-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support service account impersonation for wait-for-cluster script #729
Support service account impersonation for wait-for-cluster script #729
Conversation
Signed-off-by: Dev <Dev25@users.noreply.github.com>
Signed-off-by: Dev <Dev25@users.noreply.github.com>
Thanks for the PR! 🚀 |
Signed-off-by: Dev <Dev25@users.noreply.github.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @Dev25! LGTM
FYI this breaks Cloudbuild + Terraform with the recommended Google Foundations setup: Yesterday I started getting this error with a previously working deployment (all terraform operations run fine, just not the script) so everything started failing. I spent more time debugging this than I would care to admit so I hope this helps someone out! Pin the version to v12.0.0.
|
Hi @reedox The new impersonation feature is off by default so I am wondering how it previously worked as the permissions required still the same. If you could provide previous apply logs I would be happy to dig further. |
…pt (terraform-google-modules#729) * Rebase impersonation support PR for scripts Signed-off-by: Dev <Dev25@users.noreply.github.com> * Set var type to string Signed-off-by: Dev <Dev25@users.noreply.github.com> * Rerun make docker_generate_docs Signed-off-by: Dev <Dev25@users.noreply.github.com>
This is a rebase of #463 so original credit goes to @ericyz
I ran into a issue with upgrading to the v12 release due to lack of impersonation support so the script stalls due to auth errors, noticed there was a old PR for this so rebased that and have tested it in my environment.