Create gcp service account

export PROJECT="pwittroc-k8s-1148"
# Create the service account
gcloud iam service-accounts create gcp-controller-sa
# Add the roles so the service account and create and get keys for other service accounts
gcloud projects add-iam-policy-binding $PROJECT --member serviceAccount:gcp-controller-sa@$PROJECT.iam.gserviceaccount.com --role roles/iam.serviceAccountKeyAdmin
gcloud projects add-iam-policy-binding $PROJECT --member serviceAccount:gcp-controller-sa@$PROJECT.iam.gserviceaccount.com --role roles/iam.serviceAccountAdmin

# Get the key for the service account and write to the file serviceaccount.json
gcloud iam service-accounts keys create serviceaccount-sa.json --iam-account=gcp-controller-sa@$PROJECT.iam.gserviceaccount.com

# Upload serviceacocunt.json as a secret in kubernetes
kubectl create secret generic gcp-secret-sa --from-file serviceaccount-sa.json

# Start the apiserver
kubectl apply -f config/apiserver.yaml

# Create a secret
kubectl create -f sample/gcpserviceaccount.yaml

# Log at the controller logs
kubectl logs $(kubectl get pods -o name) controller

# Look at the gcpserviceaccount
kubectl get gcpserviceaccounts -o yaml

# Look at the secret
kubectl get secret example-gcp-serviceaccount -o yaml

# Look at the secret contents of the secret
kubectl get secret example-gcp-serviceaccount -o go-template='{{.data}}' | sed  's/map\[serviceaccount.json://g' | sed 's/]//g' | base64 -D

echo ""