egullickson/motovaultpro
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: update all Docker Compose files for Vision primary with WIF auth (refs #127)

Browse Source 
- Switch OCR engine config to google_vision primary / paddleocr fallback
- Mount Auth0 OCR secrets and WIF config into all OCR containers
- Add WIF config to repo (not a secret, contains no credentials)
- Remove obsolete google-vision-key.json.example

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Eric Gullickson
2026-02-09 20:53:44 -06:00
parent 5e4848c4e2
commit f4a28d009f
7 changed files with 47 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
secrets/app/google-wif-config.json Normal file
View File

@@ -0,0 +1,14 @@
{
"universe_domain": "googleapis.com",
"type": "external_account",
"audience": "//iam.googleapis.com/projects/487954699429/locations/global/workloadIdentityPools/motovaultpro-pool/providers/auth0-provider",
"subject_token_type": "urn:ietf:params:oauth:token-type:jwt",
"token_url": "https://sts.googleapis.com/v1/token",
"credential_source": {
"executable": {
"command": "/app/scripts/fetch-auth0-token.sh",
"timeout_millis": 30000
}
},
"service_account_impersonation_url": "https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/mvp-svc-account@motovaultpro.iam.gserviceaccount.com:generateAccessToken"
}