CORS-4513: GCP: Use WithAuthCredentialsJSON when Possible#171
Conversation
Prior to this commit, using a GCP Service Account with a Key failed in scenarios where an alternate UNIVERSE_DOMAIN is needed. The GCP SDK codepath for WithAuthCredentialsJSON will correctly determine the Universe Domain, so we should call that whenever our credentials contain the private key.
Add unit tests to verify the credentialOption function correctly: - Uses WithAuthCredentialsJSON when credentials contain a type field - Falls back to CredentialsFromJSON for credentials without type - Handles invalid JSON and empty credentials - Supports both service_account and authorized_user credential types
|
@barbacbd: This pull request references CORS-4513 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the task to target the "5.0.0" version, but no target version was set. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
WalkthroughA ChangesGCP Credential Option and Dependency Updates
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes 🚥 Pre-merge checks | ✅ 13 | ❌ 2❌ Failed checks (1 warning, 1 inconclusive)
✅ Passed checks (13 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
There was a problem hiding this comment.
🧹 Nitpick comments (3)
pkg/cloud/gcp/actuators/services/tags/tagservice.go (2)
27-47: 💤 Low valueConsider extracting shared
credentialOptionlogic.The
credentialOptionfunction is duplicated between compute and tag services. Since both useCloudPlatformScope(same value), this could be extracted to a shared utility inpkg/cloud/gcp/actuators/util/. However, keeping it in each package maintains isolation if scopes diverge in the future.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@pkg/cloud/gcp/actuators/services/tags/tagservice.go` around lines 27 - 47, The credentialOption function is duplicated across compute and tag services. Since both services use the same CloudPlatformScope value, extract the credentialOption function to a shared utility module in pkg/cloud/gcp/actuators/util/ and import it in both services to eliminate the duplication. Update both the tag service and compute service to call this shared utility function instead of maintaining separate copies of the same logic.
41-46: ⚡ Quick winWrap error with context before returning.
Same as the compute service: the error from
google.CredentialsFromJSONshould include context for easier debugging.♻️ Suggested fix
creds, err := google.CredentialsFromJSON(ctx, credJSON, tags.CloudPlatformScope) if err != nil { - return nil, err + return nil, fmt.Errorf("failed to create credentials from JSON: %w", err) }🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@pkg/cloud/gcp/actuators/services/tags/tagservice.go` around lines 41 - 46, The error returned from google.CredentialsFromJSON in the fallback credentials block is being returned directly without context wrapping. Wrap the error with contextual information using an error wrapping function to provide additional context about what failed (such as indicating this was a fallback credential creation attempt). This should follow the same pattern used in the compute service for consistent error handling and easier debugging.pkg/cloud/gcp/actuators/services/compute/computeservice.go (1)
65-68: ⚡ Quick winWrap error with context before returning.
Per project guidelines, errors should be wrapped with context. The error from
google.CredentialsFromJSONis returned without additional context describing where the failure occurred.♻️ Suggested fix
creds, err := google.CredentialsFromJSON(ctx, credJSON, compute.CloudPlatformScope) if err != nil { - return nil, err + return nil, fmt.Errorf("failed to create credentials from JSON: %w", err) }🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@pkg/cloud/gcp/actuators/services/compute/computeservice.go` around lines 65 - 68, The error returned from the google.CredentialsFromJSON call lacks contextual information about the failure. Wrap the error with additional context before returning it by using an error wrapping mechanism (such as fmt.Errorf with the %w verb in Go) to provide a descriptive message indicating that the failure occurred during credential initialization from JSON. This helps with debugging by making it clear where in the flow the error originated.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Nitpick comments:
In `@pkg/cloud/gcp/actuators/services/compute/computeservice.go`:
- Around line 65-68: The error returned from the google.CredentialsFromJSON call
lacks contextual information about the failure. Wrap the error with additional
context before returning it by using an error wrapping mechanism (such as
fmt.Errorf with the %w verb in Go) to provide a descriptive message indicating
that the failure occurred during credential initialization from JSON. This helps
with debugging by making it clear where in the flow the error originated.
In `@pkg/cloud/gcp/actuators/services/tags/tagservice.go`:
- Around line 27-47: The credentialOption function is duplicated across compute
and tag services. Since both services use the same CloudPlatformScope value,
extract the credentialOption function to a shared utility module in
pkg/cloud/gcp/actuators/util/ and import it in both services to eliminate the
duplication. Update both the tag service and compute service to call this shared
utility function instead of maintaining separate copies of the same logic.
- Around line 41-46: The error returned from google.CredentialsFromJSON in the
fallback credentials block is being returned directly without context wrapping.
Wrap the error with contextual information using an error wrapping function to
provide additional context about what failed (such as indicating this was a
fallback credential creation attempt). This should follow the same pattern used
in the compute service for consistent error handling and easier debugging.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: b53d9e6f-fb0a-4877-9ae9-c750543bc4e6
⛔ Files ignored due to path filters (294)
go.sumis excluded by!**/*.sumvendor/cloud.google.com/go/auth/CHANGES.mdis excluded by!**/vendor/**,!vendor/**vendor/cloud.google.com/go/auth/credentials/detect.gois excluded by!**/vendor/**,!vendor/**vendor/cloud.google.com/go/auth/credentials/filetypes.gois excluded by!**/vendor/**,!vendor/**vendor/cloud.google.com/go/auth/credentials/internal/gdch/gdch.gois excluded by!**/vendor/**,!vendor/**vendor/cloud.google.com/go/auth/httptransport/httptransport.gois excluded by!**/vendor/**,!vendor/**vendor/cloud.google.com/go/auth/httptransport/transport.gois excluded by!**/vendor/**,!vendor/**vendor/cloud.google.com/go/auth/internal/credsfile/credsfile.gois excluded by!**/vendor/**,!vendor/**vendor/cloud.google.com/go/auth/internal/credsfile/filetype.gois excluded by!**/vendor/**,!vendor/**vendor/cloud.google.com/go/auth/internal/credsfile/parse.gois excluded by!**/vendor/**,!vendor/**vendor/cloud.google.com/go/auth/internal/internal.gois excluded by!**/vendor/**,!vendor/**vendor/cloud.google.com/go/auth/internal/jwt/jwt.gois excluded by!**/vendor/**,!vendor/**vendor/cloud.google.com/go/auth/internal/transport/transport.gois excluded by!**/vendor/**,!vendor/**vendor/cloud.google.com/go/auth/internal/version.gois excluded by!**/vendor/**,!vendor/**vendor/github.com/googleapis/enterprise-certificate-proxy/client/client.gois excluded by!**/vendor/**,!vendor/**vendor/github.com/googleapis/enterprise-certificate-proxy/client/util/util.gois excluded by!**/vendor/**,!vendor/**vendor/github.com/googleapis/gax-go/v2/CHANGES.mdis excluded by!**/vendor/**,!vendor/**vendor/github.com/googleapis/gax-go/v2/apierror/apierror.gois excluded by!**/vendor/**,!vendor/**vendor/github.com/googleapis/gax-go/v2/apierror/internal/proto/custom_error.pb.gois excluded by!**/*.pb.go,!**/vendor/**,!vendor/**vendor/github.com/googleapis/gax-go/v2/apierror/internal/proto/error.pb.gois excluded by!**/*.pb.go,!**/vendor/**,!vendor/**vendor/github.com/googleapis/gax-go/v2/call_option.gois excluded by!**/vendor/**,!vendor/**vendor/github.com/googleapis/gax-go/v2/callctx/callctx.gois excluded by!**/vendor/**,!vendor/**vendor/github.com/googleapis/gax-go/v2/content_type.gois excluded by!**/vendor/**,!vendor/**vendor/github.com/googleapis/gax-go/v2/feature.gois excluded by!**/vendor/**,!vendor/**vendor/github.com/googleapis/gax-go/v2/internal/version.gois excluded by!**/vendor/**,!vendor/**vendor/github.com/googleapis/gax-go/v2/invoke.gois excluded by!**/vendor/**,!vendor/**vendor/github.com/googleapis/gax-go/v2/telemetry.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/LICENSEis excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/client.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/common.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/config.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/doc.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/handler.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/request/resp_writer_wrapper.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/client.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/env.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/gen.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/httpconv.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/server.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/util.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/v1.20.0.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil/gen.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil/httpconv.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil/netconv.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/transport.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/version.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/.golangci.ymlis excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/CHANGELOG.mdis excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/CONTRIBUTING.mdis excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/Makefileis excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/README.mdis excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/RELEASING.mdis excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/attribute/encoder.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/attribute/hash.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/attribute/internal/attribute.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/attribute/kv.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/attribute/set.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/attribute/type_string.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/attribute/value.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/baggage/baggage.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/dependencies.Dockerfileis excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/internal/errorhandler/errorhandler.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/internal/global/handler.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/internal/global/instruments.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/internal/global/meter.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/internal/global/state.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/metric/asyncfloat64.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/metric/asyncint64.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/metric/meter.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/metric/noop/noop.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/metric/syncfloat64.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/metric/syncint64.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/propagation/baggage.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/propagation/trace_context.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/requirements.txtis excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/semconv/v1.20.0/README.mdis excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/semconv/v1.20.0/attribute_group.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/semconv/v1.20.0/doc.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/semconv/v1.20.0/event.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/semconv/v1.20.0/http.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/semconv/v1.20.0/resource.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/semconv/v1.20.0/trace.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/semconv/v1.26.0/README.mdis excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/semconv/v1.26.0/attribute_group.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/semconv/v1.26.0/exception.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/semconv/v1.26.0/metric.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/semconv/v1.26.0/schema.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/semconv/v1.40.0/MIGRATION.mdis excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/semconv/v1.40.0/README.mdis excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/semconv/v1.40.0/attribute_group.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/semconv/v1.40.0/doc.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/semconv/v1.40.0/error_type.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/semconv/v1.40.0/exception.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/semconv/v1.40.0/httpconv/metric.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/semconv/v1.40.0/schema.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/trace/auto.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/trace/trace.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/trace/tracestate.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/version.gois excluded by!**/vendor/**,!vendor/**vendor/go.opentelemetry.io/otel/versions.yamlis excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_amd64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_amd64.sis excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/crypto/hkdf/hkdf.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/html/entity.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/html/escape.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/html/foreign.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/html/parse.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/html/render.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/html/token.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/http2/README.mdis excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/http2/client_conn_pool.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/http2/clientconn.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/http2/config.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/http2/http2.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/http2/server.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/http2/server_common.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/http2/server_wrap.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/http2/transport.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/http2/transport_common.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/http2/transport_wrap.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/http2/writesched.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/http2/writesched_common.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/http2/writesched_priority_rfc7540.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/http2/writesched_priority_rfc9218.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/http2/writesched_random.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/http2/writesched_roundrobin.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/idna/go118.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/idna/idna.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/idna/idna9.0.0.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/idna/pre_go118.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/idna/punycode.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/idna/tables10.0.0.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/idna/tables11.0.0.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/idna/tables12.0.0.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/idna/tables13.0.0.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/idna/tables15.0.0.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/idna/tables17.0.0.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/idna/tables9.0.0.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/idna/trie12.0.0.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/idna/trie13.0.0.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/net/internal/httpcommon/request.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/oauth2/google/default.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/oauth2/google/google.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sync/errgroup/errgroup.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/cpu/asm_darwin_arm64_gc.sis excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/cpu/cpu.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/cpu/cpu_arm64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/cpu/cpu_darwin_arm64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/cpu/cpu_darwin_arm64_other.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/cpu/cpu_gccgo_arm64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/cpu/cpu_linux_riscv64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/cpu/cpu_loong64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/cpu/cpu_other_arm64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/cpu/cpu_riscv64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/cpu/cpu_windows.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/cpu/cpu_windows_arm64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/cpu/syscall_darwin_arm64_gc.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/cpu/zcpu_windows.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/plan9/syscall_plan9.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/affinity_linux.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/mkall.shis excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/mkerrors.shis excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/readv_unix.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/syscall_darwin.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/syscall_linux.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/syscall_linux_arm.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/syscall_linux_arm64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/syscall_linux_loong64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/syscall_linux_riscv64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/syscall_openbsd.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zerrors_linux.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zerrors_linux_386.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zerrors_linux_amd64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zerrors_linux_arm.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zerrors_linux_arm64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zerrors_linux_loong64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zerrors_linux_mips.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zerrors_linux_mips64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zerrors_linux_ppc.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zerrors_linux_s390x.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsyscall_linux.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.sis excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.sis excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.sis excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.sis excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.sis excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.sis excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.sis excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsysnum_linux_386.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsysnum_linux_arm.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsysnum_linux_mips.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/ztypes_linux.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/ztypes_linux_386.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/ztypes_linux_amd64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/ztypes_linux_arm.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/ztypes_linux_arm64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/ztypes_linux_loong64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/ztypes_linux_mips.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/ztypes_linux_mips64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/ztypes_linux_ppc.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/ztypes_linux_s390x.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/windows/aliases.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/windows/dll_windows.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/windows/registry/key.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/windows/security_windows.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/windows/syscall_windows.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/windows/types_windows.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/sys/windows/zsyscall_windows.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/tools/go/ast/edge/edge.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/tools/go/packages/golist.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/tools/go/packages/packages.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/tools/go/types/objectpath/objectpath.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/tools/internal/gcimporter/ureader.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/tools/internal/gocommand/version.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/tools/internal/imports/fix.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/tools/internal/imports/mod.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/tools/internal/imports/source_modindex.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/tools/internal/modindex/directories.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/tools/internal/modindex/index.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/tools/internal/modindex/lookup.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/tools/internal/modindex/modindex.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/tools/internal/modindex/symbols.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/tools/internal/pkgbits/version.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/tools/internal/typeparams/coretype.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/tools/internal/typesinternal/types.gois excluded by!**/vendor/**,!vendor/**vendor/golang.org/x/tools/internal/versions/features.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/api/cloudresourcemanager/v3/cloudresourcemanager-api.jsonis excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/api/cloudresourcemanager/v3/cloudresourcemanager-gen.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/api/compute/v1/compute-api.jsonis excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/api/compute/v1/compute-gen.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/api/compute/v1/compute2-gen.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/api/compute/v1/compute3-gen.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/api/googleapi/googleapi.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/api/internal/credentialstype/credentialstype.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/api/internal/creds.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/api/internal/gensupport/buffer.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/api/internal/gensupport/media.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/api/internal/gensupport/resumable.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/api/internal/gensupport/send.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/api/internal/settings.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/api/internal/version.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/api/option/internaloption/internaloption.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/api/option/internaloption/unsaferesolver.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/api/option/option.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/api/transport/http/dial.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/genproto/googleapis/rpc/code/code.pb.gois excluded by!**/*.pb.go,!**/vendor/**,!vendor/**vendor/google.golang.org/genproto/googleapis/rpc/errdetails/error_details.pb.gois excluded by!**/*.pb.go,!**/vendor/**,!vendor/**vendor/google.golang.org/genproto/googleapis/rpc/status/status.pb.gois excluded by!**/*.pb.go,!**/vendor/**,!vendor/**vendor/google.golang.org/grpc/clientconn.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/grpc/experimental/stats/metrics.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/grpc/internal/envconfig/envconfig.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/grpc/internal/envconfig/xds.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/grpc/internal/mem/buffer_pool.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/grpc/internal/resolver/config_selector.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/grpc/internal/transport/http2_client.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/grpc/internal/transport/http_util.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/grpc/internal/transport/readyreader/raw_conn_linux.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/grpc/internal/transport/readyreader/raw_conn_nonlinux.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/grpc/internal/transport/readyreader/ready_reader.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/grpc/internal/transport/transport.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/grpc/mem/buffer_slice.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/grpc/mem/buffers.gois excluded by!**/vendor/**,!vendor/**vendor/google.golang.org/grpc/stream.gois excluded by!**/vendor/**,!vendor/**
📒 Files selected for processing (6)
VENDORED_API_SUMMARY.mdgo.modpkg/cloud/gcp/actuators/services/compute/computeservice.gopkg/cloud/gcp/actuators/services/compute/computeservice_test.gopkg/cloud/gcp/actuators/services/tags/tagservice.gopkg/cloud/gcp/actuators/services/tags/tagservice_test.go
|
/retest |
|
@barbacbd: The following test failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
Problem
Prior to this change, using a GCP Service Account with a Key failed in scenarios where an alternate UNIVERSE_DOMAIN is needed (e.g., Google Cloud
Dedicated). The provider was using
option.WithCredentials()which does not correctly determine the Universe Domain from service account JSON.Solution
The GCP SDK codepath for
WithAuthCredentialsJSONwill correctly determine the Universe Domain, so we now call that whenever our credentialscontain a
typefield (indicating a typed credential likeservice_accountorauthorized_user).Changes
google.golang.org/apifrom v0.255.0 to v0.285.0 to get access to the newoption.WithAuthCredentialsJSONAPIcredentialOption()helper in both compute and tag services that:WithAuthCredentialsJSONwhen credentials contain a type fieldWithCredentialsfor backward compatibilityTesting
Related
Note: This change is backward compatible. Existing credentials without a
typefield will continue to work using the legacyCredentialsFromJSONcode path.Summary by CodeRabbit
New Features
Tests
Chores