GCP auto login

... or a quick script to authenticate on my Mac

As a heavy user of GCP services, but also with organisational policies that limits auth session lengths, I wanted to set up a way to quickly authenticate with the gcloud CLI.

What I came up with is the script below, which I’ve since packaged as a .app which runs on computer login, most days all it does is ask me for a fingerprint and then I’m authenticated to gcloud, some days I get a browser auth prompt.

I also tend to include a flavour of this script in any bash script that relies on google services, to ensure that I am authenticated before trying to execute anything.

#!/bin/bash
if !(op item get "Name of password item in 1password" --fields label=password | gcloud projects list > /dev/null 2>&1);
then
    echo "Login required, opening browser"
    gcloud auth login --update-adc --enable-gdrive-access > /dev/null 2>&1;
    if (echo "not_your_password" | gcloud projects list > /dev/null);
    then
        echo "You are now logged in"
    else
        echo "Something went wrong"
    fi
else
    echo "You are already logged in"
fi

It relies on a few things, first of all it’s passing my credentials from 1password (that’s the op command) to gcloud to see if that’s enough to authenticate, if not it opens a browser with the normal auth command. Then it tests auth by piping a dummy password to the projects list command.

Here’s instructions on how to turn a shell script into an app on Mac:

https://support.apple.com/en-gb/guide/script-editor/scpedt1072/mac

… which you will need it to be if you want to run it automatically when loggin in to your computer:

https://support.apple.com/en-gb/guide/mac-help/mh15189/mac

That’s all for now.

/Jens