From bb853e8cd546530476aad080f8e985a3d7d41266 Mon Sep 17 00:00:00 2001
From: Github Actions <4399427+kferrone@users.noreply.github.com>
Date: Tue, 3 Dec 2024 15:21:06 -0700
Subject: [PATCH 1/3] new gcp jit command

---
 CHANGELOG.md              |  6 ++++++
 src/duplo_resource/jit.py | 41 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 47 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f610057..f0a69e7 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,8 +7,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+### Added
+
+- gcp jit command with example cli usage
+
 ## [0.2.40] - 2024-11-21
 
+### Fixed
+
   - Removed potential cyclic dependencies in `docker-compose.yaml` by explicitly defining inherited sections
   
 ## [0.2.39] - 2024-11-12
diff --git a/src/duplo_resource/jit.py b/src/duplo_resource/jit.py
index 844082b..1992dd2 100644
--- a/src/duplo_resource/jit.py
+++ b/src/duplo_resource/jit.py
@@ -47,6 +47,47 @@ def token(self) -> dict:
       token: The JWT token.
     """
     return {"token": self.duplo.token}
+  
+  @Command()
+  def gcp(self, nocache: bool = None) -> dict:
+    """GCP Access Token
+    
+    Get the GCP JWT token for the current user. This is the token that is used to authenticate with the GCP API. 
+
+    Example: Using for gcloud cli access
+      Here is how to set the needed enviornment variables for the gcloud cli.
+
+      ```sh
+      for i in $(duploctl jit gcp -q '{CLOUDSDK_AUTH_ACCESS_TOKEN: Token, CLOUDSDK_CORE_PROJECT: ProjectId}' -o env); do export $i; done
+      ```
+
+    Usage:  
+      ```sh
+      duploctl jit gcp
+      ```
+
+    Returns:
+      token: The GCP JWT token.
+    """
+    k = self.duplo.cache_key_for("gcp-creds")
+    nc = nocache if nocache is not None else self.duplo.nocache
+    t = self.duplo.load("tenant")
+    tenant = t.find()
+    path = f"v3/admin/google/{tenant['TenantId']}/apiToken"
+    # try and get those creds
+    try:
+      if nc:
+        sts = self.duplo.get(path).json()
+      else:
+        sts = self.duplo.get_cached_item(k)
+        if self.duplo.expired(sts.get("Expiration", None)):
+          raise DuploExpiredCache(k)
+    except DuploExpiredCache:
+      sts = self.duplo.get(path).json()
+      if "Expiration" not in sts:
+        sts["Expiration"] = self.duplo.expiration()
+      self.duplo.set_cached_item(k, sts)
+    return sts
 
   @Command()
   def aws(self, nocache: bool = None) -> dict:

From 0c5b31a9cd0de491bf20f25f0a606943d6f4079c Mon Sep 17 00:00:00 2001
From: Kelly Ferrone <4399427+kferrone@users.noreply.github.com>
Date: Tue, 3 Dec 2024 15:37:15 -0700
Subject: [PATCH 2/3] Update src/duplo_resource/jit.py

typo

Co-authored-by: qodo-merge-pro[bot] <151058649+qodo-merge-pro[bot]@users.noreply.github.com>
---
 src/duplo_resource/jit.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/duplo_resource/jit.py b/src/duplo_resource/jit.py
index 1992dd2..f6f1a48 100644
--- a/src/duplo_resource/jit.py
+++ b/src/duplo_resource/jit.py
@@ -55,7 +55,7 @@ def gcp(self, nocache: bool = None) -> dict:
     Get the GCP JWT token for the current user. This is the token that is used to authenticate with the GCP API. 
 
     Example: Using for gcloud cli access
-      Here is how to set the needed enviornment variables for the gcloud cli.
+      Here is how to set the needed environment variables for the gcloud cli.
 
       ```sh
       for i in $(duploctl jit gcp -q '{CLOUDSDK_AUTH_ACCESS_TOKEN: Token, CLOUDSDK_CORE_PROJECT: ProjectId}' -o env); do export $i; done

From 2513df9d7b6b0ae1d286dfef70f944badc1eb628 Mon Sep 17 00:00:00 2001
From: Github Actions <4399427+kferrone@users.noreply.github.com>
Date: Fri, 6 Dec 2024 08:25:38 -0700
Subject: [PATCH 3/3] docs

---
 src/duplo_resource/jit.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/duplo_resource/jit.py b/src/duplo_resource/jit.py
index f6f1a48..4839938 100644
--- a/src/duplo_resource/jit.py
+++ b/src/duplo_resource/jit.py
@@ -52,7 +52,7 @@ def token(self) -> dict:
   def gcp(self, nocache: bool = None) -> dict:
     """GCP Access Token
     
-    Get the GCP JWT token for the current user. This is the token that is used to authenticate with the GCP API. 
+    Get the GCP JWT token for the current user. This is the token that is used to authenticate with the GCP API. You must be an admin to use this feature.  
 
     Example: Using for gcloud cli access
       Here is how to set the needed environment variables for the gcloud cli.