Skip to content

Commit 8789c42

Browse files
author
Zheng Qin
committed
addressing comments
1 parent 965e19e commit 8789c42

File tree

6 files changed

+19
-7
lines changed

6 files changed

+19
-7
lines changed

Makefile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@
1818
# Make will use bash instead of sh
1919
SHELL := /usr/bin/env bash
2020

21-
DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 1.25.4
21+
DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 1.25
2222
DOCKER_IMAGE_DEVELOPER_TOOLS := cft/developer-tools
2323
REGISTRY_URL := gcr.io/cloud-foundation-cicd
2424

metadata.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -336,13 +336,13 @@ spec:
336336
roles:
337337
- level: Project
338338
roles:
339+
- roles/compute.admin
339340
- roles/run.admin
340341
- roles/iam.serviceAccountUser
341342
- roles/certificatemanager.owner
342343
- roles/vpcaccess.admin
343344
- roles/iam.serviceAccountAdmin
344345
- roles/storage.admin
345-
- roles/compute.admin
346346
services:
347347
- certificatemanager.googleapis.com
348348
- cloudresourcemanager.googleapis.com

modules/backend/metadata.yaml

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -323,9 +323,13 @@ spec:
323323
roles:
324324
- level: Project
325325
roles:
326+
- roles/iap.admin
327+
- roles/iam.serviceAccountUser
326328
- roles/iam.serviceAccountAdmin
327329
- roles/compute.admin
328-
- roles/iam.serviceAccountUser
330+
- roles/storage.admin
331+
- roles/run.admin
332+
- roles/compute.networkAdmin
329333
services:
330334
- cloudresourcemanager.googleapis.com
331335
- compute.googleapis.com

modules/frontend/metadata.yaml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -236,8 +236,10 @@ spec:
236236
roles:
237237
- level: Project
238238
roles:
239-
- roles/compute.loadBalancerAdmin
240239
- roles/compute.admin
240+
- roles/certificatemanager.admin
241+
- roles/iap.admin
242+
- roles/iam.serviceAccountUser
241243
services:
242244
- certificatemanager.googleapis.com
243245
- compute.googleapis.com

modules/serverless_negs/metadata.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -292,13 +292,13 @@ spec:
292292
roles:
293293
- level: Project
294294
roles:
295+
- roles/certificatemanager.owner
296+
- roles/vpcaccess.admin
295297
- roles/iam.serviceAccountAdmin
296298
- roles/storage.admin
297299
- roles/compute.admin
298300
- roles/run.admin
299301
- roles/iam.serviceAccountUser
300-
- roles/certificatemanager.owner
301-
- roles/vpcaccess.admin
302302
services:
303303
- certificatemanager.googleapis.com
304304
- cloudresourcemanager.googleapis.com

test/setup/iam.tf

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,10 @@ locals {
2727
]
2828
backend = [
2929
"roles/compute.admin",
30+
"roles/storage.admin",
31+
"roles/run.admin",
32+
"roles/compute.networkAdmin",
33+
"roles/iap.admin",
3034
"roles/iam.serviceAccountUser",
3135
"roles/iam.serviceAccountAdmin"
3236
]
@@ -41,7 +45,9 @@ locals {
4145
]
4246
frontend = [
4347
"roles/compute.admin",
44-
"roles/compute.loadBalancerAdmin",
48+
"roles/certificatemanager.admin",
49+
"roles/iap.admin",
50+
"roles/iam.serviceAccountUser"
4551
]
4652
serverless_negs = [
4753
"roles/storage.admin",

0 commit comments

Comments
 (0)