Add WorkloadIdentityFederation#identity_pool_resource_name (!145108) · Merge requests · GitLab.org / GitLab

Dzmitry (Dima) Meshcharakou requested to merge 442032-confidential-issue into master Feb 19, 2024

What does this MR do and why?

This MR adds the new identity_pool_resource_name method to Integrations::GoogleCloudPlatform::WorkloadIdentityFederation integration that'll be used for IAM policies. The related thread

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

How to set up and validate locally

Simulate a SaaS instance in the local GDK
Execute the following in the Rails console:

Feature.enable(:google_cloud_workload_identity_federation)
i = Integrations::GoogleCloudPlatform::WorkloadIdentityFederation.create(workload_identity_federation_project_id: 'project_id', workload_identity_federation_project_number: '123456789', workload_identity_pool_id: 'pool_id', workload_identity_pool_provider_id: 'provider_id', project: Project.last, type: 'Integrations::GoogleCloudPlatform::WorkloadIdentityFederation', active: true)
i.identity_pool_resource_name # verify the value

Related to #442032

Edited Feb 19, 2024 by Dzmitry (Dima) Meshcharakou

Add WorkloadIdentityFederation#identity_pool_resource_name

What does this MR do and why?

MR acceptance checklist

Screenshots or screen recordings

How to set up and validate locally

Merge request reports