Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-07-23 23:40:44 -04:00
Code Issues Projects Releases Packages Wiki Activity

gcp: support projects with no default permissions (#3656)

Browse source 
* helm/gcp: use service account in operator and joinservice

* helm: format operator testdata

* terraform/iam: create additional service account for VMs

This service account is used in the following commits and is attached to the VMs

* config: pass VM service account from iam create to cluster create via config

* cli/iamcreate: limit name prefix length

* docs: add minimal gcp IAM permissions
This commit is contained in:
Leonard Cohnen 2025-03-25 14:13:38 +01:00 committed by GitHub
parent 83e08e3e37
commit 66815a4a47
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
42 changed files with 771 additions and 466 deletions
Download patch file Download diff file Expand all files Collapse all files

2
cli/internal/cloudcmd/tfvars.go
View file

@ -231,6 +231,7 @@ func gcpTerraformVars(conf *config.Config, imageRef string) *terraform.GCPCluste
InternalLoadBalancer: conf.InternalLoadBalancer,
CCTechnology: ccTech,
AdditionalLabels: conf.Tags,
IAMServiceAccountVM: conf.Provider.GCP.IAMServiceAccountVM,
}
}
@ -240,6 +241,7 @@ func gcpTerraformIAMVars(conf *config.Config, oldVars terraform.GCPIAMVariables)
Region: conf.Provider.GCP.Region,
Zone: conf.Provider.GCP.Zone,
ServiceAccountID: oldVars.ServiceAccountID,
NamePrefix: oldVars.NamePrefix,
}
}