Abdulla Abdurakhmanov

Hi, Your use case seems already covered in my implementation: https://github.com/abdolence/gcloud-sdk-rs/blob/5b8ef6a2b07f8792de1faf7c2fb62154ee12c391/gcloud-sdk/src/token_source/ext_creds_source/mod.rs#L11 AWS is a special one since it requires to implement complex interaction with AWS. Yours looks like just a...

In theory you shouldn't write anything and can use the crate out of box. It should handle workload identity in kubernetes automatically (just make sure it is enabled in GKE).

Oh, right, you don't have metadata server and stuff available I guess? Is it some kind of self hosted Kubernetes? Let me investigate available options and come back to you.

Yeah, this should work. I was trying to find a similar example, glad you have already found it.

One thing worth to mention about that file, please consider it also as a sensitive file so nobody can modify it. It doesn't have token, but it has sensitive settings,...

Hey, I think docs.rs is failing because of this crate has a lot of crate features defined (docs.rs pipeline throws out of memory errors). I'll try to investigate if it...

The way this is currently implemented is somehow similar how Google itself implements this in their client libraries. (https://cloud.google.com/docs/authentication/client-libraries). The important part is that on production you usually rely on...

Thanks for the details. Yes, in your case now I understand more and it is totally makes sense to configure it that way. Right now this library doesn't provide it...

Appreciate the kind words. Yes, keep it open. I'm not scared of opened issues especially if they are correct :)

@officialpiyush Ok, I browsed the source code and now I remember that in fact we have the way to do everything programmatically: ```rust FirestoreDb::with_options_token_source( FirestoreDbOptions::new(config_env_var("PROJECT_ID")?.to_string()), gcloud_sdk::GCP_DEFAULT_SCOPES.clone(), gcloud_sdk::TokenSourceType::File("/tmp/key.json".into()) ) .await?; ```...