Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-73003

Login using Google Service Account from metadata

      I would like the possibility to use metadata server to authenticate on a distant kubernetes cluster.

      Jenkins is running certain pipelines on to a distant kubernetes cluster. To this day I use a private key generated from the SA in GCP.
      But because jenkins is already running on a gke instance I would prefer to use directly the metadata server to get the token.
      From a security point of view I don't like to have a json key of my SA and the google-oauth-plugin already provides the metadata service.

      Is there any way we can have the option to use "Google Service Account from metadata" for k8s authentification ?

          [JENKINS-73003] Login using Google Service Account from metadata

          gfdsa added a comment -

          7 months later ...
          we use it
          https://plugins.jenkins.io/google-oauth-plugin/
          then create the credentials from metadata and pass it's id to kubernetes cloud config
          works fine most of the time
           

          gfdsa added a comment - 7 months later ... we use it https://plugins.jenkins.io/google-oauth-plugin/ then create the credentials from metadata and pass it's id to kubernetes cloud config works fine most of the time  

            Unassigned Unassigned
            max_c Maxime
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: