Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

storage: support external_account credentials in detectDefaultGoogleAccessID #8528

Closed
tfujiwar opened this issue Sep 6, 2023 · 0 comments · Fixed by #9208
Closed

storage: support external_account credentials in detectDefaultGoogleAccessID #8528

tfujiwar opened this issue Sep 6, 2023 · 0 comments · Fixed by #9208
Assignees
@BrennaEpp
Labels
api: storage Issues related to the Cloud Storage API. type: feature request ‘Nice-to-have’ improvement, new feature or different behavior or design.

Comments

@tfujiwar
Copy link

tfujiwar commented Sep 6, 2023

Is your feature request related to a problem? Please describe.

detectDefaultGoogleAccessID can detect GoogleAccessID when the library is authenticated by GKE workload identity but it cannot when it is authenticated by workload identity federation (e.g. GitHub Actions) because the credential type is external_account.

Describe the solution you'd like

We'd like the function detectDefaultGoogleAccessID to support external_account credentials. If the service_account_impersonation_url value in the credential is available, the function should be able to extract an Email from it just like the case of impersonated_service_account credentials.

Describe alternatives you've considered

We can specify GoogleAccessID explicitly in a user code but we don't want to branch out logics depending on how the library is authenticated.
@tfujiwar tfujiwar added the triage me I really want to be triaged. label Sep 6, 2023
@product-auto-label product-auto-label bot added the api: storage Issues related to the Cloud Storage API. label Sep 6, 2023
@tritone tritone added type: feature request ‘Nice-to-have’ improvement, new feature or different behavior or design. and removed triage me I really want to be triaged. labels Sep 8, 2023
@tritone tritone assigned BrennaEpp and unassigned tritone Sep 8, 2023
@BrennaEpp BrennaEpp mentioned this issue Jan 3, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@BrennaEpp BrennaEpp

Labels
api: storage Issues related to the Cloud Storage API. type: feature request ‘Nice-to-have’ improvement, new feature or different behavior or design.
Projects
None yet
Milestone
No milestone
3 participants
@tritone @tfujiwar @BrennaEpp