search

jenkinsci / google-compute-engine-plugin

https://plugins.jenkins.io/google-compute-engine/
Apache License 2.0
57 stars 88 forks source link

Add userinfo-email OAuth2 scope when associating service account #477

Open minhluantran017 opened 1 month ago

minhluantran017 commented 1 month ago

Background:

Service account associating with Jenkins agents provisioned by GCE plugin does not have the scope userinfo-email, which is suggested by official GKE docs to configure RBAC for the service account to deploy to GKE.

Proposal:

Add the userinfo-email OAuth2 scope beside current cloud-platform scope.

Github issue:

https://github.com/jenkinsci/google-compute-engine-plugin/issues/476

Testing done

Local unit test passed using maven:3.8.6-openjdk-11:

[INFO] Results:
[INFO] 
[INFO] Tests run: 55, Failures: 0, Errors: 0, Skipped: 0
[INFO] 
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time:  33:15 min
[INFO] Finished at: 2024-10-13T13:16:31Z
[INFO] ------------------------------------------------------------------------
minhluantran017 commented 1 month ago

Hi @evandbrown , @craigdbarber , @jtnord , @olamy , As you are maintainers, are you the right persons for reviewing this PR? Thanks.