Implement service account key authentication dns_gcloud.sh

[acazacu]

A comprehensive description of what this pull request changes can be read here: https://github.com/acmesh-official/acme.sh/issues/3531.

Once merged, the wiki should be updated to reflect the added functionality.

[jmcombs]

Can we please merge this PR into the master?

[Neilpang]

Is this change compatible with the existing acme.sh users? I mean the existing certs can renew without any changes?

[jmcombs]

Is this change compatible with the existing acme.sh users? I mean the existing certs can renew without any changes?

So, I actually have the existing dnsapi_gcloud implementation working with service account credentials. I figured this out after I posted my comment above so, to me, this PR is moot. I am happy to update the documentation on the Wiki for how to use a service account however, I don't think Wiki pages on Github allow me to submit a PR to do so. So, let me know how you'd like the updated instructions for https://github.com/acmesh-official/acme.sh/wiki/dnsapi#49-use-google-cloud-dns-api-to-automatically-issue-cert and I can provide them.

[typytypytypy]

@jmcombs would you mind putting some documentation in this issue until they update the wiki? Would be very helpful :-)

[typytypytypy]

@acazacu were you able to find a workaround to get dns_gcloud working with pfsense?

[jmcombs]

@typytypytypy I wanted to keep running acme.sh in Docker so I created and published a container that runs the Google Cloud SDK and acme.sh. It and the instructions on how to use it with service accounts are on Docker jmcombs/acme.sh-gcloud. GitHub repo is https://github.com/jmcombs/acme.sh-gcloud. Those instructions can be used for doing this with local installs of acme.sh and gcloud SDK. I hope that helps.

[acazacu]

@acazacu were you able to find a workaround to get dns_gcloud working with pfsense?

Yes, after spending one year looking at this stale PR, I found Cloudflare!