Skip to content

Commit fcd6bcd

Browse files
anthonyrtonganthonyrtong
committed
grant the test runner workloadIdentityPoolAdmin to fleet test project
1 parent 725c0a6 commit fcd6bcd

1 file changed

Lines changed: 26 additions & 2 deletions

File tree

mmv1/third_party/terraform/services/gkehub2/resource_gke_hub_feature_test.go

Lines changed: 26 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -887,10 +887,22 @@ func TestAccGKEHubFeature_WorkloadIdentity(t *testing.T) {
887887

888888
func testAccGKEHubFeature_WorkloadIdentity(context map[string]interface{}) string {
889889
return gkeHubFeatureProjectSetupForGA(context) + acctest.Nprintf(`
890+
resource "google_project_iam_member" "test-runner-workload-identity-admin" {
891+
project = google_project.project.project_id
892+
role = "roles/iam.workloadIdentityPoolAdmin"
893+
member = "serviceAccount:hashicorp-test-runner@ci-test-project-188019.iam.gserviceaccount.com"
894+
}
895+
896+
resource "time_sleep" "wait_for_test-runner_binding_propagation" {
897+
depends_on = [google_project_iam_member.test-runner-workload-identity-admin]
898+
create_duration = "60s"
899+
}
900+
890901
resource "google_iam_workload_identity_pool" "fleet-pool" {
891902
project = google_project.project.project_id
892903
workload_identity_pool_id = "fleet-pool%{random_suffix}"
893904
mode = "TRUST_DOMAIN"
905+
depends_on = [time_sleep.wait_for_test-runner_binding_propagation]
894906
}
895907
896908
resource "google_iam_workload_identity_pool_iam_member" "fleet-pool-p4sa-admin" {
@@ -903,7 +915,7 @@ resource "google_iam_workload_identity_pool_iam_member" "fleet-pool-p4sa-admin"
903915
904916
resource "time_sleep" "wait_for_fleet-pool_binding_propagation" {
905917
depends_on = [google_iam_workload_identity_pool_iam_member.fleet-pool-p4sa-admin]
906-
create_duration = "45s"
918+
create_duration = "60s"
907919
}
908920
909921
resource "google_gke_hub_feature" "feature" {
@@ -922,10 +934,22 @@ resource "google_gke_hub_feature" "feature" {
922934

923935
func testAccGKEHubFeature_WorkloadIdentityUpdate(context map[string]interface{}) string {
924936
return gkeHubFeatureProjectSetupForGA(context) + acctest.Nprintf(`
937+
resource "google_project_iam_member" "test-runner-workload-identity-admin" {
938+
project = google_project.project.project_id
939+
role = "roles/iam.workloadIdentityPoolAdmin"
940+
member = "serviceAccount:hashicorp-test-runner@ci-test-project-188019.iam.gserviceaccount.com"
941+
}
942+
943+
resource "time_sleep" "wait_for_test-runner_binding_propagation" {
944+
depends_on = [google_project_iam_member.test-runner-workload-identity-admin]
945+
create_duration = "60s"
946+
}
947+
925948
resource "google_iam_workload_identity_pool" "other-fleet-pool" {
926949
project = google_project.project.project_id
927950
workload_identity_pool_id = "my-other-fleet-pool%{random_suffix}"
928951
mode = "TRUST_DOMAIN"
952+
depends_on = [time_sleep.wait_for_test-runner_binding_propagation]
929953
}
930954
931955
resource "google_iam_workload_identity_pool_iam_member" "other-fleet-pool-p4sa-admin" {
@@ -938,7 +962,7 @@ resource "google_iam_workload_identity_pool_iam_member" "other-fleet-pool-p4sa-a
938962
939963
resource "time_sleep" "wait_for_other-fleet-pool_binding_propagation" {
940964
depends_on = [google_iam_workload_identity_pool_iam_member.other-fleet-pool-p4sa-admin]
941-
create_duration = "45s"
965+
create_duration = "60s"
942966
}
943967
944968
resource "google_gke_hub_feature" "feature" {

0 commit comments

Comments
 (0)