@glrs-dev/assume 0.12.2 → 0.13.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +16 -0
- package/package.json +5 -5
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,21 @@
|
|
|
1
1
|
# @glrs-dev/assume
|
|
2
2
|
|
|
3
|
+
## 0.13.0
|
|
4
|
+
|
|
5
|
+
### Minor Changes
|
|
6
|
+
|
|
7
|
+
- [#292](https://github.com/iceglober/glrs/pull/292) [`f954712`](https://github.com/iceglober/glrs/commit/f9547129dd13c00ee316eb012bc087326a6307b7) Thanks [@iceglober](https://github.com/iceglober)! - GCP now wraps the gcloud CLI instead of reimplementing Google OAuth.
|
|
8
|
+
|
|
9
|
+
Previously glrs ran its own Google OAuth (gcloud's client ID, auth-code flow, raw refresh-token grants) and emulated the GCE metadata server. Under an org that enforces reauth, raw refresh grants are rejected (`invalid_rapt`) and glrs had no reauth flow, so GCP wedged — and the emulated `GCE_METADATA_HOST` shadowed gcloud's own credentials.
|
|
10
|
+
|
|
11
|
+
glrs now delegates GCP auth to gcloud, the idiomatic local-dev path:
|
|
12
|
+
|
|
13
|
+
- `gsa login gcp` runs `gcloud auth login` + `gcloud auth application-default login` (interactive — satisfies org reauth and writes a proper ADC).
|
|
14
|
+
- Credentials are delivered by gcloud's **Application Default Credentials**, not the daemon. glrs no longer sets `GCE_METADATA_HOST`; apps read gcloud's ADC natively. The daemon binds no GCP endpoint.
|
|
15
|
+
- Contexts are projects via `gcloud projects list`; `gsa use gcp <project>` sets `GOOGLE_CLOUD_PROJECT` (and `--default` also `gcloud config set project`); `gsa exec`/agent mint a token via `gcloud ... print-access-token`.
|
|
16
|
+
- When gcloud needs interactive reauth, the next command surfaces "run: gsa login gcp" (via the needs-login marker) instead of leaking a raw token-endpoint error.
|
|
17
|
+
- **Requires the Google Cloud SDK (`gcloud`) on PATH** for GCP; the in-house OAuth/ADC writer/metadata emulation are removed. AWS is unaffected.
|
|
18
|
+
|
|
3
19
|
## 0.12.2
|
|
4
20
|
|
|
5
21
|
### Patch Changes
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@glrs-dev/assume",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.13.0",
|
|
4
4
|
"publishConfig": {
|
|
5
5
|
"access": "public"
|
|
6
6
|
},
|
|
@@ -51,9 +51,9 @@
|
|
|
51
51
|
"typescript": "^5"
|
|
52
52
|
},
|
|
53
53
|
"optionalDependencies": {
|
|
54
|
-
"@glrs-dev/assume-darwin-arm64": "0.
|
|
55
|
-
"@glrs-dev/assume-darwin-x64": "0.
|
|
56
|
-
"@glrs-dev/assume-linux-x64": "0.
|
|
57
|
-
"@glrs-dev/assume-linux-arm64": "0.
|
|
54
|
+
"@glrs-dev/assume-darwin-arm64": "0.13.0",
|
|
55
|
+
"@glrs-dev/assume-darwin-x64": "0.13.0",
|
|
56
|
+
"@glrs-dev/assume-linux-x64": "0.13.0",
|
|
57
|
+
"@glrs-dev/assume-linux-arm64": "0.13.0"
|
|
58
58
|
}
|
|
59
59
|
}
|