fix: Chain GOOGLE_CREDENTIALS variable on kubectl-wrapper submodule (#95

)

* Addresses #93

* Correcting docs

Co-authored-by: Morgante Pell <[email protected]>

README.md

@@ -58,7 +58,7 @@ Setting it to `never` will *never* gcloud download and setting it to `always` wi
 | service\_account\_key\_file | Path to service account key file to run `gcloud auth activate-service-account` with. Optional. | `string` | `""` | no |
 | skip\_download | Whether to skip downloading gcloud (assumes gcloud is already available outside the module) | `bool` | `true` | no |
 | upgrade | Whether to upgrade gcloud at runtime | `bool` | `true` | no |
-| use\_tf\_google\_credentials\_env\_var | Use GOOGLE\_CREDENTIALS environment variable to run `gcloud auth activate-service-account` with. Optional. | `bool` | `false` | no |
+| use\_tf\_google\_credentials\_env\_var | Use `GOOGLE_CREDENTIALS` environment variable to run `gcloud auth activate-service-account` with. Optional. | `bool` | `false` | no |
 
 ## Outputs
 

modules/kubectl-wrapper/README.md

@@ -41,6 +41,7 @@ module "kubectl" {
 | skip\_download | Whether to skip downloading gcloud (assumes gcloud and kubectl is already available outside the module) | `bool` | `true` | no |
 | upgrade | Whether to upgrade gcloud at runtime | `bool` | `true` | no |
 | use\_existing\_context | Use existing kubecontext to auth kube-api. | `bool` | `false` | no |
+| use\_tf\_google\_credentials\_env\_var | Use `GOOGLE_CREDENTIALS` environment variable to run `gcloud auth activate-service-account` with. Optional. | `bool` | `false` | no |
 
 ## Outputs
 

modules/kubectl-wrapper/main.tf

@@ -19,14 +19,15 @@ locals {
 }
 
 module "gcloud_kubectl" {
-  source                   = "../.."
-  module_depends_on        = var.module_depends_on
-  additional_components    = var.additional_components
-  skip_download            = var.skip_download
-  gcloud_sdk_version       = var.gcloud_sdk_version
-  enabled                  = var.enabled
-  upgrade                  = var.upgrade
-  service_account_key_file = var.service_account_key_file
+  source                            = "../.."
+  module_depends_on                 = var.module_depends_on
+  additional_components             = var.additional_components
+  skip_download                     = var.skip_download
+  gcloud_sdk_version                = var.gcloud_sdk_version
+  enabled                           = var.enabled
+  upgrade                           = var.upgrade
+  service_account_key_file          = var.service_account_key_file
+  use_tf_google_credentials_env_var = var.use_tf_google_credentials_env_var
 
   create_cmd_entrypoint  = "${path.module}/scripts/kubectl_wrapper.sh"
   create_cmd_body        = var.impersonate_service_account == "" ? "${local.base_cmd} ${var.kubectl_create_command}" : "${local.base_cmd} true ${var.impersonate_service_account} ${var.kubectl_create_command}"

modules/kubectl-wrapper/variables.tf

@@ -99,6 +99,11 @@ variable "service_account_key_file" {
   default     = ""
 }
 
+variable "use_tf_google_credentials_env_var" {
+  description = "Use `GOOGLE_CREDENTIALS` environment variable to run `gcloud auth activate-service-account` with. Optional."
+  default     = false
+}
+
 variable "impersonate_service_account" {
   type        = string
   description = "An optional service account to impersonate for gcloud commands. If this service account is not specified, the module will use Application Default Credentials."

variables.tf

@@ -80,7 +80,7 @@ variable "service_account_key_file" {
 }
 
 variable "use_tf_google_credentials_env_var" {
-  description = "Use GOOGLE_CREDENTIALS environment variable to run `gcloud auth activate-service-account` with. Optional."
+  description = "Use `GOOGLE_CREDENTIALS` environment variable to run `gcloud auth activate-service-account` with. Optional."
   default     = false
 }