-
Notifications
You must be signed in to change notification settings - Fork 107
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable GCP Authentication #289
base: master
Are you sure you want to change the base?
Conversation
Signed-off-by: Reed Kinning <[email protected]>
Implementing the same on |
Signed-off-by: Reed Kinning <[email protected]>
Hey, sorry for the late response. I don't think this PR can be accepted in the current form, the reasoning is the same as the one in concourse/concourse#3023 and Aidan's comment in #287 (comment). The tldr is that Concourse differentiates resources based on their As an alternative, I would be open to something like the current AWS flow, where the authenticated session is constructed from credentials passed in from the registry-image-resource/types.go Lines 288 to 291 in 4372334
Maybe you can do something similar by using |
@@ -95,6 +96,8 @@ type Source struct { | |||
DomainCerts []string `json:"ca_certs,omitempty"` | |||
|
|||
Debug bool `json:"debug,omitempty"` | |||
|
|||
GcpTokenSource *string `json:"gcp_token_source,omitempty"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This would also need a corresponding README change
No worries, thanks for the review @chenbh and this makes sense. Will see if we can get this to work and move this PR to a draft in the meantime. |
What is needed to get this active again? |
Fixes #280
Add a flag to source that will look for and use GCP application default credentials instead of using AWS credentials 0