Accepts service account definition the created VM

ansible-community · May 23, 2022 · 0a45b0c · 0a45b0c
1 parent 9d8866c
commit 0a45b0c
Showing 1 changed file with 18 additions and 0 deletions.
diff --git a/src/molecule_gce/playbooks/tasks/create_linux_instance.yml b/src/molecule_gce/playbooks/tasks/create_linux_instance.yml
@@ -30,6 +30,24 @@
         access_configs: "{{ [{'name': 'instance_ip', 'type': 'ONE_TO_ONE_NAT'}] if molecule_yml.driver.external_access else [] }}"
     tags: "{{ item.tags | default(omit) }}"
     zone: "{{ item.zone | default(molecule_yml.driver.region + '-b') }}"
+    service_accounts: >-
+      [
+        {% for account in molecule_yml.driver.service_accounts | d([]) %}
+          {
+            {% if account.email == 'same-as-driver' and molecule_yml.driver.service_account_email is defined %}
+              'email': '{{ molecule_yml.driver.service_account_email }}',
+            {% elif account.email == 'same-as-driver' and molecule_yml.driver.service_account_file is defined %}
+              'email': '{{ (lookup('file', molecule_yml.driver.service_account_file) | from_json)['client_email'] }}',
+            {% else %}
+              'email': '{{ account.email }}',
+            {% endif %}
+
+            {% if account.scopes is defined %}
+              'scopes': {{ account.scopes }},
+            {% endif %}
+          },
+        {% endfor %}
+      ]
     project: "{{ gcp_project_id }}"
     scopes: "{{ molecule_yml.driver.scopes | default(['https://www.googleapis.com/auth/compute'], True) }}"
     service_account_email: "{{ molecule_yml.driver.service_account_email | default (omit, true) }}"