-
Notifications
You must be signed in to change notification settings - Fork 71
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
google-storage-sink serviceAccountKey is not required #1203
Comments
Kamelets could run even outside gcp/gke. But we could relax the requirement on serviceAccountKey as required parameter. |
It's harder than what I thought. We are enconding the service account key as base64, there is no way at this stage to have the parameter optional if we are prepeding base64 in front of it. For the moment it will stay as is. |
This greatly complicates deployment on GCP and requires keeping keyfiles around. The ADC process allows for keyfiles as well, it sounds like this implementation isn't compliant because of how the configuration is being fed in. FWIW the old connector appears to work and have the setting as optional. |
I created this on Camel core side to make it optional. https://issues.apache.org/jira/projects/CAMEL/issues/CAMEL-18802 |
The old connector was based on the pure component, the new ones have been based on Kamelet, a different concept. |
By the way, thanks for reporting problems and improvements. This is highly appreciated. I hope we could have a fix for the next camel-kamelets release. |
This will be in 0.11.0 and in ckc 3.20.0 |
Thanks for tracking this down! |
Google supports the ADC (Application Default Credentials) process for applications hosted on their platform.
https://cloud.google.com/docs/authentication/application-default-credentials
This field is not necessary unless the kamelet is running outside of GCP/GKE. You can use Workload Identity together with ADC to authenticate without a keyfile. The google libraries do this automatically.
Thanks!
The text was updated successfully, but these errors were encountered: