Skip to content
Snippets Groups Projects
Commit 9ffc6327 authored by Pierre Smeyers's avatar Pierre Smeyers
Browse files

feat: skip GCP ADC authent when GCP_JWT is not present

Don't set GCP ADC authent when GCP_JWT is not present to preserve gitlab-ci-local with local GCP authentication
parent 21cf0fdf
Branches
Tags
No related merge requests found
......@@ -57,9 +57,11 @@ variables:
K8S_KUBECTL_IMAGE: $[[ inputs.kubectl-image ]]
.k8s-gcp-adc:
- echo "Installing GCP authentication with env GOOGLE_APPLICATION_CREDENTIALS file"
- echo $GCP_JWT > "$CI_BUILDS_DIR/.auth_token.jwt"
- |-
- |
if [[ "$GCP_JWT" ]]
then
echo "Installing GCP authentication with env GOOGLE_APPLICATION_CREDENTIALS file"
echo $GCP_JWT > "$CI_BUILDS_DIR/.auth_token.jwt"
if [[ "$ENV_TYPE" ]]
then
case "$ENV_TYPE" in
......@@ -79,7 +81,6 @@ variables:
fi
oidc_provider="${env_oidc_provider:-$GCP_OIDC_PROVIDER}"
oidc_account="${env_oidc_account:-$GCP_OIDC_ACCOUNT}"
- |-
cat << EOF > "$CI_BUILDS_DIR/google_application_credentials.json"
{
"type": "external_account",
......@@ -92,7 +93,10 @@ variables:
"service_account_impersonation_url": "https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/${oidc_account}:generateAccessToken"
}
EOF
- export GOOGLE_APPLICATION_CREDENTIALS="$CI_BUILDS_DIR/google_application_credentials.json"
export GOOGLE_APPLICATION_CREDENTIALS="$CI_BUILDS_DIR/google_application_credentials.json"
else
echo '[WARN] $GCP_JWT is not set: cannot setup Application Default Credentials (ADC) authentication'
fi
.k8s-deploy:
id_tokens:
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment