From 802aff070475c98e75e8adda3f207eef0832ff47 Mon Sep 17 00:00:00 2001 From: upodroid Date: Wed, 21 Aug 2024 22:34:23 +0100 Subject: [PATCH] use prow in the default namespace --- infra/gcp/terraform/k8s-infra-prow/iam.tf | 26 ++++++----------------- 1 file changed, 6 insertions(+), 20 deletions(-) diff --git a/infra/gcp/terraform/k8s-infra-prow/iam.tf b/infra/gcp/terraform/k8s-infra-prow/iam.tf index 0a5e71cc9a22..5e208851ad2f 100644 --- a/infra/gcp/terraform/k8s-infra-prow/iam.tf +++ b/infra/gcp/terraform/k8s-infra-prow/iam.tf @@ -74,12 +74,12 @@ resource "google_service_account_iam_binding" "argocd" { role = "roles/iam.workloadIdentityUser" members = [ - "serviceAccount:k8s-infra-prow.svc.id.goog[prow/config-bootstrapper]", - "serviceAccount:k8s-infra-prow.svc.id.goog[prow/crier]", - "serviceAccount:k8s-infra-prow.svc.id.goog[prow/deck]", - "serviceAccount:k8s-infra-prow.svc.id.goog[prow/hook]", - "serviceAccount:k8s-infra-prow.svc.id.goog[prow/prow-controller-manager]", - "serviceAccount:k8s-infra-prow.svc.id.goog[prow/sinker]", + "serviceAccount:k8s-infra-prow.svc.id.goog[defaultconfig-bootstrapper]", + "serviceAccount:k8s-infra-prow.svc.id.goog[defaultcrier]", + "serviceAccount:k8s-infra-prow.svc.id.goog[defaultdeck]", + "serviceAccount:k8s-infra-prow.svc.id.goog[defaulthook]", + "serviceAccount:k8s-infra-prow.svc.id.goog[defaultprow-controller-manager]", + "serviceAccount:k8s-infra-prow.svc.id.goog[defaultsinker]", ] } @@ -110,17 +110,3 @@ resource "google_service_account_iam_binding" "prow" { "serviceAccount:k8s-infra-prow.svc.id.goog[argocd/argocd-server]", ] } - -resource "google_service_account" "halogen" { - account_id = "halogen" - display_name = "halogen" - project = module.project.project_id -} - -resource "google_service_account_iam_binding" "halogen" { - service_account_id = google_service_account.halogen.name - role = "roles/iam.workloadIdentityUser" - members = [ - "serviceAccount:k8s-infra-prow.svc.id.goog[prow/halogen]", - ] -}