gke-terraform-initial-setup.sh

#!/bin/bash

export TF_VAR_billing_account=$(gcloud beta billing accounts list \
  --filter='displayName:"My Billing Account"' \
  --format='value(ACCOUNT_ID)')

export TF_ADMIN=${USER}-terraform-admin
export TF_CREDS=~/.gcp/${USER}-terraform-admin.json

gcloud projects create ${TF_ADMIN} \
 --name="Spinnaker demo" \
 --set-as-default

gcloud beta billing projects link ${TF_ADMIN} \
  --billing-account ${TF_VAR_billing_account}

SA_DISPLAY_NAME="Terraform admin account"

gcloud iam service-accounts create --display-name="${SA_DISPLAY_NAME}" \
  terraform

TERRAFORM_SA_EMAIL=$(gcloud iam service-accounts list \
    --filter="displayName:${SA_DISPLAY_NAME}" \
    --format='value(email)')

gcloud iam service-accounts keys create ${TF_CREDS} \
  --iam-account ${TERRAFORM_SA_EMAIL}


# TODO: change primitive role
gcloud projects add-iam-policy-binding ${TF_ADMIN} \
  --member serviceAccount:${TERRAFORM_SA_EMAIL} \
  --role "roles/owner"

gcloud services enable container.googleapis.com