Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Add support for impersonation in GKEStartPodOperator, DataflowCreateJavaJobOperator and DataflowCreatePythonJobOperator
See original GitHub issueDescription
GKEStartPodOperator, DataflowCreateJavaJobOperator and DataflowCreatePythonJobOperator do not support direct impersonation of a service account in Google services.
Use case / motivation
GKEStartPodOperator, DataflowCreateJavaJobOperator and DataflowCreatePythonJobOperator, in contrary to other Google operators, do not use Credentials class for authentication, so they require individual approach to support direct impersonation in them.
In case of GKEStartPodOperator it seems it should suffice to add --impersonate-service-account to the gcloud container clusters get-credentials command. However, this way we will not be able to use chain of service accounts, like in the rest of Google operators.
In case of DataflowCreateJavaJobOperator and DataflowCreatePythonJobOperator, some changes in provide_gcp_credential_file_as_context will probably be needed.
Related Issues
Issue Analytics
- State:
- Created 3 years ago
- Comments:7 (7 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@rajatsri28 Awesome! I assigned you to this ticket. 🐈
Hi @olchas , Can I pick this up?