-
Notifications
You must be signed in to change notification settings - Fork 366
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
impl(oauth2): support IMDSv2 in AWS token sources #10434
impl(oauth2): support IMDSv2 in AWS token sources #10434
Conversation
This is the easiest configuration to implement for AWS token sources.
Google Cloud Build Logs
ℹ️ NOTE: Kokoro logs are linked from "Details" below. |
Codecov ReportBase: 93.89% // Head: 93.89% // Increases project coverage by
Additional details and impacted files@@ Coverage Diff @@
## main #10434 +/- ##
=======================================
Coverage 93.89% 93.89%
=======================================
Files 1612 1612
Lines 146330 146392 +62
=======================================
+ Hits 137393 137457 +64
+ Misses 8937 8935 -2
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. ☔ View full report at Codecov. |
internal::ErrorContext const& ec) { | ||
auto info = ParseExternalAccountTokenSourceAws(credentials_source, ec); | ||
if (!info) return std::move(info).status(); | ||
if (!info->imdsv2_session_token_url.empty()) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reverse test to make "success" the fall through?
Options const& opts) { | ||
return Idmsv2TokenSource(info, cf, opts); | ||
}}; | ||
} | ||
return internal::UnimplementedError("WIP", GCP_ERROR_INFO().WithContext(ec)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"WIP"?
Sorry, I just realized I misread the documentation. The IDMSv2 case is not the easy case, it is the most complicated case. Sigh... I need to close this. |
This is the easiest configuration to implement for AWS token sources.
Part of the work for #5915
This change is