Add ServiceAccount creation within GKE Composition

Signed-off-by: Yury Tsarev <yury@upbound.io>
upbound · Sep 26, 2022 · 426a033 · 426a033
1 parent 7b8e676
commit 426a033
Showing 1 changed file with 20 additions and 3 deletions.
diff --git a/cluster/gke/composition.yaml b/cluster/gke/composition.yaml
@@ -10,7 +10,17 @@ spec:
     apiVersion: gcp.platformref.upbound.io/v1alpha1
     kind: GKE
   resources:
-    - base:
+    - name: service-account
+      base:
+        apiVersion: cloudplatform.gcp.upbound.io/v1beta1
+        kind: ServiceAccount
+      patches:
+        - fromFieldPath: spec.id
+          toFieldPath: metadata.name
+        - fromFieldPath: spec.id
+          toFieldPath: spec.forProvider.displayName
+    - name: gke-cluster
+      base:
         apiVersion: container.gcp.upbound.io/v1beta1
         kind: Cluster
         spec:
@@ -23,6 +33,9 @@ spec:
             loggingService: logging.googleapis.com/kubernetes
             monitoringService: monitoring.googleapis.com/kubernetes
             initialNodeCount: 1
+            nodeConfig:
+              - serviceAccountSelector:
+                  matchControllerRef: true
       patches:
         - fromFieldPath: metadata.uid
           toFieldPath: spec.writeConnectionSecretToRef.name
@@ -43,7 +56,8 @@ spec:
         - fromConnectionSecretKey: kubeconfig
     # Each cluster has one node pool. Its nodes are spread evenly across the zones
     # in which the cluster exists.
-    - base:
+    - name: node-pool
+      base:
         apiVersion: container.gcp.upbound.io/v1beta1
         kind: NodePool
         spec:
@@ -68,6 +82,8 @@ spec:
                   disable-legacy-endpoints: "true"
                 oauthScopes:
                   - https://www.googleapis.com/auth/cloud-platform
+                serviceAccountSelector:
+                  matchControllerRef: true
             management:
               - autoRepair: true
                 autoUpgrade: true
@@ -89,7 +105,8 @@ spec:
           toFieldPath: spec.forProvider.autoscaling[0].minNodeCount
         - fromFieldPath: spec.parameters.nodes.count
           toFieldPath: spec.forProvider.autoscaling[0].maxNodeCount
-    - base:
+    - name: helm-provider-config
+      base:
         apiVersion: helm.crossplane.io/v1beta1
         kind: ProviderConfig
         spec: