Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status


google-gauth (4) Versions 0.2.0

Installs/Configures gauth

cookbook 'google-gauth', '= 0.2.0', :supermarket
cookbook 'google-gauth', '= 0.2.0'
knife supermarket install google-gauth
knife supermarket download google-gauth
Quality 33%

Google Authentication Chef Cookbook

Module Description

This cookbook provides the resources to authenticate with Google Cloud Platform.

When executing operations on Google Cloud Platform, e.g. creating a virtual
machine, a SQL database, etc., you need to be authenticated to be able to carry
on with the request.

All Google Cloud Platform cookbooks use an unified authentication mechanism,
provided by this cookbook.


gauth_credential 'mycred' do
  action :serviceaccount
  path '/home/nelsonjr/my_account.json'
  scopes [


To install this cookbook using knife tool:

knife cookbook site install google-gauth
knife cookbook site download google-gauth

Note: Google Cloud Platform cookbooks that require authentication will
automatically install this cookbook, as it will be listed in their


Supported Operating Systems

This cookbook was tested on the following operating systems:

  • RedHat 6, 7
  • CentOS 6, 7
  • Debian 7, 8
  • Ubuntu 12.04, 14.04, 16.04, 16.10
  • SLES 11-sp4, 12-sp2
  • openSUSE 13
  • Windows Server 2008 R2, 2012 R2, 2012 R2 Core, 2016 R2, 2016 R2 Core

About Service Accounts

This cookbook uses service accounts to authenticate with Google
Cloud Platform. Google Cloud Platform project administrators manage service
accounts. They can create, modify and delete accounts and grant account
specific privileges on the projects. Those privileges will be used by Chef to
carry on the operations on behalf of the user.

Getting a Service Account key

The provider uses the JSON version of the service account key file. When in the
IAM & Admin section of the Developer Console the
administrator can retrieve a key file. Select the JSON as the key format.

The file you download is the one provided in the path property.




  • serviceaccount [preferred]
    This is the preferred method of specifying credentials, because it does not
    rely on any pre-existing system configuration that Chef can't track. You'll
    need a credential file, but you can easily manage that with a file do .. end

  • defaultuseraccount
    If you have gcloud setup you can piggyback on the account
    currently set as active for the user running Chef.

    Warning! Please be aware that the account is subject to whichever account is
    set as active on gcloud tool, so the results will not be always consistent
    if they change under Chef by the user.


The scopes your authentication request will be limited to. When executing
actions against Google Cloud Platform you should choose the minimum amount of
privileges to carry on the operations to avoid accidentally affecting other
resources. For example if I want to manage virtual machines you should request
only "Compute R/W". That way you don't accidentally modify your DNS records.

Google's Chef cookbooks for Google Cloud Platform list the scopes you can use in
their Chef Supermarket documentation page. You can alternatively look at Google
Cloud Platform documentation for the product you're interacting with.

A few examples:

<th colspan='2'>Scope</th>
<td>Compute Engine (VMs, Disks, ...)</td>
<td>Read Write</td>
<td>Cloud SQL</td>
<td>Read Write</td>
<td rowspan='2'>Cloud DNS</td>
<td>Read Only</td>
<td>Read Write</td>


If you specify the serviceaccount provider this property points to an absolute
path of the service account file (in JSON format).


0.2.0 (2018-09-04)

New features

  • Update version for supermarket release.

0.1.1 (2017-10-16)

New features

  • Added gauth_credential_serviceaccount_for_function client function.

0.1.0 (2017-10-04)

Initial release

Collaborator Number Metric

0.2.0 failed this metric

Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.

Contributing File Metric

0.2.0 passed this metric

Foodcritic Metric

0.2.0 failed this metric

FC108: Resource should not define a property named 'name': google-gauth/resources/credential.rb:25
Run with Foodcritic Version 14.0.0 with tags metadata,correctness ~FC031 ~FC045 and failure tags any

No Binaries Metric

0.2.0 passed this metric

Testing File Metric

0.2.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of, and your repo must contain a file

Version Tag Metric

0.2.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of, and your repo must include a tag that matches this cookbook version number