-
New Feature
-
Resolution: Unresolved
-
Minor
I would like the possibility to use metadata server to authenticate on a distant kubernetes cluster.
Jenkins is running certain pipelines on to a distant kubernetes cluster. To this day I use a private key generated from the SA in GCP.
But because jenkins is already running on a gke instance I would prefer to use directly the metadata server to get the token.
From a security point of view I don't like to have a json key of my SA and the google-oauth-plugin already provides the metadata service.
Is there any way we can have the option to use "Google Service Account from metadata" for k8s authentification ?
7 months later ...
we use it
https://plugins.jenkins.io/google-oauth-plugin/
then create the credentials from metadata and pass it's id to kubernetes cloud config
works fine most of the time