support passing impersonate-service-account #463
Conversation
ericyz
requested review from
adrienthebo,
Jberlinsky and
morgante
as code owners
There was a problem hiding this comment.
Please make changes in autogen and regenerate - https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/blob/master/CONTRIBUTING.md
| @@ -25,12 +25,12 @@ CLUSTER_NAME=$2 | |||
|
|
|||
| echo "Waiting for cluster $CLUSTER_NAME in project $PROJECT to reconcile..." | |||
|
|
|||
| current_status=$(gcloud container clusters list --project="$PROJECT" --filter=name:"$CLUSTER_NAME" --format="value(status)") | |||
| current_status=$(gcloud container clusters list --project="$PROJECT" --filter=name:"$CLUSTER_NAME" --format="value(status)") --impersonate_service_account="$impersonate_service_account" | |||
There was a problem hiding this comment.
I believe you will need to add an argument for the $impersonate_service_account
similar to here:
There was a problem hiding this comment.
Thanks Bharath!! I missed out this. Will fix it
| @@ -25,12 +25,12 @@ CLUSTER_NAME=$2 | |||
|
|
|||
| echo "Waiting for cluster $CLUSTER_NAME in project $PROJECT to reconcile..." | |||
|
|
|||
| current_status=$(gcloud container clusters list --project="$PROJECT" --filter=name:"$CLUSTER_NAME" --format="value(status)") | |||
| current_status=$(gcloud container clusters list --project="$PROJECT" --filter=name:"$CLUSTER_NAME" --format="value(status)") --impersonate_service_account="$impersonate_service_account" | |||
There was a problem hiding this comment.
Also wouldn't we need to handle the case that impersonate_service_account is empty?
There was a problem hiding this comment.
I believe this would work as expected with empty impersonate_service_account - no impersonation for the command.
This can be tested with any gcloud command, such as gcloud projects list --impersonate_service_account=""
| variable "impersonate_service_account" { | ||
| description = "An optional service account to impersonate. This cannot be used with credentials_path. If this service account is not specified and credentials_path is absent, the module will use Application Default Credentials." | ||
| default = "" | ||
| } |
| variable "impersonate_service_account" { | ||
| description = "An optional service account to impersonate. This cannot be used with credentials_path. If this service account is not specified and credentials_path is absent, the module will use Application Default Credentials." | ||
| default = "" | ||
| } |
|
Updated |
|
@morgante - Do you mind explaining what auto-gen does and how auto-gen works? |
It's explained in the contributing guide. Please read: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/blob/master/CONTRIBUTING.md |
ericyz
force-pushed
the
feature/impersonate-service-account
branch
from
3e3c44c
to
52f0918
Compare
|
Hey, I have updated accordingly. Would be another chance to take a look? |
|
Would love to see this reviewed and merged! |
|
@ericyz Could you rebase/resolve conflicts? |
morgante
force-pushed
the
master
branch
2 times, most recently
from
4beaeb7
to
6069ece
Compare
|
Superseded by #729 |
No description provided.