From d7191edcde2fbfeda37e5521ac9e04b2afe48eae Mon Sep 17 00:00:00 2001
From: John Marshall <john.marshall@populationgenomics.org.au>
Date: Mon, 27 May 2024 12:37:22 +1200
Subject: [PATCH] Implement the .../service-accounts/.../scopes endpoint in
 metadata server (#338)

---
 batch/batch/cloud/gcp/worker/metadata_server.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/batch/batch/cloud/gcp/worker/metadata_server.py b/batch/batch/cloud/gcp/worker/metadata_server.py
index 27d3410c1f7..91ad33807f6 100644
--- a/batch/batch/cloud/gcp/worker/metadata_server.py
+++ b/batch/batch/cloud/gcp/worker/metadata_server.py
@@ -50,6 +50,11 @@ async def user_email(request: web.Request):
     return web.Response(text=request.app[AppKeys.USER_CREDENTIALS].email)
 
 
+async def user_scopes(request: web.Request):
+    text = '\n'.join(request.app[AppKeys.USER_CREDENTIALS]._scopes)
+    return web.Response(text=f'{text}\n')
+
+
 async def user_token(request: web.Request):
     access_token = await request.app[AppKeys.USER_CREDENTIALS]._get_access_token()
     return web.json_response({
@@ -101,6 +106,7 @@ def create_app(
         web.get('/computeMetadata/v1/instance/service-accounts/{gsa}', user_service_account),
         web.get('/computeMetadata/v1/instance/service-accounts/{gsa}/', user_service_account),
         web.get('/computeMetadata/v1/instance/service-accounts/{gsa}/email', user_email),
+        web.get('/computeMetadata/v1/instance/service-accounts/{gsa}/scopes', user_scopes),
         web.get('/computeMetadata/v1/instance/service-accounts/{gsa}/token', user_token),
     ])