FEATURE: Provide credentials private key via ENV

This feature allows for specifying the P12 private key as a
base64-encoded string alternatively to a path and filename.
That allows for file-less scenarios with environment variables
only.

See README.md for details.

Classes/StorageFactory.php

@@ -46,25 +46,29 @@ public function create($credentialsProfileName = 'default')
             throw new Exception(sprintf('The specified Google Cloud Storage credentials profile "%s" does not exist, please check your settings.', $credentialsProfileName), 1446553024);
         }
 
-        if (substr($this->credentialProfiles[$credentialsProfileName]['credentials']['privateKeyP12PathAndFilename'], 0, 1) !== '/') {
-            $privateKeyPathAndFilename = FLOW_PATH_ROOT . $this->credentialProfiles[$credentialsProfileName]['credentials']['privateKeyP12PathAndFilename'];
+        if (!empty($this->credentialProfiles[$credentialsProfileName]['credentials']['privateKeyP12Base64Encoded'])) {
+            $privateKey = base64_decode($this->credentialProfiles[$credentialsProfileName]['credentials']['privateKeyP12Base64Encoded']);
         } else {
-            $privateKeyPathAndFilename = $this->credentialProfiles[$credentialsProfileName]['credentials']['privateKeyP12PathAndFilename'];
-        }
+            if (substr($this->credentialProfiles[$credentialsProfileName]['credentials']['privateKeyP12PathAndFilename'], 0, 1) !== '/') {
+                $privateKeyPathAndFilename = FLOW_PATH_ROOT . $this->credentialProfiles[$credentialsProfileName]['credentials']['privateKeyP12PathAndFilename'];
+            } else {
+                $privateKeyPathAndFilename = $this->credentialProfiles[$credentialsProfileName]['credentials']['privateKeyP12PathAndFilename'];
+            }
 
-        if (!file_exists($privateKeyPathAndFilename)) {
-            throw new Exception(sprintf('The Google Cloud Storage private key file "%s" does not exist. Either the file is missing or you need to adjust your settings.', $privateKeyPathAndFilename), 1446553054);
+            if (!file_exists($privateKeyPathAndFilename)) {
+                throw new Exception(sprintf('The Google Cloud Storage private key file "%s" does not exist. Either the file is missing or you need to adjust your settings.', $privateKeyPathAndFilename), 1446553054);
+            }
+            $privateKey = file_get_contents($privateKeyPathAndFilename);
         }
 
-        $privateKey = file_get_contents($privateKeyPathAndFilename);
         $credentials = new \Google_Auth_AssertionCredentials(
             $this->credentialProfiles[$credentialsProfileName]['credentials']['clientEmail'],
             [ \Google_Service_Storage::DEVSTORAGE_READ_WRITE ],
             $privateKey
         );
 
         $temporaryTargetPathAndFilename = $this->environment->getPathToTemporaryDirectory() . 'Flownative_Google_CloudStorage_Temp';
-       
+
         $googleClient = new \Google_Client();
         $googleClient->setClassConfig('Google_Cache_File', 'directory',$temporaryTargetPathAndFilename);
         $googleClient->setAssertionCredentials($credentials);

Configuration/Settings.yaml

@@ -6,4 +6,9 @@ Flownative:
         default:
           credentials:
             clientEmail: '123456789012-abc123defg456hijklmnopqrstuvwxyz@developer.gserviceaccount.com'
+
+            # The private key (P12) can be specified in two ways: either by specifying the path and filename leading to
+            # the file containing the key, or as a string with the P12 key (base64 encoded). If both options are set,
+            # the "privateKeyP12" option wins.
             privateKeyP12PathAndFilename: 'Data/Secrets/MyGoogleProject-abc123457def.p12'
+            privateKeyP12Base64Encoded: ''

README.md

@@ -46,6 +46,20 @@ Flownative:
             privateKeyP12PathAndFilename: 'Data/Secrets/MyGoogleProject-abc123457def.p12'
 ```
 
+Instead of using a file, the private key can also be specified directly, as a base64-encoded string. This allows for
+providing the private key via an environment variable:
+
+```yaml
+Flownative:
+  Google:
+    CloudStorage:
+      profiles:
+        default:
+          credentials:
+            clientEmail: '123456789012-abc123defg456hijklmnopqrstuvwxyz@developer.gserviceaccount.com'
+            privateKeyP12Base64Encoded: '%env:SOME_ENVIRONMENT_VARIABLE_WITH_PRIVATE_KEY%'
+```
+
 You can test your settings by executing the `connect` command with a bucket of your choice.
 
 ```bash