Spaces:

PHhTTPS
/

ProxyCLI

Sleeping

ProxyCLI / internal /cmd /vertex_import.go

kek

Fresh start: Go 1.23 + go-git/v5 compatibility

f606b10 3 months ago

3.62 kB

	// Package cmd contains CLI helpers. This file implements importing a Vertex AI
	// service account JSON into the auth store as a dedicated "vertex" credential.
	package cmd

	import (
	"context"
	"encoding/json"
	"fmt"
	"os"
	"strings"

	"github.com/router-for-me/CLIProxyAPI/v6/internal/auth/vertex"
	"github.com/router-for-me/CLIProxyAPI/v6/internal/config"
	"github.com/router-for-me/CLIProxyAPI/v6/internal/util"
	sdkAuth "github.com/router-for-me/CLIProxyAPI/v6/sdk/auth"
	coreauth "github.com/router-for-me/CLIProxyAPI/v6/sdk/cliproxy/auth"
	log "github.com/sirupsen/logrus"
	)

	// DoVertexImport imports a Google Cloud service account key JSON and persists
	// it as a "vertex" provider credential. The file content is embedded in the auth
	// file to allow portable deployment across stores.
	func DoVertexImport(cfg *config.Config, keyPath string) {
	if cfg == nil {
	cfg = &config.Config{}
	}
	if resolved, errResolve := util.ResolveAuthDir(cfg.AuthDir); errResolve == nil {
	cfg.AuthDir = resolved
	}
	rawPath := strings.TrimSpace(keyPath)
	if rawPath == "" {
	log.Errorf("vertex-import: missing service account key path")
	return
	}
	data, errRead := os.ReadFile(rawPath)
	if errRead != nil {
	log.Errorf("vertex-import: read file failed: %v", errRead)
	return
	}
	var sa map[string]any
	if errUnmarshal := json.Unmarshal(data, &sa); errUnmarshal != nil {
	log.Errorf("vertex-import: invalid service account json: %v", errUnmarshal)
	return
	}
	// Validate and normalize private_key before saving
	normalizedSA, errFix := vertex.NormalizeServiceAccountMap(sa)
	if errFix != nil {
	log.Errorf("vertex-import: %v", errFix)
	return
	}
	sa = normalizedSA
	email, _ := sa["client_email"].(string)
	projectID, _ := sa["project_id"].(string)
	if strings.TrimSpace(projectID) == "" {
	log.Errorf("vertex-import: project_id missing in service account json")
	return
	}
	if strings.TrimSpace(email) == "" {
	// Keep empty email but warn
	log.Warn("vertex-import: client_email missing in service account json")
	}
	// Default location if not provided by user. Can be edited in the saved file later.
	location := "us-central1"

	fileName := fmt.Sprintf("vertex-%s.json", sanitizeFilePart(projectID))
	// Build auth record
	storage := &vertex.VertexCredentialStorage{
	ServiceAccount: sa,
	ProjectID: projectID,
	Email: email,
	Location: location,
	}
	metadata := map[string]any{
	"service_account": sa,
	"project_id": projectID,
	"email": email,
	"location": location,
	"type": "vertex",
	"label": labelForVertex(projectID, email),
	}
	record := &coreauth.Auth{
	ID: fileName,
	Provider: "vertex",
	FileName: fileName,
	Storage: storage,
	Metadata: metadata,
	}

	store := sdkAuth.GetTokenStore()
	if setter, ok := store.(interface{ SetBaseDir(string) }); ok {
	setter.SetBaseDir(cfg.AuthDir)
	}
	path, errSave := store.Save(context.Background(), record)
	if errSave != nil {
	log.Errorf("vertex-import: save credential failed: %v", errSave)
	return
	}
	fmt.Printf("Vertex credentials imported: %s\n", path)
	}

	func sanitizeFilePart(s string) string {
	out := strings.TrimSpace(s)
	replacers := []string{"/", "_", "\\", "_", ":", "_", " ", "-"}
	for i := 0; i < len(replacers); i += 2 {
	out = strings.ReplaceAll(out, replacers[i], replacers[i+1])
	}
	return out
	}

	func labelForVertex(projectID, email string) string {
	p := strings.TrimSpace(projectID)
	e := strings.TrimSpace(email)
	if p != "" && e != "" {
	return fmt.Sprintf("%s (%s)", p, e)
	}
	if p != "" {
	return p
	}
	if e != "" {
	return e
	}
	return "vertex"
	}