func()

in auth/auth.go [249:273]

• 21 lines of code
• 5 McCabe index (conditional complexity)

func (c *Client) gkeWorkloadIdentity(ctx context.Context, cfg *config.MountConfig) (string, string, error) {
	// Determine Workload ID parameters from the GCE instance metadata.
	projectID, err := c.MetadataClient.ProjectIDWithContext(ctx)
	if err != nil {
		return "", "", fmt.Errorf("unable to get project id: %w", err)
	}
	idPool := fmt.Sprintf("%s.svc.id.goog", projectID)

	clusterLocation, err := c.MetadataClient.InstanceAttributeValueWithContext(ctx, "cluster-location")
	if err != nil {
		return "", "", fmt.Errorf("unable to determine cluster location: %w", err)
	}
	clusterName, err := c.MetadataClient.InstanceAttributeValueWithContext(ctx, "cluster-name")
	if err != nil {
		return "", "", fmt.Errorf("unable to determine cluster name: %w", err)
	}

	gkeWorkloadIdentityProviderEndpoint, err := vars.GkeWorkloadIdentityEndPoint.GetValue()
	if err != nil {
		return "", "", fmt.Errorf("unable to read GKE workload identity provider endpoint: %w", err)
	}
	idProvider := fmt.Sprintf("%s/projects/%s/locations/%s/clusters/%s", gkeWorkloadIdentityProviderEndpoint, projectID, clusterLocation, clusterName)

	return idPool, idProvider, nil
}