OpenID Connect Docker Login
Owen Haynes
Now that we have OpenID Connect we can use federated workload identity in GCP.
This works great for jobs, but prevents us removing the last key for pulling docker images from GCR as a executor.
It would be nice just to be able to configure the docker executor to work with OpenID Connect so that we can remove the last service account key
Mohamad Basel Zahed
This is very important for us in order to stop using the service account key. We have spent good amount of effort changing our configuration to use OIDC Federation for all our jobs and now we are stuck because pulling the image itself still requires the key :(
Chris Szczyglowski
I cannot upvote this enough!!
Please CircleCI implement this so I can get rid of the persistent service account keys from my pipeline
T
Tuấn Ngô
Chris Szczyglowski: