Adds multitenant sa pipeline at infra test

amandakarina · amandakarina · commit 356442155189 · 2025-04-24T13:19:35.000-03:00
diff --git a/test/integration/appfactory/appfactory_test.go b/test/integration/appfactory/appfactory_test.go
@@ -53,6 +53,8 @@ func TestAppfactory(t *testing.T) {
 		tft.WithTFDir("../../setup/vpcsc"),
 	)
 
+	os.Setenv("GOOGLE_IMPERSONATE_SERVICE_ACCOUNT", bootstrap.GetJsonOutput("cb_service_accounts_emails").Get("applicationfactory").String())
+
 	backend_bucket := bootstrap.GetStringOutput("state_bucket")
 	backendConfig := map[string]interface{}{
 		"bucket": backend_bucket,
diff --git a/test/integration/fleetscope/fleetscope_test.go b/test/integration/fleetscope/fleetscope_test.go
@@ -46,6 +46,8 @@ func TestFleetscope(t *testing.T) {
 		tft.WithTFDir("../../../1-bootstrap"),
 	)
 
+	os.Setenv("GOOGLE_IMPERSONATE_SERVICE_ACCOUNT", bootstrap.GetJsonOutput("cb_service_accounts_emails").Get("fleetscope").String())
+
 	backend_bucket := bootstrap.GetStringOutput("state_bucket")
 	backendConfig := map[string]interface{}{
 		"bucket": backend_bucket,
diff --git a/test/integration/multitenant/multitenant_test.go b/test/integration/multitenant/multitenant_test.go
@@ -16,6 +16,7 @@ package multitenant
 
 import (
 	"fmt"
+	"os"
 	"regexp"
 	"strings"
 	"testing"
@@ -36,6 +37,7 @@ func TestMultitenant(t *testing.T) {
 	bootstrap := tft.NewTFBlueprintTest(t,
 		tft.WithTFDir("../../../1-bootstrap"),
 	)
+	os.Setenv("GOOGLE_IMPERSONATE_SERVICE_ACCOUNT", bootstrap.GetJsonOutput("cb_service_accounts_emails").Get("multitenant").String())
 
 	vpcsc := tft.NewTFBlueprintTest(t,
 		tft.WithTFDir("../../setup/vpcsc"),
diff --git a/test/setup/iam.tf b/test/setup/iam.tf
@@ -63,7 +63,7 @@ resource "google_project_iam_member" "int_test_connection_admin" {
 }
 
 resource "google_folder_iam_member" "int_test_connection_admin" {
-  for_each = toset(["roles/resourcemanager.projectCreator", "roles/owner"])
+  for_each = toset(["roles/resourcemanager.projectCreator", "roles/owner", "roles/iam.serviceAccountAdmin", "roles/iam.serviceAccountUser",])
   folder   = module.folder_seed.id
   role     = each.value
   member   = "serviceAccount:${google_service_account.int_test[local.index].email}"

Original file line number	Diff line number	Diff line change
`@@ -53,6 +53,8 @@ func TestAppfactory(t *testing.T) {`
`53`	`53`	`tft.WithTFDir("../../setup/vpcsc"),`
`54`	`54`	`)`
`55`	`55`
	`56`	`+ os.Setenv("GOOGLE_IMPERSONATE_SERVICE_ACCOUNT", bootstrap.GetJsonOutput("cb_service_accounts_emails").Get("applicationfactory").String())`
	`57`	`+`
`56`	`58`	`backend_bucket := bootstrap.GetStringOutput("state_bucket")`
`57`	`59`	`backendConfig := map[string]interface{}{`
`58`	`60`	`"bucket": backend_bucket,`
Original file line number	Diff line number	Diff line change
`@@ -46,6 +46,8 @@ func TestFleetscope(t *testing.T) {`
`46`	`46`	`tft.WithTFDir("../../../1-bootstrap"),`
`47`	`47`	`)`
`48`	`48`
	`49`	`+ os.Setenv("GOOGLE_IMPERSONATE_SERVICE_ACCOUNT", bootstrap.GetJsonOutput("cb_service_accounts_emails").Get("fleetscope").String())`
	`50`	`+`
`49`	`51`	`backend_bucket := bootstrap.GetStringOutput("state_bucket")`
`50`	`52`	`backendConfig := map[string]interface{}{`
`51`	`53`	`"bucket": backend_bucket,`
Original file line number	Diff line number	Diff line change
`@@ -63,7 +63,7 @@ resource "google_project_iam_member" "int_test_connection_admin" {`
`63`	`63`	`}`
`64`	`64`
`65`	`65`	`resource "google_folder_iam_member" "int_test_connection_admin" {`
`66`		`- for_each = toset(["roles/resourcemanager.projectCreator", "roles/owner"])`
	`66`	`+ for_each = toset(["roles/resourcemanager.projectCreator", "roles/owner", "roles/iam.serviceAccountAdmin", "roles/iam.serviceAccountUser",])`
`67`	`67`	`folder = module.folder_seed.id`
`68`	`68`	`role = each.value`
`69`	`69`	`member = "serviceAccount:${google_service_account.int_test[local.index].email}"`