Implement binding to Google Drive API to retrieve readonly docs

The source of real CVE information will be from a read-only document in Google Drive. We will need an API key for this information to be retrieved associated with our EF Google Drive. This information will be in CSV format and should be cached for at least an hour on retrieval.

This information will contain sensitive CVE data that should not be revealed to the public at least in phase 1. Only CVEs with the status Completed should be available to the API.

added statetodo label

assigned to @malowe

added statewip label and removed statetodo label

@mbarbero I've started the implementation of this, and have the binding working locally, in that it is properly calling Google and authenticating, but the service account we are using doesn't have access to the document. This is due to the fact that the account exists outside of our organization to protect us from potential leaks from too much access. We can theoretically use domain-wide delegation, but that's a bit of a sledgehammer, and group access is also not recommended. I tried to grant the service account access through invite but I don't think I have permissions to do so. If you want to take a crack at adding them, the email address for the account is eclipsefdn-cve-api@eclipsefdn-cve-api.iam.gserviceaccount.com

Let me know how you want to move forward.

The service account you created is attached to which account?

Its not associated to an account from what I can tell. I've added you as an owner on the project in the Google Cloud dashboard https://console.cloud.google.com/iam-admin/iam?project=eclipsefdn-cve-api.

@malowe I agree that domain-wide delegation is a bit of a sledgehammer. My understanding this would grant the account full access to all documents in Google Drive.

I don't have write access to the spreadsheet so I can't add any new users. @mbarbero Is it possible for you to add the service account as a viewer to see if this unblocks us, please?

Done

Thanks @mbarbero

@malowe let us know if that did the trick for you..

mentioned in merge request !6 (merged)

added stateblock label and removed statewip label

added statereview label and removed stateblock label

mentioned in commit 22020721

mentioned in commit 52ebc696

added statedone label and removed statereview label

Merged, complete

closed