Improbable Icon

SpatialOS Discourse Forums

Continuous integration authentication

Using a CI pipeline with runners like gitlab you probably have a lot of schell scripts doing your build and deployment work. I managed to automate my build and deployment process (manual triggered and nightly) with gitlab runner, unreal buildtools and spatial CLI so far.
But as the spatial CLI needs auth from the userspace, I have to run the runner in userspace… I can’t install as windows service. And I have to do the auth every day.
Is there a way I donät see (other then implementing my CI scripts as binaries in C# with the SDK?)

Please implement a way to use authentication like your service accounts with tokens valid for up to 90 days you can send to cli commands via argument. Would make CI so much easier to handle.

Thanks :wink: And keep up the good work.

Hi @cmdrsabre,

It is already possible to create service account tokens with configurable lifetimes and you can pass the tokens to commands as arguments as they’re simply strings.

Please see this example of using the PlatformSDK to generate service account tokens and let me know if you had any other questions or issues implementing them.


So you say you can use these accounts even with the spatial CLI commands and not only the API? Because I know them, but I need to be able to use them with the CLI commands.

e.g.
spatial cloud upload <assembly name>

Hey @cmdrsabre,

You can save the token to a file in the folder of the CI user which will then allow you to use the CLI commands without re-auth’ing.

# Windows
C:\Users\<username>\AppData\Local\.improbable\oauth2\oauth2_refresh_token\

# Mac/Linux
~/.improbable/oauth2/oauth2_refresh_token 

Not ideal, as CI is running as a service, but
C:\WINDOWS\System32\config\systemprofile\AppData\Local\.improbable\oauth2\oauth_refresh_token
did the trick.

So thanks a lot :slight_smile:

Glad that unblocked you for now!

I’ll let the team know that it would be nice to be able to have a flag for this.