-
Notifications
You must be signed in to change notification settings - Fork 366
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
impl(oauth2): building blocks for AWS external accounts #10439
impl(oauth2): building blocks for AWS external accounts #10439
Conversation
Google Cloud Build Logs
ℹ️ NOTE: Kokoro logs are linked from "Details" below. |
Codecov ReportBase: 93.86% // Head: 93.86% // Increases project coverage by
Additional details and impacted files@@ Coverage Diff @@
## main #10439 +/- ##
========================================
Coverage 93.86% 93.86%
========================================
Files 1612 1612
Lines 146356 146640 +284
========================================
+ Hits 137370 137647 +277
- Misses 8986 8993 +7
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. ☔ View full report at Codecov. |
auto role = GetMetadata(info.url, metadata_token, cf, opts); | ||
if (!role) return std::move(role).status(); | ||
auto path = info.url; | ||
if (path.back() != '/') path.push_back('/'); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we need check path.empty()
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am going to leave this as-is for now. This will only be used with an info
initialized with ParseExternalAccountTokenSourceAws()
and I will be adding some code to prevent empty url
values to that function.
cb3c18f
to
8c8e147
Compare
Google Cloud Build Logs
ℹ️ NOTE: Kokoro logs are linked from "Details" below. |
As with the other external accounts, we need to build a subject token for AWS external accounts. Building this subject token requires obtaining a number of pieces of information. These can be found on environment variables or via the VM's metadata service. The functions to get them are complex enough that they deserve their own tests.
8c8e147
to
dae9615
Compare
Google Cloud Build Logs
ℹ️ NOTE: Kokoro logs are linked from "Details" below. |
As with the other external accounts, we need to build a subject token for AWS external accounts. Building this subject token requires obtaining a number of pieces of information. These can be found on environment variables or via the VM's metadata service. The functions to get them are complex enough that they deserve their own tests.
Part of the work for #5915
This change is