google/internal/externalaccount: create executable credenitals

google/internal/externalaccount/basecredentials.go

@@ -171,6 +171,8 @@ type CredentialSource struct {
 	URL     string            `json:"url"`
 	Headers map[string]string `json:"headers"`
 
+	Executable ExecutableConfig `json:"executable"`
+
 	EnvironmentID               string `json:"environment_id"`
 	RegionURL                   string `json:"region_url"`
 	RegionalCredVerificationURL string `json:"regional_cred_verification_url"`
@@ -179,6 +181,12 @@ type CredentialSource struct {
 	Format                      format `json:"format"`
 }
 
+type ExecutableConfig struct {
+	Command       string `json:"command"`
+	TimeoutMillis int    `json:"timeout_millis"`
+	OutputFile    string `json:"output_file"`
+}
+
 // parse determines the type of CredentialSource needed
 func (c *Config) parse(ctx context.Context) (baseCredentialSource, error) {
 	if len(c.CredentialSource.EnvironmentID) > 3 && c.CredentialSource.EnvironmentID[:3] == "aws" {
@@ -205,6 +213,8 @@ func (c *Config) parse(ctx context.Context) (baseCredentialSource, error) {
 		return fileCredentialSource{File: c.CredentialSource.File, Format: c.CredentialSource.Format}, nil
 	} else if c.CredentialSource.URL != "" {
 		return urlCredentialSource{URL: c.CredentialSource.URL, Headers: c.CredentialSource.Headers, Format: c.CredentialSource.Format, ctx: ctx}, nil
+	} else if c.CredentialSource.Executable.Command != "" {
+		return CreateExecutableCredential(c.CredentialSource.Executable, c, ctx), nil
 	}
 	return nil, fmt.Errorf("oauth2/google: unable to parse credential source")
 }