You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Of course some unit and/or integration test cases would be welcome as well.
Additional context
We've actually tested this in our environment and the proposed addition works as intended.
NOTE: The underlying GCP Service Account mapped via Workload Identity needs to have a proper IAM binding ie. the Artifact Registry Reader role bound to the Registry in scope.
Hi @jdomeracki , thank you very much for raising this issue. I have added this item to our triage backlog and brought it to the team's attention.
Of course, we're more than willing to accept PRs if this is something you might be interested in assisting with, but rest assured we're going to look into this! 😄
Hey @jdomeracki did you need to add any additional steps e.g. add a label or annotation to the ServiceAccount of the snyk-monitor, so that it is provisioned with the correct workload identity?
Describe the user need
Hi Team, as GCR recently got deprecated it might be high time to start officially supporting Google Artifact Registry.
Describe expected behaviour
The following section of the documentation should include a snippet showcasing a sample configuration of the
dockercfg.json
includingcredHelpers
set for GAR: https://github.com/snyk/kubernetes-monitor/tree/staging/snyk-monitor#installingExample:
Of course some unit and/or integration test cases would be welcome as well.
Additional context
We've actually tested this in our environment and the proposed addition works as intended.
Reference: https://cloud.google.com/artifact-registry/docs/access-control#roles
The text was updated successfully, but these errors were encountered: