From 64b6c072c7e78f354df2a7a88e099aa2ab388c8a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Liqin=20Zhang=F0=9F=98=88?= <zlq@google.com>
Date: Mon, 11 Mar 2024 20:40:50 +0000
Subject: [PATCH] Rervert the jupyter hub sa change to fix the cluster creation
 fail

Tested-by: zlq
---
 modules/jupyter/main.tf | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/modules/jupyter/main.tf b/modules/jupyter/main.tf
index 26e06d7ed..6508466b6 100644
--- a/modules/jupyter/main.tf
+++ b/modules/jupyter/main.tf
@@ -65,9 +65,17 @@ resource "kubernetes_annotations" "hub" {
   ]
 }
 
+data "google_service_account" "sa" {
+  account_id = var.workload_identity_service_account
+  depends_on = [
+    helm_release.jupyterhub,
+    module.jupyterhub-workload-identity
+  ]
+}
+
 resource "google_service_account_iam_binding" "hub-workload-identity-user" {
   count              = var.add_auth ? 1 : 0
-  service_account_id = module.jupyterhub-workload-identity.gcp_service_account
+  service_account_id = data.google_service_account.sa.name
   role               = "roles/iam.workloadIdentityUser"
 
   members = [
@@ -75,7 +83,8 @@ resource "google_service_account_iam_binding" "hub-workload-identity-user" {
     "serviceAccount:${var.project_id}.svc.id.goog[${var.namespace}/${var.workload_identity_service_account}]",
   ]
   depends_on = [
-    helm_release.jupyterhub
+    helm_release.jupyterhub,
+    module.jupyterhub-workload-identity
   ]
 }