Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Agent Auth with GCP to use new SignJWT endpoint #11473

Merged
merged 4 commits into from Apr 30, 2021
Merged

Update Agent Auth with GCP to use new SignJWT endpoint #11473

merged 4 commits into from Apr 30, 2021

Conversation

catsby
Copy link
Member

@catsby catsby commented Apr 26, 2021
edited

Updates Vault Agent's GCP auth to use GCP's IAM Service Account Credential endpoint for signing JWTs, as the IAM endpoint versions are deprecated. See https://cloud.google.com/iam/docs/migrating-to-credentials-api for more information on the deprecation and migration.

See also for more backstory:

@catsby catsby mentioned this pull request Apr 26, 2021
Merged
calvn
calvn reviewed Apr 27, 2021
View reviewed changes
Copy link
Member

@calvn calvn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Small nit (that would result in a slightly larger diff but ends up being less confusing), otherwise looks good.

command/agent/auth/gcp/gcp.go Outdated Show resolved Hide resolved
@calvn calvn requested a review from tvoran April 27, 2021 17:11
@vercel vercel bot temporarily deployed to Preview – vault April 28, 2021 17:21 Inactive
@vercel vercel bot temporarily deployed to Preview – vault-storybook April 28, 2021 17:21 Inactive
@vercel vercel bot temporarily deployed to Preview – vault April 29, 2021 19:26 Inactive
@vercel vercel bot temporarily deployed to Preview – vault-storybook April 29, 2021 19:26 Inactive
tvoran
tvoran reviewed Apr 29, 2021
View reviewed changes
changelog/11473.txt Outdated Show resolved Hide resolved
@catsby @tvoran
Update changelog/11473.txt
a08c499 
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
@vercel vercel bot temporarily deployed to Preview – vault-storybook April 30, 2021 15:39 Inactive
@vercel vercel bot temporarily deployed to Preview – vault April 30, 2021 15:39 Inactive
@catsby catsby merged commit 2a8c36b into master Apr 30, 2021
catsby added a commit that referenced this pull request Apr 30, 2021
@catsby @tvoran
Update Agent Auth with GCP to use new SignJWT endpoint (#11473)
f4c0958 
* Update Agent Auth with GCP to use new SignJWT endpoint

* use iamcredentials name instead of renaming the package on import

* add changelog

* Update changelog/11473.txt

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
@catsby catsby mentioned this pull request Apr 30, 2021
Merged
catsby added a commit that referenced this pull request Apr 30, 2021
@catsby @tvoran
Update Agent Auth with GCP to use new SignJWT endpoint (#11473)
0ece8c6 
* Update Agent Auth with GCP to use new SignJWT endpoint

* use iamcredentials name instead of renaming the package on import

* add changelog

* Update changelog/11473.txt

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
@catsby catsby mentioned this pull request Apr 30, 2021
Merged
catsby added a commit that referenced this pull request Apr 30, 2021
@catsby @tvoran
Update Agent Auth with GCP to use new SignJWT endpoint (#11473)
9ad1c4f 
* Update Agent Auth with GCP to use new SignJWT endpoint

* use iamcredentials name instead of renaming the package on import

* add changelog

* Update changelog/11473.txt

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
@catsby catsby mentioned this pull request Apr 30, 2021
Merged
@catsby catsby deleted the agent-update-signjwt branch May 3, 2021 13:45
austingebauer pushed a commit that referenced this pull request May 4, 2021
@catsby
Update Agent Auth with GCP to use new SignJWT endpoint (#11473) (#11509)
09743d4
@hc-github-team-waypoint hc-github-team-waypoint mentioned this pull request May 6, 2021
Merged
austingebauer pushed a commit that referenced this pull request May 6, 2021
@catsby
Update Agent Auth with GCP to use new SignJWT endpoint (#11473) (#11508)
3ad0987
calvn pushed a commit that referenced this pull request May 7, 2021
@catsby @tvoran @austingebauer
Update Agent Auth with GCP to use new SignJWT endpoint (#11473) (#11510)
a841e05 
* Update Agent Auth with GCP to use new SignJWT endpoint

* use iamcredentials name instead of renaming the package on import

* add changelog

* Update changelog/11473.txt

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
@austingebauer austingebauer mentioned this pull request May 7, 2021
Merged
AndreyZamyslov pushed a commit to yandex-cloud/vault that referenced this pull request Jun 10, 2021
@catsby @tvoran @AndreyZamyslov
Update Agent Auth with GCP to use new SignJWT endpoint (hashicorp#11473)
7e0b50c 
* Update Agent Auth with GCP to use new SignJWT endpoint

* use iamcredentials name instead of renaming the package on import

* add changelog

* Update changelog/11473.txt

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
jartek pushed a commit to jartek/vault that referenced this pull request Sep 11, 2021
@catsby @tvoran @jartek
Update Agent Auth with GCP to use new SignJWT endpoint (hashicorp#11473)
b022cc8 
* Update Agent Auth with GCP to use new SignJWT endpoint

* use iamcredentials name instead of renaming the package on import

* add changelog

* Update changelog/11473.txt

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
This was referenced Sep 13, 2021
Open
Open
@snyk-bot snyk-bot mentioned this pull request Jan 17, 2022
Open
@snyk-bot snyk-bot mentioned this pull request Mar 13, 2022
Open
@snyk-bot snyk-bot mentioned this pull request Jul 15, 2022
Open
@snyk-bot snyk-bot mentioned this pull request Dec 23, 2022
Open
@0xtbt 0xtbt mentioned this pull request Mar 22, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tvoran tvoran tvoran approved these changes

@calvn calvn calvn approved these changes

@austingebauer austingebauer austingebauer approved these changes

@pcman312 pcman312 Awaiting requested review from pcman312

@Valarissa Valarissa Awaiting requested review from Valarissa

Assignees
No one assigned
Labels
backport
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@catsby @tvoran @calvn @austingebauer