From 61e2cb2b731bbd08e055e07861e45ffe2c1feab0 Mon Sep 17 00:00:00 2001 From: justinsb Date: Fri, 17 Dec 2021 13:03:23 -0500 Subject: [PATCH] gce: Fix google_project_iam_binding member -> members --- pkg/truncate/truncate.go | 1 + tests/integration/update_cluster/ha_gce/kubernetes.tf | 4 ++-- .../integration/update_cluster/minimal_gce/kubernetes.tf | 4 ++-- .../update_cluster/minimal_gce_private/kubernetes.tf | 4 ++-- upup/pkg/fi/cloudup/gcetasks/projectiambinding.go | 8 ++++---- 5 files changed, 11 insertions(+), 10 deletions(-) diff --git a/pkg/truncate/truncate.go b/pkg/truncate/truncate.go index 28d9aba0f3..d95cf07667 100644 --- a/pkg/truncate/truncate.go +++ b/pkg/truncate/truncate.go @@ -13,6 +13,7 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. */ + package truncate import ( diff --git a/tests/integration/update_cluster/ha_gce/kubernetes.tf b/tests/integration/update_cluster/ha_gce/kubernetes.tf index 130523b6f9..a6660f461a 100644 --- a/tests/integration/update_cluster/ha_gce/kubernetes.tf +++ b/tests/integration/update_cluster/ha_gce/kubernetes.tf @@ -721,13 +721,13 @@ resource "google_compute_subnetwork" "us-test1-ha-gce-example-com" { } resource "google_project_iam_binding" "serviceaccount-control-plane" { - member = "serviceAccount:control-plane-ha-gce-ex-mr702t@testproject.iam.gserviceaccount.com" + members = ["serviceAccount:control-plane-ha-gce-ex-mr702t@testproject.iam.gserviceaccount.com"] project = "testproject" role = "roles/container.serviceAgent" } resource "google_project_iam_binding" "serviceaccount-nodes" { - member = "serviceAccount:node-ha-gce-example-com@testproject.iam.gserviceaccount.com" + members = ["serviceAccount:node-ha-gce-example-com@testproject.iam.gserviceaccount.com"] project = "testproject" role = "roles/compute.viewer" } diff --git a/tests/integration/update_cluster/minimal_gce/kubernetes.tf b/tests/integration/update_cluster/minimal_gce/kubernetes.tf index 0f02adaa43..657944e0a3 100644 --- a/tests/integration/update_cluster/minimal_gce/kubernetes.tf +++ b/tests/integration/update_cluster/minimal_gce/kubernetes.tf @@ -525,13 +525,13 @@ resource "google_compute_subnetwork" "us-test1-minimal-gce-example-com" { } resource "google_project_iam_binding" "serviceaccount-control-plane" { - member = "serviceAccount:control-plane-minimal-g-fu1mg6@testproject.iam.gserviceaccount.com" + members = ["serviceAccount:control-plane-minimal-g-fu1mg6@testproject.iam.gserviceaccount.com"] project = "testproject" role = "roles/container.serviceAgent" } resource "google_project_iam_binding" "serviceaccount-nodes" { - member = "serviceAccount:node-minimal-gce-example-com@testproject.iam.gserviceaccount.com" + members = ["serviceAccount:node-minimal-gce-example-com@testproject.iam.gserviceaccount.com"] project = "testproject" role = "roles/compute.viewer" } diff --git a/tests/integration/update_cluster/minimal_gce_private/kubernetes.tf b/tests/integration/update_cluster/minimal_gce_private/kubernetes.tf index 060065e8d3..4bdb828ba2 100644 --- a/tests/integration/update_cluster/minimal_gce_private/kubernetes.tf +++ b/tests/integration/update_cluster/minimal_gce_private/kubernetes.tf @@ -538,13 +538,13 @@ resource "google_compute_subnetwork" "us-test1-minimal-gce-private-example-com" } resource "google_project_iam_binding" "serviceaccount-control-plane" { - member = "serviceAccount:control-plane-minimal-g-sh4okp@testproject.iam.gserviceaccount.com" + members = ["serviceAccount:control-plane-minimal-g-sh4okp@testproject.iam.gserviceaccount.com"] project = "testproject" role = "roles/container.serviceAgent" } resource "google_project_iam_binding" "serviceaccount-nodes" { - member = "serviceAccount:node-minimal-gce-privat-sh4okp@testproject.iam.gserviceaccount.com" + members = ["serviceAccount:node-minimal-gce-privat-sh4okp@testproject.iam.gserviceaccount.com"] project = "testproject" role = "roles/compute.viewer" } diff --git a/upup/pkg/fi/cloudup/gcetasks/projectiambinding.go b/upup/pkg/fi/cloudup/gcetasks/projectiambinding.go index 53d464e0f6..57643169a1 100644 --- a/upup/pkg/fi/cloudup/gcetasks/projectiambinding.go +++ b/upup/pkg/fi/cloudup/gcetasks/projectiambinding.go @@ -127,16 +127,16 @@ func (_ *ProjectIAMBinding) RenderGCE(t *gce.GCEAPITarget, a, e, changes *Projec // terraformProjectIAMBinding is the model for a terraform google_project_iam_binding rule type terraformProjectIAMBinding struct { - Project string `json:"project,omitempty" cty:"project"` - Role string `json:"role,omitempty" cty:"role"` - Member string `json:"member,omitempty" cty:"member"` + Project string `json:"project,omitempty" cty:"project"` + Role string `json:"role,omitempty" cty:"role"` + Members []string `json:"members,omitempty" cty:"members"` } func (_ *ProjectIAMBinding) RenderTerraform(t *terraform.TerraformTarget, a, e, changes *ProjectIAMBinding) error { tf := &terraformProjectIAMBinding{ Project: fi.StringValue(e.Project), Role: fi.StringValue(e.Role), - Member: fi.StringValue(e.Member), + Members: []string{fi.StringValue(e.Member)}, } return t.RenderResource("google_project_iam_binding", *e.Name, tf)