGcpNativeProject($fid: UUID!) { gcpNativeProject(fid: $fid) { @@ -235,8 +270,16 @@ var gcpNativeProjectsQuery = `query SdkGolangGcpNativeProjects($after: String, $ }` // gcpSetDefaultServiceAccountJwtConfig GraphQL query -var gcpSetDefaultServiceAccountJwtConfigQuery = `mutation SdkGolangGcpSetDefaultServiceAccountJwtConfig($serviceAccountName: String!, $serviceAccountJWTConfig: String!) { - gcpSetDefaultServiceAccountJwtConfig(serviceAccountJWTConfig: $serviceAccountJWTConfig, serviceAccountName: $serviceAccountName) +var gcpSetDefaultServiceAccountJwtConfigQuery = `mutation SdkGolangGcpSetDefaultServiceAccountJwtConfig($serviceAccountName: String!, $serviceAccountJwtConfig: String!) { + gcpSetDefaultServiceAccountJwtConfig(input: { + serviceAccountJwtConfig: $serviceAccountJwtConfig, + serviceAccountName: $serviceAccountName, + }) +}` + +// gcpSetDefaultServiceAccountJwtConfigV0 GraphQL query +var gcpSetDefaultServiceAccountJwtConfigV0Query = `mutation SdkGolangGcpSetDefaultServiceAccountJwtConfigV0($serviceAccountName: String!, $serviceAccountJwtConfig: String!) { + gcpSetDefaultServiceAccountJwtConfig(serviceAccountJWTConfig: $serviceAccountJwtConfig, serviceAccountName: $serviceAccountName) }` // upgradeGcpCloudAccountPermissionsWithoutOauth GraphQL query diff --git a/pkg/polaris/graphql/gcp/queries/gcp_cloud_account_add_manual_auth_project.graphql b/pkg/polaris/graphql/gcp/queries/gcp_cloud_account_add_manual_auth_project.graphql index 15cc53d6..c3b72eab 100644 --- a/pkg/polaris/graphql/gcp/queries/gcp_cloud_account_add_manual_auth_project.graphql +++ b/pkg/polaris/graphql/gcp/queries/gcp_cloud_account_add_manual_auth_project.graphql @@ -1,11 +1,10 @@ -mutation RubrikPolarisSDKRequest($feature: CloudAccountFeature!, $gcpNativeProjectId: String!, $gcpProjectName: String!, $gcpProjectNumber: Long!, $organizationName: String, $serviceAccountJwtConfigOptional: String) -{ - gcpCloudAccountAddManualAuthProject( - features: [$feature], - gcpNativeProjectId: $gcpNativeProjectId, - gcpProjectName: $gcpProjectName, - gcpProjectNumber: $gcpProjectNumber, - organizationName: $organizationName, - serviceAccountJwtConfigOptional: $serviceAccountJwtConfigOptional, - ) +mutation RubrikPolarisSDKRequest($gcpNativeProjectId: String!, $gcpProjectName: String!, $gcpProjectNumber: Long!, $organizationName: String, $serviceAccountJwtConfig: String, $feature: CloudAccountFeature!) { + gcpCloudAccountAddManualAuthProject(input: { + gcpNativeProjectId: $gcpNativeProjectId, + gcpProjectName: $gcpProjectName, + gcpProjectNumber: $gcpProjectNumber, + organizationName: $organizationName, + serviceAccountJwtConfig: $serviceAccountJwtConfig, + features: [$feature], + }) } diff --git a/pkg/polaris/graphql/gcp/queries/gcp_cloud_account_add_manual_auth_project_v0.graphql b/pkg/polaris/graphql/gcp/queries/gcp_cloud_account_add_manual_auth_project_v0.graphql index e2578b1e..ec0a3384 100644 --- a/pkg/polaris/graphql/gcp/queries/gcp_cloud_account_add_manual_auth_project_v0.graphql +++ b/pkg/polaris/graphql/gcp/queries/gcp_cloud_account_add_manual_auth_project_v0.graphql @@ -1,5 +1,4 @@ -mutation RubrikPolarisSDKRequest($feature: CloudAccountFeatureEnum!, $gcpNativeProjectId: String!, $gcpProjectName: String!, $gcpProjectNumber: Long!, $organizationName: String, $serviceAccountJwtConfigOptional: String) -{ +mutation RubrikPolarisSDKRequest($feature: CloudAccountFeatureEnum!, $gcpNativeProjectId: String!, $gcpProjectName: String!, $gcpProjectNumber: Long!, $organizationName: String, $serviceAccountJwtConfigOptional: String) { gcpCloudAccountAddManualAuthProject( features: [$feature], gcpNativeProjectId: $gcpNativeProjectId, diff --git a/pkg/polaris/graphql/gcp/queries/gcp_cloud_account_add_manual_auth_project_v1.graphql b/pkg/polaris/graphql/gcp/queries/gcp_cloud_account_add_manual_auth_project_v1.graphql new file mode 100644 index 00000000..1120adfe --- /dev/null +++ b/pkg/polaris/graphql/gcp/queries/gcp_cloud_account_add_manual_auth_project_v1.graphql @@ -0,0 +1,10 @@ +mutation RubrikPolarisSDKRequest($feature: CloudAccountFeature!, $gcpNativeProjectId: String!, $gcpProjectName: String!, $gcpProjectNumber: Long!, $organizationName: String, $serviceAccountJwtConfigOptional: String) { + gcpCloudAccountAddManualAuthProject( + features: [$feature], + gcpNativeProjectId: $gcpNativeProjectId, + gcpProjectName: $gcpProjectName, + gcpProjectNumber: $gcpProjectNumber, + organizationName: $organizationName, + serviceAccountJwtConfigOptional: $serviceAccountJwtConfigOptional, + ) +} diff --git a/pkg/polaris/graphql/gcp/queries/gcp_cloud_account_delete_projects.graphql b/pkg/polaris/graphql/gcp/queries/gcp_cloud_account_delete_projects.graphql index 84ae02c7..3ef80903 100644 --- a/pkg/polaris/graphql/gcp/queries/gcp_cloud_account_delete_projects.graphql +++ b/pkg/polaris/graphql/gcp/queries/gcp_cloud_account_delete_projects.graphql @@ -1,5 +1,10 @@ -mutation RubrikPolarisSDKRequest($nativeProtectionProjectUuids: [UUID!]!) { - gcpCloudAccountDeleteProjects(nativeProtectionProjectUuids: $nativeProtectionProjectUuids, sharedVpcHostProjectUuids: [], cloudAccountsProjectUuids: [], skipResourceDeletion: true) { +mutation RubrikPolarisSDKRequest($nativeProtectionProjectId: UUID!) { + gcpCloudAccountDeleteProjects(input: { + nativeProtectionProjectIds: [$nativeProtectionProjectId], + sharedVpcHostProjectIds: [], + cloudAccountsProjectIds: [], + skipResourceDeletion: true, + }) { projectUuid success error diff --git a/pkg/polaris/graphql/gcp/queries/gcp_cloud_account_delete_projects_v0.graphql b/pkg/polaris/graphql/gcp/queries/gcp_cloud_account_delete_projects_v0.graphql new file mode 100644 index 00000000..84ae02c7 --- /dev/null +++ b/pkg/polaris/graphql/gcp/queries/gcp_cloud_account_delete_projects_v0.graphql @@ -0,0 +1,7 @@ +mutation RubrikPolarisSDKRequest($nativeProtectionProjectUuids: [UUID!]!) { + gcpCloudAccountDeleteProjects(nativeProtectionProjectUuids: $nativeProtectionProjectUuids, sharedVpcHostProjectUuids: [], cloudAccountsProjectUuids: [], skipResourceDeletion: true) { + projectUuid + success + error + } +} diff --git a/pkg/polaris/graphql/gcp/queries/gcp_native_disable_project.graphql b/pkg/polaris/graphql/gcp/queries/gcp_native_disable_project.graphql index 76e229f7..32e9d63f 100644 --- a/pkg/polaris/graphql/gcp/queries/gcp_native_disable_project.graphql +++ b/pkg/polaris/graphql/gcp/queries/gcp_native_disable_project.graphql @@ -1,5 +1,9 @@ mutation RubrikPolarisSDKRequest($projectId: UUID!, $shouldDeleteNativeSnapshots: Boolean!) { - gcpNativeDisableProject(projectId: $projectId, shouldDeleteNativeSnapshots: $shouldDeleteNativeSnapshots) { + gcpNativeDisableProject(input: { + projectId: $projectId, + shouldDeleteNativeSnapshots: $shouldDeleteNativeSnapshots + }) { jobId + error } } diff --git a/pkg/polaris/graphql/gcp/queries/gcp_native_disable_project_v1.graphql b/pkg/polaris/graphql/gcp/queries/gcp_native_disable_project_v1.graphql new file mode 100644 index 00000000..76e229f7 --- /dev/null +++ b/pkg/polaris/graphql/gcp/queries/gcp_native_disable_project_v1.graphql @@ -0,0 +1,5 @@ +mutation RubrikPolarisSDKRequest($projectId: UUID!, $shouldDeleteNativeSnapshots: Boolean!) { + gcpNativeDisableProject(projectId: $projectId, shouldDeleteNativeSnapshots: $shouldDeleteNativeSnapshots) { + jobId + } +} diff --git a/pkg/polaris/graphql/gcp/queries/gcp_set_default_service_account_jwt_config.graphql b/pkg/polaris/graphql/gcp/queries/gcp_set_default_service_account_jwt_config.graphql index 4fec147d..319b9c82 100644 --- a/pkg/polaris/graphql/gcp/queries/gcp_set_default_service_account_jwt_config.graphql +++ b/pkg/polaris/graphql/gcp/queries/gcp_set_default_service_account_jwt_config.graphql @@ -1,3 +1,6 @@ -mutation RubrikPolarisSDKRequest($serviceAccountName: String!, $serviceAccountJWTConfig: String!) { - gcpSetDefaultServiceAccountJwtConfig(serviceAccountJWTConfig: $serviceAccountJWTConfig, serviceAccountName: $serviceAccountName) +mutation RubrikPolarisSDKRequest($serviceAccountName: String!, $serviceAccountJwtConfig: String!) { + gcpSetDefaultServiceAccountJwtConfig(input: { + serviceAccountJwtConfig: $serviceAccountJwtConfig, + serviceAccountName: $serviceAccountName, + }) } diff --git a/pkg/polaris/graphql/gcp/queries/gcp_set_default_service_account_jwt_config_v0.graphql b/pkg/polaris/graphql/gcp/queries/gcp_set_default_service_account_jwt_config_v0.graphql new file mode 100644 index 00000000..6ff6d43b --- /dev/null +++ b/pkg/polaris/graphql/gcp/queries/gcp_set_default_service_account_jwt_config_v0.graphql @@ -0,0 +1,3 @@ +mutation RubrikPolarisSDKRequest($serviceAccountName: String!, $serviceAccountJwtConfig: String!) { + gcpSetDefaultServiceAccountJwtConfig(serviceAccountJWTConfig: $serviceAccountJwtConfig, serviceAccountName: $serviceAccountName) +}