From 00677a1e1b3fb2c7841174df8afbc75b98dcdca0 Mon Sep 17 00:00:00 2001
From: Ayush Shah <ayush@getcollate.io>
Date: Sat, 23 Mar 2024 16:47:55 +0530
Subject: [PATCH] Fix External Account Json Schema Issue (#15671)

---
 ingestion/src/metadata/utils/credentials.py         | 13 ++++++-------
 ingestion/tests/unit/test_credentials.py            |  8 +++-----
 .../security/credentials/gcpExternalAccount.json    |  5 ++---
 3 files changed, 11 insertions(+), 15 deletions(-)

diff --git a/ingestion/src/metadata/utils/credentials.py b/ingestion/src/metadata/utils/credentials.py
index 233a5a5445e..de2767e71d6 100644
--- a/ingestion/src/metadata/utils/credentials.py
+++ b/ingestion/src/metadata/utils/credentials.py
@@ -26,7 +26,7 @@ from metadata.generated.schema.security.credentials.gcpCredentials import (
     GcpCredentialsPath,
 )
 from metadata.generated.schema.security.credentials.gcpExternalAccount import (
-    GcpCredentialsValuesExternalAccount,
+    GcpExternalAccount,
 )
 from metadata.generated.schema.security.credentials.gcpValues import (
     GcpCredentialsValues,
@@ -89,7 +89,7 @@ def create_credential_tmp_file(credentials: dict) -> str:
 
 
 def build_google_credentials_dict(
-    gcp_values: Union[GcpCredentialsValues, GcpCredentialsValuesExternalAccount]
+    gcp_values: Union[GcpCredentialsValues, GcpExternalAccount]
 ) -> Dict[str, str]:
     """
     Given GcPCredentialsValues, build a dictionary as the JSON file
@@ -97,7 +97,7 @@ def build_google_credentials_dict(
     :param gcp_values: GCP credentials
     :return: Dictionary with credentials
     """
-    if gcp_values.type == "service_account":
+    if isinstance(gcp_values, GcpCredentialsValues):
         private_key_str = gcp_values.privateKey.get_secret_value()
         # adding the replace string here to escape line break if passed from env
         private_key_str = private_key_str.replace("\\n", "\n")
@@ -115,17 +115,16 @@ def build_google_credentials_dict(
             "auth_provider_x509_cert_url": str(gcp_values.authProviderX509CertUrl),
             "client_x509_cert_url": str(gcp_values.clientX509CertUrl),
         }
-    if gcp_values.type == "external_account":
+    if isinstance(gcp_values, GcpExternalAccount):
         return {
-            "type": gcp_values.type,
+            "type": gcp_values.externalType,
             "audience": gcp_values.audience,
             "subject_token_type": gcp_values.subjectTokenType,
             "token_url": gcp_values.tokenURL,
             "credential_source": gcp_values.credentialSource,
         }
-
     raise InvalidGcpConfigException(
-        f"Error not support credential type {gcp_values.type}"
+        f"Error trying to build GCP credentials dict due to Invalid GCP config {type(gcp_values)}"
     )
 
 
diff --git a/ingestion/tests/unit/test_credentials.py b/ingestion/tests/unit/test_credentials.py
index fdb17152eb3..ff385d814f5 100644
--- a/ingestion/tests/unit/test_credentials.py
+++ b/ingestion/tests/unit/test_credentials.py
@@ -16,7 +16,7 @@ from unittest import TestCase
 from pydantic import SecretStr
 
 from metadata.generated.schema.security.credentials.gcpExternalAccount import (
-    GcpCredentialsValuesExternalAccount,
+    GcpExternalAccount,
 )
 from metadata.generated.schema.security.credentials.gcpValues import (
     GcpCredentialsValues,
@@ -90,8 +90,8 @@ VEhPQF0i0tUU7Fl071hcYaiQoZx4nIjN+NG6p5QKbl6k
         """
         Check how we can validate GCS values
         """
-        gcp_values = GcpCredentialsValuesExternalAccount(
-            type="external_account",
+        gcp_values = GcpExternalAccount(
+            externalType="external_account",
             audience="audience",
             subjectTokenType="subject_token_type",
             tokenURL="token_url",
@@ -106,6 +106,4 @@ VEhPQF0i0tUU7Fl071hcYaiQoZx4nIjN+NG6p5QKbl6k
             "credential_source": {"environmentId": "environment_id"},
         }
 
-        build_google_credentials_dict(gcp_values)
-
         self.assertEqual(expected_dict, build_google_credentials_dict(gcp_values))
diff --git a/openmetadata-spec/src/main/resources/json/schema/security/credentials/gcpExternalAccount.json b/openmetadata-spec/src/main/resources/json/schema/security/credentials/gcpExternalAccount.json
index b02de0303cd..37ac0397a1f 100644
--- a/openmetadata-spec/src/main/resources/json/schema/security/credentials/gcpExternalAccount.json
+++ b/openmetadata-spec/src/main/resources/json/schema/security/credentials/gcpExternalAccount.json
@@ -3,11 +3,10 @@
   "$schema": "http://json-schema.org/draft-07/schema#",
   "type": "object",
   "javaType": "org.openmetadata.schema.security.credentials.GCPExternalAccount",
-  "title": "GCP Credentials Values ( External Account )",
+  "title": "GCP External Account",
   "description": "Pass the raw credential values provided by GCP",
-  "definitions": {},
   "properties": {
-    "type": {
+    "externalType": {
       "title": "Credentials Type",
       "description": "Google Cloud Platform account type.",
       "type": "string",