That's a royal pain in the arse to automate with something like ansible... AWS nailed it with a token & secret (not some horrible expiring oauth2 object).
And that's not to mention gsutils sleeping for a second or two every time it tells you there's an update.
It's like these guys have never heard of devops.
Updates are my problem; I don't expect software to sleep whenever they're available... because you never know, I might be running it in a loop under cron and it might just piss me off when I start to lose performance...
'gcloud auth activate-service-account' will auth using a JWT, acquired from the Cloud Console.
Also, if you are running stuff in Google Compute Engine, no auth flow is needed at all: there is a metadata service that you can connect to (and gcloud connects to by default) that provides credentials associated with the machine you're on.
> It's like these guys have never heard of devops.
:\ yeah...I can't imagine trying to automate a web login flow with ansible...but no one would ever suggest you do that.
(disclosure: I wrote most of the client-side auth code for gcloud)
That's a royal pain in the arse to automate with something like ansible... AWS nailed it with a token & secret (not some horrible expiring oauth2 object).
And that's not to mention gsutils sleeping for a second or two every time it tells you there's an update.
It's like these guys have never heard of devops.
Updates are my problem; I don't expect software to sleep whenever they're available... because you never know, I might be running it in a loop under cron and it might just piss me off when I start to lose performance...