Feat : clasp login with service account

[Identity-labs]

(Note: Non-breaking issues are likely not to be prioritized. Please consider a PR in addition to your issue)

Expected Behavior

Login with clasp with service account key

Actual Behavior

Logging in locally…

Authorizing with the following scopes:
https://www.googleapis.com/auth/userinfo.email
https://www.googleapis.com/auth/script.external_request
https://www.googleapis.com/auth/script.webapp.deploy

NOTE: The full list of scopes your project may need can be found at script.google.com under:
File > Project Properties > Scopes

Error retrieving access token: TypeError: Cannot destructure property 'client_id' of 'options.creds.installed' as it is undefined.

Steps to Reproduce the Problem

1. Create service account into GCP
2. Generate keys & download it
3. npx @google/clasp login --creds generated-key.json

Specifications

• Node version (node -v): v14.21.1
• Version (clasp -v): 2.3.1 or 2.4.2
• OS (Mac/Linux/Windows): Mac or Linux

[sqrrrl]

Looks sort of possible, but with some caveats.

Apps script API works with service accounts if the script is owned by a user and shared with the service account. However, a service account can not own the script itself nor enable use of the Apps Script API, so some commands like create & run won't work using service account credentials. Still need to check if version & deploy work.

But if the goal is to lock down CI, it may be viable as only a handful of commands need to work. And since scripts would have to be explicitly shared with the service account, it would help limit access.