Skip to content

feat: add VertexAI machine identity support (#477) #710

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat: add VertexAI machine identity support (#477) #710

wants to merge 1 commit into from

Conversation

Transcendental-Programmer
Copy link

Right now, we support only explicit credentials (via a JSON key) for VertexAI providers. This PR adds support for machine identity (ADC) as well essentially letting the provider authenticate via default credentials when no secret ref is provided.

The core logic in the translator was already set up to conditionally inject the GOOGLE_APPLICATION_CREDENTIALS env var only when needed, so most of the work here was wiring up the provider config and ensuring the frontend could handle the new shape.

  • Added projectID and location as required fields for the VertexAI providers (Gemini + Anthropic)
  • Downgraded Go from 1.24.4 to 1.24.0, some stuff wasn’t working correctly with the newer patch
  • Frontend changes mostly involved updating the types, form handling, and provider config mapping
  • Golden tests were added for both ADC and JSON-based auth flows

Tested both flows locally and in golden tests, both providers seem to behave as expected now. ADC skips the env var injection entirely, while JSON uses it the same as before. No regressions in existing behavior.

Leaving out screenshots since this is mostly backend/auth-related.

Still ironing out some edge cases, but this should be safe to merge once reviewed.

Fixes #477.

@Transcendental-Programmer
feat: add VertexAI machine identity support (kagent-dev#477)
e200426 
- Add GeminiVertexAI and AnthropicVertexAI providers to backend handlers
- Implement conditional authentication: ADC when no apiKeySecretRef, explicit credentials otherwise
- Add frontend support with provider configurations and TypeScript types
- Include comprehensive golden tests for both authentication scenarios
- Update Go version to 1.24.0 for compatibility

Resolves kagent-dev#477

Signed-off-by: Priyansh Saxena <130545865+Transcendental-Programmer@users.noreply.github.com>
EItanya
EItanya requested changes Aug 8, 2025
View reviewed changes
go/go.mod
@@ -1,6 +1,6 @@
module github.com/kagent-dev/kagent/go

go 1.24.5
go 1.24.0
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why this change, we just upgraded to 1.24.6, does that fix things? In general I'm not a fan of downgrading dependencies unless there's a really good reason

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@EItanya EItanya EItanya requested changes

@peterj peterj Awaiting requested review from peterj peterj is a code owner

@ilackarms ilackarms Awaiting requested review from ilackarms ilackarms is a code owner

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[FEATURE] Implement machine identity in VertexAI provider
2 participants
@Transcendental-Programmer @EItanya