chore(docs): update Workload Identity README example for existing GSA (#1062)

tomasgareau · morgante · web-flow · commit 5b16a50edee4 · 2021-11-16T16:57:43.000-05:00
Addresses #1059 -- without the `depends_on` block, the WI module will try to read a data source for a Google service account that has not yet been created. This is alluded to in the Workload Identity examples but not in the Workload Identity README. This commit updates the README to include the `depends_on` block. Co-authored-by: Morgante Pell <morgantep@google.com>
diff --git a/examples/workload_identity/main.tf b/examples/workload_identity/main.tf
@@ -95,5 +95,6 @@ module "workload_identity_existing_gsa" {
   name                = google_service_account.custom.account_id
   use_existing_gcp_sa = true
   # wait till custom GSA is created to force module data source read during apply
+  # https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/1059
   depends_on = [google_service_account.custom]
 }
diff --git a/modules/workload-identity/README.md b/modules/workload-identity/README.md
@@ -59,6 +59,10 @@ module "my-app-workload-identity" {
   use_existing_gcp_sa = true
   name                = google_service_account.preexisting.account_id
   project_id          = var.project_id
+
+  # wait for the custom GSA to be created to force module data source read during apply
+  # https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/1059
+  depends_on = [google_service_account.preexisting]
 }
 ```
 

Original file line number	Diff line number	Diff line change
`@@ -95,5 +95,6 @@ module "workload_identity_existing_gsa" {`
`95`	`95`	`name = google_service_account.custom.account_id`
`96`	`96`	`use_existing_gcp_sa = true`
`97`	`97`	`# wait till custom GSA is created to force module data source read during apply`
	`98`	`+ # https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/1059`
`98`	`99`	`depends_on = [google_service_account.custom]`
`99`	`100`	`}`