From cbe85e06053847ea53c321c9cd8eb6dec4a79804 Mon Sep 17 00:00:00 2001 From: Valerio Ponza Date: Mon, 27 Feb 2023 14:17:16 +0000 Subject: [PATCH 1/2] fixing workloadidentity for anthos service mesh - authority was not created --- modules/gke-hub/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/gke-hub/main.tf b/modules/gke-hub/main.tf index ddd35a46..cf65f4c1 100644 --- a/modules/gke-hub/main.tf +++ b/modules/gke-hub/main.tf @@ -41,12 +41,12 @@ resource "google_gke_hub_membership" "default" { membership_id = each.key endpoint { gke_cluster { - resource_link = each.value + resource_link = "//container.googleapis.com/${each.value}" } } dynamic "authority" { for_each = ( - contains(var.workload_identity_clusters, each.key) ? {} : { 1 = 1 } + contains(var.workload_identity_clusters, each.key) ? { 1 = 1 } : {} ) content { issuer = "https://container.googleapis.com/v1/${var.clusters[each.key]}" From 52c16e973b57b58c0529bd6cf197c917e9b240f7 Mon Sep 17 00:00:00 2001 From: Valerio Ponza Date: Mon, 27 Feb 2023 14:35:49 +0000 Subject: [PATCH 2/2] fixing workloadidentity for anthos service mesh - authority was not created --- tests/modules/gke_hub/test_plan.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/modules/gke_hub/test_plan.py b/tests/modules/gke_hub/test_plan.py index 8a71d12b..3b847e39 100644 --- a/tests/modules/gke_hub/test_plan.py +++ b/tests/modules/gke_hub/test_plan.py @@ -74,7 +74,7 @@ def test_configmanagement_setup(resources): membership_key = f'module.hub.google_gke_hub_membership.default["{cluster}"]' membership = resources[membership_key] link = membership['endpoint'][0]['gke_cluster'][0]['resource_link'] - assert link == f'projects/myproject/locations/europe-west1-b/clusters/{cluster}' + assert link == f'//container.googleapis.com/projects/myproject/locations/europe-west1-b/clusters/{cluster}' fm_key = f'module.hub.google_gke_hub_feature_membership.default["{cluster}"]' fm = resources[fm_key]