Authenticate Google Cloud In Docker Without Getting Your Creds Stolen

Welcome to another edition of I couldn’t find this information using StackOverflow/Reddit/documentation so I need to brain dump a post about what I learned. With any luck, generations of engineers will benefit from this sacred knowledge.

In a previous story I wrote (ranted) about what influenced my dual-dev IDE strategy which involves a borderline-impractical combination of Jupyter Notebook (run through Vertex AI) and VS Code. I explained that Jupyter is typically my sandbox where I craft “rough drafts” of code and VS Code is both the testing ground and vehicle for committing the final product to GitHub.

In the past I’ve also shared that, in order to reduce the embarrassment (and credibility hit) associated with a failed deployment, I prefer to create clean virtual environments, usually using Pyenv, to facilitate a testing ground for my Python-based pipelines.

Recently, however, I’ve eschewed Pyenv in favor of a more data engineer (and software engineer)-oriented strategy: Testing code using Docker images.

Build Your Pipeline To A Data Engineering Career

You’ve reached the limit of the public preview. The full version of this post includes the implementation details: The code, the edge cases, and the "why" behind the architecture.

When you join PipelineToDE, you get:

• The DA → DE Pathway Course: A structured roadmap to bridge the gap between analysis and engineering.
• Weekly Senior Deep Dives: Fresh, tactical insights on Python, Cloud (GCP/AWS), and modern orchestration delivered every week.
• Production-Ready Blueprints: Access to 80+ protected stories and code repos from my time in the trenches as a Senior DE
• The DE Job Board (Coming Soon): Exclusive access to a curated board of high-agency Data Engineering roles.