Closed devil47sid closed 3 years ago
Hi @devil47sid - Wanted to check if you can validate all the instructions needed to enable Workload Identity in the cluster ( https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity#enable_on_cluster
I've ran into similar issues in the past and it most likely can be one of the following:
To be comprehensive, pls see this doc for more troubleshooting steps: https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity#troubleshooting
I've validated workload identity with default credentials in GKE as part of doing some unrelated testing. I've encountered issues similar to Ray's point (3.) -- when running create deployment
, the default namespace is used, unless the yaml file contains a namespace specification. This makes creating deployments with kubectl create deployment
subtly different from using kubectl run
as the workload identity tutorial does, since the latter takes a --serviceaccount
parameter, while the former does not.
Closing this issue; please reopen if you are still having trouble.
Description: Google Auth libraries unable to use credentials set by GKE workload identity. Version: Spring boot 2.3.3.RELEASE, Spring Cloud Hoxton.SR8
Steps to reproduce: Deploy any app using default google cloud credentials in Workload Identity enabled GKE cluster
Stacktrace: