Open diguida opened 3 months ago
Hi @diguida, thanks for opening this issue. Could you try to apply
this separately please?
Hi @sheneska, thanks for looking into this. It is not clear to me what you are asking me with
try to
apply
this separately.
Should I run the apply
command in a Compute Engine instance or on my laptop instead of the runner?
Thanks.
@diguida Just ran across the exact same issue i was able to get it to work by adding 0.0.0.0/0 to master authorized networks as a test, wouldn't recommend doing this. You can check the k8s api server log and see what IP is being used in the request. I'm trying to get the cidr block from Hashi since we are using Terraform cloud
Terraform version, Kubernetes provider version and Kubernetes version
Terraform configuration
Question
Apologies if it is a double posting. I am trying to configure a worload identity federation on a private GKE cluster using the code snippet above, which follows the documentation and the guidelines in https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/using_gke_with_terraform
The resources are deployed by a pipeline in a GitLab k8s runner hosted in GCP, but on a different project.
The GKE cluster was created smoothly. Unfortunately, if I add the workload identity definition, the apply fails with this error:
The cluster endpoint looks correct.
In the k8s API server logs, I cannot see any request coming from the terraform process.
Can you please help me understanding the issue, or redirect me to some other info channel? I am stuck on it since a few days.
Thanks in advance.