TL;DR
It would be very useful for auditing and tracking if we were able to specify a request_reason input paramater that is included with every API request in the X-Goog-Request-Reason.
Users would also be able to dynamically generate this parameter based on the context of the workflow run or outputs from previous steps.
Detailed design
uses: 'google-github-actions/auth@v2'
with:
project_id: 'my-project'
workload_identity_provider: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider'
request_reason: 'foo'
Additional information
Additional discussion points
Should a default request_reason be provided if none is supplied by the user?
I often like to include the GitHub actions run/job URL and I think it's a reasonable default, but other might differ.
uses: 'google-github-actions/auth@v2'
with:
project_id: 'my-project'
workload_identity_provider: 'projects/123456789/locations/global/workloadIdentityPools/my-pool/providers/my-provider'
request_reason: 'https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}/jobs/${{ github.job }}'
TL;DR
It would be very useful for auditing and tracking if we were able to specify a
request_reasoninput paramater that is included with every API request in theX-Goog-Request-Reason.Users would also be able to dynamically generate this parameter based on the context of the workflow run or outputs from previous steps.
Detailed design
Additional information
Additional discussion points
Should a default
request_reasonbe provided if none is supplied by the user?I often like to include the GitHub actions run/job URL and I think it's a reasonable default, but other might differ.