NewKubernetesIdentity returns a pointer to a new Credentials object using the Kubernetes service account
(stsEndpoint string, opts ...func(*STSWebIdentity))
| 117 | // NewKubernetesIdentity returns a pointer to a new |
| 118 | // Credentials object using the Kubernetes service account |
| 119 | func NewKubernetesIdentity(stsEndpoint string, opts ...func(*STSWebIdentity)) (*Credentials, error) { |
| 120 | return NewSTSWebIdentity(stsEndpoint, func() (*WebIdentityToken, error) { |
| 121 | token, err := os.ReadFile("/var/run/secrets/kubernetes.io/serviceaccount/token") |
| 122 | if err != nil { |
| 123 | return nil, err |
| 124 | } |
| 125 | |
| 126 | return &WebIdentityToken{ |
| 127 | Token: string(token), |
| 128 | }, nil |
| 129 | }, opts...) |
| 130 | } |
| 131 | |
| 132 | // WithPolicy option will enforce that the returned credentials |
| 133 | // will be scoped down to the specified policy |
nothing calls this directly
no test coverage detected