Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by LinenTitle
c
curved-dream-12503
12/04/2022, 9:50 PMHI I am trying to get ci/cd pipeline running in bitbucket using workload identity federation (oidc). After following the instructions from pulumi I end up with a step like this:
- step:
name: Update Infrastructure
oidc: true
deployment: production
script:
- *deps
- echo $BITBUCKET_STEP_OIDC_TOKEN > /tmp/oidc-token.txt
- export GOOGLE_CREDENTIALS=credential-config.json
- pulumi up --yes --cwd ${PULUMI_WORKING_DIRECTORY} -s ${PULUMI_STACK_NAME}Diagnostics:
gcp:serviceAccount:Account (serviceAccount):
error: failed to load application credentials.
To use your default gcloud credentials, run:
`gcloud auth application-default login`
See <https://www.pulumi.com/registry/packages/gcp/installation-configuration/> for details.Adding to this, if using identity federation is not supported bij gcp-classic, is it supported by gcp-native provider?
update. When the I put the JSON file in the env var it works when pointing to a file it does not work.
🦆 ok one more update, problem was that when you use
--cwdGOOGLE_CREDENTIALS=${PWD}/credential-config.jsonCreated an issue: https://github.com/pulumi/pulumi-gcp/issues/956