helm: force app creds in GCP CCM (#3822)

Author: burgerdev

internal/constellation/helm/charts/edgeless/constellation-services/charts/ccm/templates/gcp-cm.yaml

@@ -5,5 +5,11 @@ metadata:
   name: gceconf
   namespace: {{ .Release.Namespace }}
 data:
-  gce.conf: "[global]\nproject-id = {{.Values.GCP.projectID }}\nuse-metadata-server = true\nnode-tags = constellation-{{ .Values.GCP.uid }}\nregional = true\n"
+  gce.conf: |
+    [global]
+    project-id = {{.Values.GCP.projectID }}
+    use-metadata-server = true
+    node-tags = constellation-{{ .Values.GCP.uid }}
+    regional = true
+    token-url = nil # This forces use of GOOGLE_APPLICATION_CREDENTIALS.
 {{- end -}}

internal/constellation/helm/testdata/GCP/constellation-services/charts/ccm/templates/gcp-cm.yaml

@@ -4,4 +4,4 @@ metadata:
   name: gceconf
   namespace: testNamespace
 data:
-  gce.conf: "[global]\nproject-id = 42424242424242\nuse-metadata-server = true\nnode-tags = constellation-242424242424\nregional = true\n"
+  gce.conf: "[global]\nproject-id = 42424242424242\nuse-metadata-server = true\nnode-tags = constellation-242424242424\nregional = true\ntoken-url = nil # This forces use of GOOGLE_APPLICATION_CREDENTIALS."