-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update Google client initialisation to use MLP helper method #67
Update Google client initialisation to use MLP helper method #67
Conversation
treatment-service/models/storage.go
Outdated
googleClient, err = idtoken.NewClient( | ||
context.Background(), | ||
defaultCaraMLAudience, | ||
idtoken.WithCredentialsFile(filepath), | ||
) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Will be replacing this block with the new method InitGoogleClientFromCredentialsFile
introduced in caraml-dev/mlp#79 (after this gets approved and merged) which initialises a Google client a specified file path for both service AND user accounts.
IgnoreStatusCodes: nil, | ||
IgnoreStatusCodes: []int{}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This change here is to address this change in behaviour of the unit tests: https://github.com/caraml-dev/xp/actions/runs/4545757610/jobs/8013518375#step:5:233
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@deadlycoconuts, thanks for also testing out the plugin auth behavior and handling it. LGTM.
What this PR does / why we need it:
With the introduction of a helper method in MLP (caraml-dev/mlp#78) to abstract away the creation of a Google client to append ID tokens to the headers of outgoing requests, that is authenticated with service or user accounts, this PR imports the said helper method and uses it to initialise its Google client.
This ensures that all outgoing requests from the Turing API server contain ID tokens in their headers.
Which issue(s) this PR fixes:
Fixes #