-
Notifications
You must be signed in to change notification settings - Fork 819
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
infra/gcp: k8s-metrics move cleanup #2451
Conversation
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: spiffxp The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
infra/gcp/clusters/projects/k8s-infra-prow-build-trusted/prow-build-trusted/main.tf
Outdated
Show resolved
Hide resolved
specifically - add the roles/bigquery.user role to k8s-infra-prow-build-trusted's terraform that I had to manually add to get the metrics-bigquery-canary job working - switch the special-case in ensure-main-project.sh to create gs://k8s-metrics, and flip the iam binding calls for the google.com prow instance to removes While I was here I also tried to reorganize some of the service account creation resources in k8s-infra-prow-build-trusted terraform into a workload_identity_service_account pseudo-module
e9acd27
to
30cb355
Compare
Updated PTAL |
/lgtm |
/hold cancel |
Ran
|
Ran
|
Related:
Specific things done here:
roles/bigquery.user
role to k8s-infra-prow-build-trusted's terraform that I had to manually add to get the metrics-bigquery-canary job workinggs://k8s-metrics
, and flip the iam binding calls for the google.com prow instance to removesWhile I was here I also tried to reorganize some of the service account creation resources in k8s-infra-prow-build-trusted terraform into a
workload_identity_service_account
pseudo-module