Hi All,
We are running Jenkins as a workload deployed using helm chart within google cloud environment and have setup workload identity to access Google Cloud APIs in Cloud. The service account say is service-account-project.iam.gserviceaccount.com.
Now we have a step in the jenkins as below
withCredentials([file(credentialsId: 'credentials-jenkins-001_service-account-project', variable: 'GOOGLE_APPLICATION_CREDENTIALS')]) {
sh("""
gcloud auth configure-docker europe-docker.pkg.dev
docker build -t ${imageTag} --secret id=adc,src=$GOOGLE_APPLICATION_CREDENTIALS .
""")
and the credential credentials-jenkins-001_service-account-project in jenkins is pointed to the downloaded json key of the service account. The credentials i can see in manage jenkins—>manage credentials section.
So can someone help me in setting this authentication without the need of the downloaded json key(credentials-jenkins-001_service-account-project)? We have already setup workload identity to access the gcp apis and the jenkins is already running in Google cloud with in a GKE cluster. Please help how we can achieve this?