feat: Supports configuring RRSA in OSS Artifacts. Part of#13973

docs/executor_swagger.md

@@ -2381,6 +2381,7 @@ save/load the directory appropriately.
 | accessKeySecret | [SecretKeySelector](#secret-key-selector)| `SecretKeySelector` |  | |  |  |
 | bucket | string| `string` |  | | Bucket is the name of the bucket |  |
 | createBucketIfNotPresent | boolean| `bool` |  | | CreateBucketIfNotPresent tells the driver to attempt to create the OSS bucket for output artifacts, if it doesn't exist |  |
+| credentialsConfig | [OSSCredentialsConfig](#o-s-s-credentials-config)| `OSSCredentialsConfig` |  | |  |  |
 | endpoint | string| `string` |  | | Endpoint is the hostname of the bucket endpoint |  |
 | key | string| `string` |  | | Key is the path in the bucket where the artifact resides |  |
 | lifecycleRule | [OSSLifecycleRule](#o-s-s-lifecycle-rule)| `OSSLifecycleRule` |  | |  |  |
@@ -2390,6 +2391,29 @@ save/load the directory appropriately.
 
 
 
+### <span id="o-s-s-credentials-config"></span> OSSCredentialsConfig
+
+
+> OSSCredentialsConfig specifies the credential configuration for OSS
+
+
+
+
+
+
+**Properties**
+
+| Name | Type | Go type | Required | Default | Description | Example |
+|------|------|---------|:--------:| ------- |-------------|---------|
+| oIDCProviderArn | string| `string` |  | | OidcProviderARN is the Alibaba Cloud Resource Name (ARN) of the OIDC IdP. |  |
+| oIDCTokenFilePath | string| `string` |  | | OidcTokenFile is the file path of the OIDC token. |  |
+| roleArn | string| `string` |  | | RoleARN is the Alibaba Cloud Resource Name(ARN) of the role to assume. |  |
+| roleSessionName | string| `string` |  | | RoleSessionName is the session name of the role to assume. |  |
+| sTSEndpoint | string| `string` |  | | STSEndpoint is the endpoint of the STS service. |  |
+| type | string| `string` |  | | Type specifies the credential type. |  |
+
+
+
 ### <span id="o-s-s-lifecycle-rule"></span> OSSLifecycleRule
 
 

docs/fields.md

@@ -3611,6 +3611,7 @@ OSSArtifact is the location of an Alibaba Cloud OSS artifact
 |`accessKeySecret`|[`SecretKeySelector`](#secretkeyselector)|AccessKeySecret is the secret selector to the bucket's access key|
 |`bucket`|`string`|Bucket is the name of the bucket|
 |`createBucketIfNotPresent`|`boolean`|CreateBucketIfNotPresent tells the driver to attempt to create the OSS bucket for output artifacts, if it doesn't exist|
+|`credentialsConfig`|[`OSSCredentialsConfig`](#osscredentialsconfig)|CredentialsConfig specifies the credential configuration for OSS|
 |`endpoint`|`string`|Endpoint is the hostname of the bucket endpoint|
 |`key`|`string`|Key is the path in the bucket where the artifact resides|
 |`lifecycleRule`|[`OSSLifecycleRule`](#osslifecyclerule)|LifecycleRule specifies how to manage bucket's lifecycle|
@@ -4353,6 +4354,7 @@ OSSArtifactRepository defines the controller configuration for an OSS artifact r
 |`accessKeySecret`|[`SecretKeySelector`](#secretkeyselector)|AccessKeySecret is the secret selector to the bucket's access key|
 |`bucket`|`string`|Bucket is the name of the bucket|
 |`createBucketIfNotPresent`|`boolean`|CreateBucketIfNotPresent tells the driver to attempt to create the OSS bucket for output artifacts, if it doesn't exist|
+|`credentialsConfig`|[`OSSCredentialsConfig`](#osscredentialsconfig)|CredentialsConfig specifies the credential configuration for OSS|
 |`endpoint`|`string`|Endpoint is the hostname of the bucket endpoint|
 |`keyFormat`|`string`|KeyFormat defines the format of how to store keys and can reference workflow variables.|
 |`lifecycleRule`|[`OSSLifecycleRule`](#osslifecyclerule)|LifecycleRule specifies how to manage bucket's lifecycle|
@@ -4474,6 +4476,20 @@ Header indicate a key-value request header to be used when fetching artifacts ov
 |`name`|`string`|Name is the header name|
 |`value`|`string`|Value is the literal value to use for the header|
 
+## OSSCredentialsConfig
+
+OSSCredentialsConfig specifies the credential configuration for OSS
+
+### Fields
+| Field Name | Field Type | Description   |
+|:----------:|:----------:|---------------|
+|`oIDCProviderArn`|`string`|OidcProviderARN is the Alibaba Cloud Resource Name (ARN) of the OIDC IdP.|
+|`oIDCTokenFilePath`|`string`|OidcTokenFile is the file path of the OIDC token.|
+|`roleArn`|`string`|RoleARN is the Alibaba Cloud Resource Name(ARN) of the role to assume.|
+|`roleSessionName`|`string`|RoleSessionName is the session name of the role to assume.|
+|`sTSEndpoint`|`string`|STSEndpoint is the endpoint of the STS service.|
+|`type`|`string`|Type specifies the credential type.|
+
 ## OSSLifecycleRule
 
 OSSLifecycleRule specifies how to manage bucket's lifecycle