New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
cloud-auth: implement gcp(user-managed-service-account()) #4755
cloud-auth: implement gcp(user-managed-service-account()) #4755
Conversation
This Pull Request introduces config grammar changessyslog-ng/2bbd52018ef8e991796f243337806eb7259d9730 -> alltilla/cloud-auth-gcp-user-managed-service-account --- a/destination
+++ b/destination
http(
cloud-auth(
gcp(
+ user-managed-service-account(
+ <empty>
+ metadata-url(<string>)
+ name(<string>)
+ )
)
)
)
|
https://cloud.google.com/compute/docs/access/authenticate-workloads#curl Signed-off-by: Attila Szakacs <attila.szakacs@axoflow.com>
7a6649b
to
8ca8d16
Compare
The Mac build fails, but strangely it uses ivykis from the system not from the submodule, where some of the fixes would be. I am also puzzled why it does not find the picojson symbol, which it finds on all three other combinations (automake with both clang/gcc, and cmake with clang works, cmake with gcc does not). That symbol is coming from a header only lib which has the symbol on my system. |
Signed-off-by: Attila Szakacs <attila.szakacs@axoflow.com>
8ca8d16
to
45b7498
Compare
According to http://demangler.com/ The missing symbol The I'll just get a |
Signed-off-by: Attila Szakacs <attila.szakacs@axoflow.com>
Signed-off-by: Attila Szakacs <attila.szakacs@axoflow.com>
Signed-off-by: Attila Szakacs <attila.szakacs@axoflow.com>
This is not performance critical so I am fine with using double here. |
syslog-ng/syslog-ng#4755 added a `name` keyword that cause confusion for our simle script. Ensure we are processing an actual `{"name": "string"}` and not somthing like `{"name": {...}}` to find keywords.
The configure.ac should not longer automaticially enable cloud-auth, similar to enable_http, a check for curl should be done here. |
Announcement: - https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.4.0 - https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.5.0 - https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.6.0 - https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.7.0 - https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.7.1 Bump info: - sha256 update for COPYING: syslog-ng/syslog-ng@52e9e10 - json-c is now a hard-dependency: syslog-ng/syslog-ng@d9220c7 - enable-cloud-auth requires curl syslog-ng/syslog-ng#4755 - 0001-fix-build-on-uclibc.patch upstream: buytenh/ivykis@5100a11 and syslog-ng/syslog-ng@468df07 - 0002-lib-transport-tls-context.c-fix-libressl-build.patch upstream: syslog-ng/syslog-ng@065c09c Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
Announcement: - https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.4.0 - https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.5.0 - https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.6.0 - https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.7.0 - https://github.com/syslog-ng/syslog-ng/releases/tag/syslog-ng-4.7.1 Bump info: - sha256 update for COPYING: syslog-ng/syslog-ng@52e9e10 - json-c is now a hard-dependency: syslog-ng/syslog-ng@d9220c7 - enable-cloud-auth requires curl syslog-ng/syslog-ng#4755 - 0001-fix-build-on-uclibc.patch upstream: buytenh/ivykis@5100a11 and syslog-ng/syslog-ng@468df07 - 0002-lib-transport-tls-context.c-fix-libressl-build.patch upstream: syslog-ng/syslog-ng@065c09c Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This authentication method can be used on VMs in GCP to use the linked service.
Example minimal config, which tries to use the "default" service account:
Full config:
This authentication method is extremely useful with syslog-ng's
google-pubsub()
destination,when it is running on VMs in GCP, for example:
For more info about this GCP authentication method, see: