diff --git a/source/Calamari.GoogleCloudAccounts/GoogleCloudAccountExtensions.cs b/source/Calamari.GoogleCloudAccounts/GoogleCloudAccountExtensions.cs index d56f64a418..a65106ec78 100644 --- a/source/Calamari.GoogleCloudAccounts/GoogleCloudAccountExtensions.cs +++ b/source/Calamari.GoogleCloudAccounts/GoogleCloudAccountExtensions.cs @@ -244,6 +244,9 @@ bool TryAuthenticateWithOidc(string accountVariable, string jwtToken, string? im return false; } + const int defaultTokenLifetimeSeconds = 3600; + var tokenLifetimeSeconds = variables.GetInt32($"{accountVariable}.OpenIdConnect.TokenLifetimeSeconds") ?? defaultTokenLifetimeSeconds; + File.WriteAllText(jwtFilePath, jwtToken); if (audience.Contains("iam.googleapis.com/")) @@ -256,7 +259,7 @@ bool TryAuthenticateWithOidc(string accountVariable, string jwtToken, string? im "create-cred-config", audience, $"--service-account={impersonationEmails}", - "--service-account-token-lifetime-seconds=3600", + $"--service-account-token-lifetime-seconds={tokenLifetimeSeconds}", "--subject-token-type=urn:ietf:params:oauth:token-type:jwt", "--credential-source-type=text", $"--credential-source-file={jwtFilePath.EnsureDoubleQuoteIfContainsSpaces()}",