Skip to content

PBM-1728 Support workload federation for OCI#1321

Merged
jcechace merged 4 commits into
percona:devfrom
jcechace:PBM-1728-oci-wif
May 21, 2026
Merged

PBM-1728 Support workload federation for OCI#1321
jcechace merged 4 commits into
percona:devfrom
jcechace:PBM-1728-oci-wif

Conversation

@jcechace
Copy link
Copy Markdown
Collaborator

@jcechace jcechace commented May 20, 2026
edited
Loading

ticket: https://perconadev.atlassian.net/browse/PBM-1728
related to: #1318

  • Adds support for instance principal auth
  • Adds support for OKE workload identity
  • Credentials shape changed to accommodate the different types of authentication

Example configuration

storage:
  type: oci
  oci:
    region: eu-frankfurt-1
    namespace: idvufsl0apl6
    bucket: pbm-test-jakub
    prefix: pbm
    maxObjSizeGB: 1
    retryer:
      maxAttempts: 15
      maxBackoff: 180s
    credentials:
      type: userPrincipal # instancePrincipal | okeWorkloadIdentity
      userPrincipal:
        tenancy: ocid1.tenancy.oc1..xxx
        user: ocid1.user.oc1..yyy
        fingerprint: e0:a8:24:e5:f6:b8:6e:...
        privateKey: |
          -----BEGIN PRIVATE KEY-----

          ...
          -----END PRIVATE KEY-----

@jcechace jcechace marked this pull request as ready for review May 20, 2026 20:16
@jcechace jcechace requested a review from boris-ilijic as a code owner May 20, 2026 20:16
boris-ilijic
boris-ilijic previously approved these changes May 21, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@boris-ilijic boris-ilijic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, there are 2 additional things:

  • pbm-conf-reference.yml needs to be updated :)
  • I'd include full oci config within PR description as example (it handy to copy-paste it from PR when you need it)

@jcechace jcechace requested a review from boris-ilijic May 21, 2026 10:51
@jcechace jcechace merged commit 0ce97b6 into percona:dev May 21, 2026
23 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@boris-ilijic boris-ilijic boris-ilijic approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jcechace @boris-ilijic