Runners cache GCS using workload identity
[[runners]] [runners.kubernetes] namespace = "{{.Release.Namespace}}" image = "ubuntu:16.04" [runners.cache] Type = "gcs" Path = "runner" Shared = true [runners.cache.gcs] BucketName= Can we use workload identity in the runners cache, here I have used a service account that has the permission of roles/iam.serviceAccountTokenCreator but still I am getting an error error while generating GCS pre-signed URL: signing blob: rpc error: code = PermissionDenied desc = Permission 'iam.serviceAccounts.signBlob' denied on a resource (or it may not exist). error details: name = ErrorInfo reason = IAM_PERMISSION_DENIED domain = iam.googleapis.com metadata = map[permission:iam.serviceAccounts.signBlob]" So is it necessary to use Service account KEY as a secret to enable the cache for GCS? and is there any other support for storing a cache in GCP other than GCS