salrashid123
salrashid123
oh, so python embeds the timestamp _inside_ the file...then kaniko isn't gonna help out. ...and i can't sincerely recommend going all out on and investing in [python-bazel builds](https://github.com/salrashid123/python-bazel-docker)
yeah, i tried the interrupt trick suggested but each cog+kaniko build is different hash (which is expected, i tihnk) i'm unsure exactly how bazel `rules_python` handles pyc files but i...
her'es an end-to-end covering building an image with [bazel and serving with cog](https://gist.github.com/salrashid123/1509254ac4cef16dcc8e9e2f257599cd). if precise build steps are followed, you should end up with * `sha256:3db6542dc746aeabaa39d902570430e1d50c416e7fc20b875c10578aa5e62875` (i verified it on...
also noted here https://github.com/tensorflow/tensorflow/issues/60235#issuecomment-1497783248
ok, here are two snippets. In the first one, i'm using `impersonated_credentials` to sign a JWT as the service account, then exchange that jwt with google for the target users's...
you can use a service account directly to access workspace apis without the two step process of actually using domain delegation. i'm using a svc account [here](https://blog.salrashid.dev/articles/2022/search_group_membership/) directly for the...
a small side comment about having an example of policies on duplication: you can use these restrictions to also clarify the controls around using TPMs for authentication to cloud provider...
@clundin25 ok, this is a doc bug [here](https://google-auth.readthedocs.io/en/master/reference/google.auth.transport.grpc.html#google.auth.transport.grpc.secure_authorized_channel) which shows the parameters to use as ```python secure_authorized_channel(credentials, request, target, ssl_credentials=None, client_cert_callback=None, **kwargs) ``` but the snippet mixed the positional arugments...
the only way to sign a url in gce, cloud run or cloud functions is to utilize an IAM api's `signBlob()` . A GCE's metadata server simply has no way...
if using tpm2_tools, it should be the something like if using ek ``` tpm2 flushcontext -t tpm2 startauthsession --session session.ctx --policy-session tpm2 policysecret --session session.ctx --object-context endorsement $ ls rsa.priv...