Hi,
So I’ve been trying to get gce to work, but no luck - it used to work, something changed, and now it isn’t - not sure what happened, but I tried to setup everything from scratch again …
On GCE, I’ve created a service account, when creating the account, I ticked the box to allow domain-wide delegation (DwD), the p12 got downloaded automatically and the pem extracted with the command from the ansible site (https://docs.ansible.com/ansible/guide_gce.html#credentials) and stored as ansible.pem, I then clicked on “View client ID”, edited the name (ansible) and saved it.
I’ve attached some screenshots that should help (I hope) …
https://console.developers.google.com/apis/credentials?project=projectname
Service account details / list :
View client detail :
The secrets.py has the following :
GCE_PARAMS = ('ansible@********.iam.gserviceaccount.com', '/full/path/to/ansible.pem')
GCE_KEYWORD_PARAMS = {'project': '********'}
The gce.ini has the following :
[gce]
libcloud_secrets = /full/path/to/secrets.py
But now I get this output :
Please Go to the following URL and sign in:
https://accounts.google.com/o/oauth2/auth?scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcompute+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fdevstorage.full_control+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fndev.clouddns.readwrite&state=Libcloud+Request&redirect_uri=urn%3Aietf%3Awg%3Aoauth%3A2.0%3Aoob&response_type=code&client_id=ansible%40********.iam.gserviceaccount.com
Enter Code:
Anyone got any ideas ? Any way to debug this ?
Thanks!
Alex