Skip to content

Commit 0e02808

Browse files
glasntglasnt
committed
debug: do not create sa
1 parent 09f4ecf commit 0e02808

File tree

1 file changed

+4
-8
lines changed

1 file changed

+4
-8
lines changed

run/django/e2e_test_setup.yaml

Lines changed: 4 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -59,7 +59,7 @@ steps:
5959
SECRET_KEY=$(cat /dev/urandom | LC_ALL=C tr -dc '[:alpha:]' | fold -w 30 | head -n1)
6060
PASSWORD_NAME=${_SECRET_PASSWORD_NAME}" > ${_SECRET_SETTINGS_NAME}
6161
62-
./retry.sh "gcloud iam service-accounts create ${_SERVICE_ACCOUNT}"
62+
sa_email=$(gcloud projects list --filter "name=${PROJECT_ID}" --format "value(projectNumber)")[email protected]
6363
6464
./retry.sh "gcloud secrets create ${_SECRET_SETTINGS_NAME} \
6565
--project $PROJECT_ID \
@@ -72,17 +72,17 @@ steps:
7272
--data-file=${_SECRET_PASSWORD_NAME}"
7373
7474
./retry.sh "gcloud secrets add-iam-policy-binding ${_SECRET_SETTINGS_NAME} \
75-
--member serviceAccount:${_SERVICE_ACCOUNT_EMAIL} \
75+
--member serviceAccount:${sa_email} \
7676
--role roles/secretmanager.secretAccessor \
7777
--project ${PROJECT_ID}"
7878
7979
./retry.sh "gcloud secrets add-iam-policy-binding ${_SECRET_PASSWORD_NAME} \
80-
--member serviceAccount:${_SERVICE_ACCOUNT_EMAIL} \
80+
--member serviceAccount:${sa_email} \
8181
--role roles/secretmanager.secretAccessor \
8282
--project ${PROJECT_ID}"
8383
8484
./retry.sh "gcloud projects add-iam-policy-binding ${PROJECT_ID} \
85-
--member serviceAccount:${_SERVICE_ACCOUNT_EMAIL} \
85+
--member serviceAccount:${sa_email} \
8686
--role roles/cloudsql.client \
8787
--project ${PROJECT_ID}"
8888
@@ -107,7 +107,6 @@ steps:
107107
- |
108108
./retry.sh "gcloud run jobs create ${_CLOUD_RUN_JOB_NAME} \
109109
--region ${_REGION} \
110-
--service-account ${_SERVICE_ACCOUNT_EMAIL} \
111110
--image ${_IMAGE_NAME} \
112111
--set-cloudsql-instances ${_CLOUD_SQL_CONNECTION_NAME} \
113112
--set-env-vars SETTINGS_NAME=${_SECRET_SETTINGS_NAME} \
@@ -125,7 +124,6 @@ steps:
125124
--image ${_IMAGE_NAME} \
126125
--no-allow-unauthenticated \
127126
--region ${_REGION} \
128-
--service-account ${_SERVICE_ACCOUNT_EMAIL} \
129127
--set-cloudsql-instances ${_CLOUD_SQL_CONNECTION_NAME} \
130128
--set-env-vars SETTINGS_NAME=${_SECRET_SETTINGS_NAME}"
131129
@@ -144,8 +142,6 @@ substitutions:
144142
_IMAGE_NAME: ${_REGION}-docker.pkg.dev/${PROJECT_ID}/${_ARTIFACT_REGISTRY}/django-${_VERSION}
145143
_STORAGE_BUCKET: ${PROJECT_ID}-bucket-${_VERSION}
146144
_CLOUD_RUN_JOB_NAME: migrate-${_VERSION}
147-
_SERVICE_ACCOUNT: django-sa-${_VERSION}
148-
_SERVICE_ACCOUNT_EMAIL: ${_SERVICE_ACCOUNT}@${PROJECT_ID}.iam.gserviceaccount.com
149145
_DB_INSTANCE: django-instance-${_VERSION}
150146
_CLOUD_SQL_CONNECTION_NAME: ${PROJECT_ID}:${_REGION}:${_DB_INSTANCE}
151147
_DB_NAME: postgres-${_VERSION}

0 commit comments

Comments
 (0)