This commit updates the GCR (Google Container Registry) credentials handling
in Keel's GCR extension to add support for Google Cloud's Workload Identity,
while maintaining compatibility with the existing authentication method via
the GOOGLE_APPLICATION_CREDENTIALS environment variable.
Changes include:
- Removed the `credentials` string field from the CredentialsHelper struct.
Credentials are now determined dynamically based on the runtime environment.
- Added `readCredentialsFromFile()` and `getWorkloadIdentityTokenCredentials()`
functions to abstract the credential reading and token obtaining processes.
- Updated `GetCredentials` method to try reading the GOOGLE_APPLICATION_CREDENTIALS
file first, falling back to Workload Identity if necessary.
- Extended registry URL check in `GetCredentials` to support Google Container Registry (`gcr.io`) and
Google Artifact Registry URLs (`pkg.dev`).
- Adding pubSub boolean check for activating pubSub.
These changes allow for the use of both JSON key files and Workload Identity
for GCP authentication when polling instead of using pubSub.
David
clem59170
crafa
Martin Emrich
Karolis Rusenas
Davide Berdin
Sean Clemmer
kagahehk01