Fixed project setup scripts

Author: davidz627

deploy/kubernetes/README.md

@@ -14,5 +14,5 @@ $ ./deploy/kubernetes/deploy_driver.sh
 ```
 3. Create example PVC and Pod
 ```
-$ kubectl create -f ./examples/demo-pod.yaml
+$ kubectl apply -f ./examples/demo-pod.yaml
 ```

deploy/kubernetes/delete-driver.sh

@@ -1,4 +1,8 @@
 #!/bin/bash
 
-kubectl delete -f node.yaml
-kubectl delete -f controller.yaml
+set -o nounset
+set -o errexit
+
+kubectl delete -f node.yaml --ignore-not-found
+kubectl delete -f controller.yaml --ignore-not-found
+kubectl delete -f setup-cluster.yaml --ignore-not-found

deploy/kubernetes/deploy-driver.sh

@@ -1,6 +1,12 @@
 #!/bin/bash
-source ./common.sh
-kubectl create secret generic cloud-sa --from-file=$SA_FILE
-kubectl create -f setup-cluster.yaml
-kubectl create -f node.yaml
-kubectl create -f controller.yaml
+
+set -o nounset
+set -o errexit
+
+if ! kubectl get secret cloud-sa;
+then
+    kubectl create secret generic cloud-sa --from-file=$SA_FILE
+fi
+kubectl apply -f setup-cluster.yaml
+kubectl apply -f node.yaml
+kubectl apply -f controller.yaml

deploy/setup-project.sh

@@ -1,6 +1,17 @@
 #!/bin/bash
 
+set -o nounset
+set -o errexit
+
 IAM_NAME="$GCEPD_SA_NAME@$PROJECT.iam.gserviceaccount.com"
+
+# Cleanup old Service Account and Key
+rm -f $SA_FILE
+gcloud iam service-accounts delete $IAM_NAME --quiet
+# TODO: Delete ALL policy bindings
+
+# Create new Service Account and Keys
 gcloud iam service-accounts create $GCEPD_SA_NAME
 gcloud iam service-accounts keys create $SA_FILE --iam-account $IAM_NAME
-gcloud projects add-iam-policy-binding $PROJECT --member serviceAccount:$IAM_NAME --role roles/compute.storageAdmin roles/compute.admin
+# TODO: Reduce scope of role to only what it necessary when cloud IAM fixes bugs.
+gcloud projects add-iam-policy-binding $PROJECT --member serviceAccount:$IAM_NAME --role roles/owner