Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Can not use dynamic Service Account in Safer Cluster #1524

Closed
trajan0x opened this issue Jan 7, 2023 · 2 comments
Closed

Can not use dynamic Service Account in Safer Cluster #1524

trajan0x opened this issue Jan 7, 2023 · 2 comments
Labels
enhancement New feature or request Stale

Comments

@trajan0x
Copy link

trajan0x commented Jan 7, 2023

TL;DR

Repetition of #27, but with safer-cluster module

Terraform Resources

# Create the nodeconfig service account
resource "google_service_account" "server" {
  account_id   = "server"
  display_name = "Server IAM"
  project      = var.project_id
}

module "gke" {
  source  = "terraform-google-modules/kubernetes-engine/google//modules/safer-cluster"
  version = "23.0.0"
  # some other stuff
  compute_engine_service_account = google_service_account.server.email
}

Detailed design

This is the same issue as #27 but on the safer-cluster module. 

│
│   on .terraform/modules/cortex-cluster.gke/modules/beta-private-cluster/sa.tf line 40, in resource "google_service_account" "cluster_service_account":
│   40:   count        = var.create_service_account ? 1 : 0

When compute_engine_service_account is dynamic, no determination can be made on this variable:
https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/blob/master/modules/safer-cluster/main.tf#L114 until apply.

Passing create_service_account as default will fix this issue

Additional information

No response
@trajan0x trajan0x added the enhancement New feature or request label Jan 7, 2023
@trajan0x
Copy link
Author

trajan0x commented Jan 7, 2023
edited

I seem to have mislabeled this as enhancement, can we label this as a bug

@davidcollom davidcollom mentioned this issue Jan 17, 2023
Closed
davidcollom added a commit to davidcollom/terraform-google-kubernetes-engine that referenced this issue Jan 17, 2023
@davidcollom
Fixes terraform-google-modules#1524
f816f0e 
Signed-off-by: David Collom <david.collom@jetstack.io>
davidcollom added a commit to davidcollom/terraform-google-kubernetes-engine that referenced this issue Jan 17, 2023
@davidcollom
Fixes terraform-google-modules#1524
557f57a
@github-actions
Copy link

github-actions bot commented Mar 8, 2023

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

@github-actions github-actions bot added the Stale label Mar 8, 2023
@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Mar 16, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request Stale
Projects
None yet
Milestone
No milestone
1 participant
@trajan0x