test: test gcloud service account kube

Author: Laurin-Notemann

.github/workflows/test-workflow.yml

@@ -23,4 +23,15 @@ jobs:
         with:
           create_credentials_file: true
           workload_identity_provider: 'projects/1006240973223/locations/global/workloadIdentityPools/gha-create-gke-cluster/providers/github-actions'
-          service_account: '[email protected]'
+          service_account: '[email protected]'
+      - name: Set up kubectl
+        uses: azure/setup-kubectl@v3
+        with:
+          version: 'v1.28.0' 
+      - name: Configure gcloud CLI
+        run: |
+          gcloud config set project code-idp
+          gcloud container clusters get-credentials code-idp-gke --zone europe-west1
+      - name: Deploy to GKE
+        run: |
+          kubectl get pods -n submissions-2024

kubernetes-terraform-config/main.tf

@@ -193,6 +193,13 @@ resource "kubernetes_role_binding" "github_actions_rolebinding" {
     name      = kubernetes_service_account.github_actions_account.metadata[0].name
     namespace = kubernetes_namespace.submissions_namespace.metadata[0].name
   }
+
+  subject {
+    kind      = "User"
+    name      = "[email protected]"
+    namespace = kubernetes_namespace.submissions_namespace.metadata[0].name
+    api_group = "rbac.authorization.k8s.io"
+  }
 }
 
 resource "kubernetes_secret" "github_actions_token" {