From 9192760610eba8fe5ec6ff3856643585facea2cf Mon Sep 17 00:00:00 2001
From: amanpruthi <aman.pruthi@velotio.com>
Date: Mon, 10 Jun 2024 13:05:11 +0530
Subject: [PATCH] added service account var

---
 main.tf                               | 1 +
 modules/service_accounts/main.tf      | 4 ++--
 modules/service_accounts/variables.tf | 5 +++++
 variables.tf                          | 4 ++--
 4 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/main.tf b/main.tf
index dbbd5421..911ecb04 100644
--- a/main.tf
+++ b/main.tf
@@ -262,6 +262,7 @@ module "wandb" {
         install = true
         stackdriver = {
           projectId = data.google_client_config.current.project
+          serviceAccountName = var.service_account_name
         }
         serviceAccount = { annotations = { "iam.gke.io/gcp-service-account" = module.service_accounts.monitoring_role } }
         } : {
diff --git a/modules/service_accounts/main.tf b/modules/service_accounts/main.tf
index 9fccdcd1..f799bab8 100644
--- a/modules/service_accounts/main.tf
+++ b/modules/service_accounts/main.tf
@@ -65,7 +65,7 @@ resource "google_project_iam_member" "secretmanager_admin" {
 
 resource "google_service_account" "workload-identity-user-sa" {
   count        = var.enable_stackdriver == true ? 1 : 0
-  account_id   = "stackdriver"
+  account_id   = var.account_id
   display_name = "Service Account For Workload Identity"
 }
 
@@ -87,5 +87,5 @@ resource "google_service_account_iam_member" "workload_identity-role" {
   count   = var.enable_stackdriver == true ? 1 : 0
   service_account_id = google_service_account.workload-identity-user-sa[count.index].id
   role    = "roles/iam.workloadIdentityUser"
-  member  = "serviceAccount:${local.project_id}.svc.id.goog[${var.namespace}/${var.service_account_name}]"
+  member  = "serviceAccount:${local.project_id}.svc.id.goog[${var.stackdriver_namespace}/${var.service_account_name}]"
 }
\ No newline at end of file
diff --git a/modules/service_accounts/variables.tf b/modules/service_accounts/variables.tf
index 6cc76753..c8c55cc4 100644
--- a/modules/service_accounts/variables.tf
+++ b/modules/service_accounts/variables.tf
@@ -22,4 +22,9 @@ variable "service_account_name" {
 variable "enable_stackdriver" {
   description = "Flag to indicate whether to enable workload identity for the service account."
   type        = bool
+}
+
+variable "stackdriver_namespace" {
+  type = string
+  default = "default"
 }
\ No newline at end of file
diff --git a/variables.tf b/variables.tf
index 57aa6588..924fbc84 100644
--- a/variables.tf
+++ b/variables.tf
@@ -261,10 +261,10 @@ variable "enable_stackdriver" {
 
 variable "workload_account_id" {
   type    = string
-  default = "stackdriver"
+  default = "wandb-stackdriver"
 }
 
 variable "service_account_name" {
   type    = string
-  default = "stackdriver"
+  default = "wandb-stackdriver"
 }
\ No newline at end of file