Include secret manager tip in service accounts list
What does this MR do and why?
Project :: Infra :: Google Cloud
contains a component that
lists out service accounts for the user.
Let's include a tip that encourages users to learn more about storing and maintaining secrets with a dedicated secret manager.
This commit also refactors strings and introduces a component
level i18n
object.
No changelog required as everything is behind a feature flag.
Screenshots or screen recordings
How to set up and validate locally
1. Use a proper TLD
- This feature integrates with Google OAuth2
- Callback URLs need to be registered via the GCP console
- Google will not accept
gdk.test
, you will need a proper TLD- I use
local-gitlab.com
- I use
- Setup your GDK for such a domain, update your
/etc/hosts
and possibly Nginx if used to proxy the GDK port
2. Setup Google Cloud
- Follow the instructions here: https://docs.gitlab.com/ee/integration/google.html
- For the GCP project that is used for OAuth2
- Enable
cloudresourcemanager
API - Enable
iam
API
- Enable
3. Configure GDK for Google OAuth2
-
Update
gdk.yml
and add the Google OAuth2 config--- hostname: local-gitlab.com omniauth: google_oauth2: client_id: {google_oauth_client_id} client_secret: {google_oauth_client_secret}
or, use the CLI to do the same
$ gdk config set omniauth.google_oauth2.client_id '..'
$ gdk config set omniauth.google_oauth2.client_secret '..'
- or, another option is to update the
gdk/gitlab/config/gitlab.yml
withgoogle_oauth
details - then run:
gdk reconfigure
4. Enable Feature Flag
Enable feature flag incubation_5mp_google_cloud
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Sri Rang