From 5f7cf05457ad68426a0d20221d20b4f807aaf72b Mon Sep 17 00:00:00 2001
From: amanpruthi <aman.pruthi@velotio.com>
Date: Thu, 6 Jun 2024 18:05:05 +0530
Subject: [PATCH] fixed tmp service account issue

---
 main.tf                          | 8 ++++----
 modules/service_accounts/main.tf | 3 +--
 variables.tf                     | 8 +++++++-
 3 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/main.tf b/main.tf
index 80d81bd..d00db54 100644
--- a/main.tf
+++ b/main.tf
@@ -87,7 +87,7 @@ module "app_gke" {
   network                  = local.network
   subnetwork               = local.subnetwork
   service_account          = module.service_accounts.service_account
-  create_workload_identity = var.enable_stackdriver
+  create_workload_identity = var.create_workload_identity
   depends_on               = [module.project_factory_project_services]
 }
 
@@ -255,9 +255,9 @@ module "wandb" {
         }
         serviceAccount = { annotations = { "iam.gke.io/gcp-service-account" = module.service_accounts.monitoring_role } }
         } : {
-          install        = false
-          stackdriver    = {}
-          serviceAccount = {}
+        install        = false
+        stackdriver    = {}
+        serviceAccount = {}
       }
 
       otel = {
diff --git a/modules/service_accounts/main.tf b/modules/service_accounts/main.tf
index ca85630..b498ef2 100644
--- a/modules/service_accounts/main.tf
+++ b/modules/service_accounts/main.tf
@@ -74,10 +74,9 @@ resource "google_project_iam_member" "monitoring-role" {
   count   = var.enable_stackdriver == true ? 1 : 0
   project = local.project_id
   role    = "roles/monitoring.viewer"
-  member  = "serviceAccount:${google_service_account.workload-identity-user-sa[count.index].email}"
+  member  = local.sa_member
 }
 
-
 resource "google_project_iam_member" "workload_identity-role" {
   count   = var.enable_stackdriver == true ? 1 : 0
   project = local.project_id
diff --git a/variables.tf b/variables.tf
index 57aa658..36c30a3 100644
--- a/variables.tf
+++ b/variables.tf
@@ -256,7 +256,7 @@ variable "parquet_wandb_env" {
 
 variable "enable_stackdriver" {
   type = bool
-  default = false
+  default = true
 }
 
 variable "workload_account_id" {
@@ -267,4 +267,10 @@ variable "workload_account_id" {
 variable "service_account_name" {
   type    = string
   default = "stackdriver"
+}
+
+variable "create_workload_identity" {
+  description = "Flag to indicate whether to create a workload identity for the service account."
+  type        = bool
+  default     = true
 }
\ No newline at end of file