Problems in deploying the Cluster in GKE

[leandromoreirati]

Hello everyone!

I'm following the guidelines that are in the README of the project to deploy the jenkins-x in a GKE cluster, but when executing the apply of terraform I'm facing the error below, when he will perform the creation of the policies

module.jx.module.vault[0].google_project_iam_member.vault_sa_cloudkms_admin_binding[0]: Creation complete after 22s [id=jenkins-x-299000/roles/cloudkms.admin/serviceaccount:tf-jx-singular-katydid-vt@jenkins-x-299000.iam.gserviceaccount.com]

Error: Error applying IAM policy for service account 'projects/jenkins-x-299000/serviceAccounts/tf-jx-singular-katydid-bc@jenkins-x-299000.iam.gserviceaccount.com': Error setting IAM policy for service account 'projects/jenkins-x-299000/serviceAccounts/tf-jx-singular-katydid-bc@jenkins-x-299000.iam.gserviceaccount.com': googleapi: Error 400: Identity Pool does not exist (jenkins-x-299000.svc.id.goog). Please check that you specified a valid resource name as returned in the `name` attribute in the configuration API., badRequest

Error: googleapi: Error 400: Invalid field 'cluster.resource_labels.key': " provider ". It must only contain lowercase letters ([a-z]), numeric characters ([0-9]), underscores (_) and dashes (-), and must start with a letter. International characters are allowed., badRequest

Error: Error applying IAM policy for service account 'projects/jenkins-x-299000/serviceAccounts/tf-jx-singular-katydid-jxui@jenkins-x-299000.iam.gserviceaccount.com': Error setting IAM policy for service account 'projects/jenkins-x-299000/serviceAccounts/tf-jx-singular-katydid-jxui@jenkins-x-299000.iam.gserviceaccount.com': googleapi: Error 400: Identity Pool does not exist (jenkins-x-299000.svc.id.goog). Please check that you specified a valid resource name as returned in the `name` attribute in the configuration API., badRequest

Error: Error applying IAM policy for service account 'projects/jenkins-x-299000/serviceAccounts/tf-jx-singular-katydid-vt@jenkins-x-299000.iam.gserviceaccount.com': Error setting IAM policy for service account 'projects/jenkins-x-299000/serviceAccounts/tf-jx-singular-katydid-vt@jenkins-x-299000.iam.gserviceaccount.com': googleapi: Error 400: Identity Pool does not exist (jenkins-x-299000.svc.id.goog). Please check that you specified a valid resource name as returned in the `name` attribute in the configuration API., badRequest

Error: Error applying IAM policy for service account 'projects/jenkins-x-299000/serviceAccounts/tf-jx-singular-katydid-ko@jenkins-x-299000.iam.gserviceaccount.com': Error setting IAM policy for service account 'projects/jenkins-x-299000/serviceAccounts/tf-jx-singular-katydid-ko@jenkins-x-299000.iam.gserviceaccount.com': googleapi: Error 400: Identity Pool does not exist (jenkins-x-299000.svc.id.goog). Please check that you specified a valid resource name as returned in the `name` attribute in the configuration API., badRequest

Error: Error applying IAM policy for service account 'projects/jenkins-x-299000/serviceAccounts/tf-jx-singular-katydid-boot@jenkins-x-299000.iam.gserviceaccount.com': Error setting IAM policy for service account 'projects/jenkins-x-299000/serviceAccounts/tf-jx-singular-katydid-boot@jenkins-x-299000.iam.gserviceaccount.com': googleapi: Error 400: Identity Pool does not exist (jenkins-x-299000.svc.id.goog). Please check that you specified a valid resource name as returned in the `name` attribute in the configuration API., badRequest

Error: Error applying IAM policy for service account 'projects/jenkins-x-299000/serviceAccounts/tf-jx-singular-katydid-tekton@jenkins-x-299000.iam.gserviceaccount.com': Error setting IAM policy for service account 'projects/jenkins-x-299000/serviceAccounts/tf-jx-singular-katydid-tekton@jenkins-x-299000.iam.gserviceaccount.com': googleapi: Error 400: Identity Pool does not exist (jenkins-x-299000.svc.id.goog). Please check that you specified a valid resource name as returned in the `name` attribute in the configuration API., badRequest

Error: Error applying IAM policy for service account 'projects/jenkins-x-299000/serviceAccounts/tf-jx-singular-katydid-vt@jenkins-x-299000.iam.gserviceaccount.com': Error setting IAM policy for service account 'projects/jenkins-x-299000/serviceAccounts/tf-jx-singular-katydid-vt@jenkins-x-299000.iam.gserviceaccount.com': googleapi: Error 400: Identity Pool does not exist (jenkins-x-299000.svc.id.goog). Please check that you specified a valid resource name as returned in the `name` attribute in the configuration API., badRequest

What is making me more intrigued is that he is creating the policies:

I'm using
terraform 0.13.0
And version 3 of the jenkins-x installer
Project ID:jenkins-x-299000

I have already revisited the settings several times and I am not able to identify where I am going wrong, can they help me?

[markrity]

This issue is old , but I have solved it by switching to terraform version 0.14.9, had exactly the same issue.

But you should perform a destroy , with first version you tried, I also deleted .terraform and tf state files before applying after a tf version switch.

[luctrate]

For me it worked, just to run terraform plan and terraform apply a second time, as i am using terraform cloud and could not switch to another version.