Merge pull request #68 from davidz627/fix/driverOnGKE

k8s-ci-robot · web-flow · commit 1c0e45148458 · 2018-07-16T13:14:51.000-07:00
Bind GCP SA to Kubernetes Cluster-Admin for GKE
diff --git a/deploy/kubernetes/deploy-driver.sh b/deploy/kubernetes/deploy-driver.sh
@@ -8,8 +8,15 @@ readonly KUBEDEPLOY="${PKGDIR}/deploy/kubernetes"
 
 if ! kubectl get secret cloud-sa;
 then
-    kubectl create secret generic cloud-sa --from-file="${SA_FILE}"
+  kubectl create secret generic cloud-sa --from-file="${SA_FILE}"
 fi
+
+# GKE Required Setup
+if ! kubectl get clusterrolebinding cluster-admin-binding;
+then
+  kubectl create clusterrolebinding cluster-admin-binding --clusterrole cluster-admin --user $(gcloud config get-value account)
+fi
+
 kubectl apply -f "${KUBEDEPLOY}/setup-cluster.yaml"
 kubectl apply -f "${KUBEDEPLOY}/node.yaml"
-kubectl apply -f "${KUBEDEPLOY}/controller.yaml"
+kubectl apply -f "${KUBEDEPLOY}/controller.yaml"
diff --git a/deploy/setup-project.sh b/deploy/setup-project.sh
@@ -16,4 +16,4 @@ gcloud iam service-accounts delete "$IAM_NAME" --quiet || true
 gcloud iam service-accounts create "${GCEPD_SA_NAME}"
 gcloud iam service-accounts keys create "${SA_FILE}" --iam-account "${IAM_NAME}"
 gcloud projects add-iam-policy-binding "${PROJECT}" --member serviceAccount:"${IAM_NAME}" --role roles/compute.admin
-gcloud projects add-iam-policy-binding "${PROJECT}" --member serviceAccount:"${IAM_NAME}" --role roles/iam.serviceAccountUser
+gcloud projects add-iam-policy-binding "${PROJECT}" --member serviceAccount:"${IAM_NAME}" --role roles/iam.serviceAccountUser
