Managing multiple service accounts proved to be a problem while doing automated testing. Instead, we can remove the GCP_DNS_NAME and GCP_DNS_SERVICE_ACCOUNT variables and rely on the GCP_SERVICE_ACCOUNT, which is conditionally assigned the DNS Admin role.
This allows for fewer service accounts to manage as well as isolated DNS service accounter per-cluster.
Managing multiple service accounts proved to be a problem while doing automated testing. Instead, we can remove the
GCP_DNS_NAMEandGCP_DNS_SERVICE_ACCOUNTvariables and rely on theGCP_SERVICE_ACCOUNT, which is conditionally assigned the DNS Admin role.This allows for fewer service accounts to manage as well as isolated DNS service accounter per-cluster.