IamToken as alternative for OAuthToken

.nvmrc

@@ -0,0 +1 @@
+15

lib/provider/provider.js

@@ -6,6 +6,8 @@ const yc = require('yandex-cloud');
 const yaml = require('yaml');
 const fs = require('fs');
 const path = require('path');
+const https = require('https');
+const jose = require('node-jose');
 
 const AWS = require('aws-sdk');
 
@@ -66,7 +68,85 @@ class YandexCloudProvider {
             return;
         }
         const config = readCliConfig();
-        const session = new yc.Session({oauthToken: config.token});
+
+        let session;
+
+        if(config.token !== "undefined"){
+            session = new yc.Session({oauthToken: config.token});
+        }
+
+        if(config['service-account-key'] !== "undefined"){
+
+            const serviceAccountId = config['service-account-key']['service_account_id'];
+            const keyId = config['service-account-key']['id'];
+            const key = config['service-account-key']['private_key'];
+
+            const now = Math.floor(new Date().getTime() / 1000);
+
+            const payload = {
+                aud: "https://iam.api.cloud.yandex.net/iam/v1/tokens",
+                iss: serviceAccountId,
+                iat: now,
+                exp: now + 3600
+            };
+
+            let JWKBaseKeyObject = await jose.JWK.asKey(key, 'pem', { kid: keyId, alg: 'PS256' });
+            let jwt = await jose.JWS.createSign({ format: 'compact' }, JWKBaseKeyObject).update(JSON.stringify(payload)).final();
+
+            const data = JSON.stringify({
+                jwt: jwt
+            });
+
+            const options = {
+                hostname: 'iam.api.cloud.yandex.net',
+                port: 443,
+                path: '/iam/v1/tokens',
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json',
+                    'Content-Length': data.length
+                }
+            }
+
+            let iamToken = await (async () => {
+
+                return new Promise(function(resolve, reject) {
+
+                    const req = https.request(options, (res) => {
+
+                        let body = '';
+
+                        res.setEncoding("utf8");
+
+                        res.on('data', chunk => {
+                            body += chunk;
+                        });
+
+                        res.on('end', () => {
+
+                            try {
+                                body = JSON.parse(body);
+                            } catch(e) {
+                                reject(e);
+                            }
+
+                            resolve(body);
+
+                        });
+
+                    });
+
+                    req.write(data);
+                    req.end();
+
+                });
+
+            })();
+
+            session = new yc.Session({iamToken: iamToken.iamToken});
+
+        }
+
         if (config.endpoint) {
             await session.setEndpoint(config.endpoint);
         }

templates/nodejs/.nvmrc

@@ -0,0 +1 @@
+15

templates/nodejs/serverless.yml

@@ -1,6 +1,6 @@
 service: yandex-cloud-nodejs
 name: yandex-cloud-template
-frameworkVersion: ">=1.1.0 <2.0.0"
+frameworkVersion: "2"
 
 provider:
   name: yandex-cloud