Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(storage): SA credentials default to self-signed JWTs #9629

Merged
merged 1 commit into from
Aug 4, 2022
Merged

feat(storage): SA credentials default to self-signed JWTs #9629

merged 1 commit into from
Aug 4, 2022

Conversation

coryan
Copy link
Contributor

@coryan coryan commented Aug 4, 2022
edited
Loading

Change the default implementation of SA (Service Account) credentials to
use self-signed JWTs by default. Applications can disable this
by setting the GOOGLE_CLOUD_CPP_EXPERIMENTAL_DISABLE_SELF_SIGNED_JWT
environment variable (to any value).

Fixes #7674

This change is Reviewable

@coryan
feat(storage): SA credentials default to self-signed JWTs
1fd7c0c 
Change the default implementation of SA (Service Account) credentials to
use self-signed JWTs by default.  Applications can disable this
by setting the `GOOGLE_CLOUD_CPP_EXPERIMENTAL_DISABLE_SELF_SIGNED_JWT`
environment variable (to any value).
@product-auto-label product-auto-label bot added the api: storage Issues related to the Cloud Storage API. label Aug 4, 2022
@google-cloud-cpp-bot
Copy link
Collaborator

Google Cloud Build Logs
For commit: 1fd7c0ce8c2a29a472cd0ef5566722b50a5dd5fd

ℹ️ NOTE: Kokoro logs are linked from "Details" below.

@codecov
Copy link

codecov bot commented Aug 4, 2022
edited
Loading

Codecov Report

Merging #9629 (1fd7c0c) into main (7feb6df) will decrease coverage by 0.00%.
The diff coverage is 97.08%.

@@            Coverage Diff             @@
##             main    #9629      +/-   ##
==========================================
- Coverage   94.34%   94.34%   -0.01%     
==========================================
  Files        1488     1488              
  Lines      138155   138280     +125     
==========================================
+ Hits       130344   130461     +117     
- Misses       7811     7819       +8
Impacted Files Coverage Δ
...storage/oauth2/service_account_credentials_test.cc 97.44% <96.39%> (-0.36%) ⬇️
...loud/storage/oauth2/service_account_credentials.cc 91.08% <100.00%> (+0.94%) ⬆️
...cloud/storage/oauth2/service_account_credentials.h 100.00% <100.00%> (ø)
...e/cloud/pubsublite/internal/alarm_registry_impl.cc 97.05% <0.00%> (-2.95%) ⬇️
...loud/bigtable/internal/connection_refresh_state.cc 95.83% <0.00%> (-2.78%) ⬇️
google/cloud/bigtable/async_read_stream_test.cc 97.32% <0.00%> (-0.67%) ⬇️
google/cloud/pubsub/samples/samples.cc 90.70% <0.00%> (-0.08%) ⬇️
...cloud/pubsub/internal/subscription_session_test.cc 98.15% <0.00%> (+0.16%) ⬆️
...le/cloud/internal/default_completion_queue_impl.cc 97.15% <0.00%> (+0.56%) ⬆️
...integration_tests/schema_admin_integration_test.cc 100.00% <0.00%> (+1.11%) ⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

@coryan coryan marked this pull request as ready for review August 4, 2022 02:26
@coryan coryan requested a review from a team as a code owner August 4, 2022 02:26
scotthart
scotthart approved these changes Aug 4, 2022
View reviewed changes
Copy link
Member

@scotthart scotthart left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed 3 of 3 files at r1, all commit messages.
Reviewable status: :shipit: complete! all files reviewed, all discussions resolved (waiting on @coryan)

@coryan coryan merged commit 11b1783 into googleapis:main Aug 4, 2022
@coryan coryan deleted the feat-storage-use-self-signed-JWT branch August 4, 2022 12:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@scotthart scotthart scotthart approved these changes

Assignees
No one assigned
Labels
api: storage Issues related to the Cloud Storage API.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Working on VPC-SC environments requires self-signed JWTs
3 participants
@coryan @google-cloud-cpp-bot @scotthart