From d107f164042474d586b67d4e583d0308fa02e079 Mon Sep 17 00:00:00 2001
From: David Collom <david.collom@jetstack.io>
Date: Wed, 16 Mar 2022 13:02:29 +0000
Subject: [PATCH 1/2] Implement WorkloadIdentity/InjectedIdentity Support

Signed-off-by: David Collom <david.collom@jetstack.io>
Signed-off-by: David Collom <david@collom.co.uk>
---
 Makefile                |  2 +-
 internal/clients/gcp.go | 23 +++++++++++++++--------
 2 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/Makefile b/Makefile
index 11d6b66e..0b681eaa 100644
--- a/Makefile
+++ b/Makefile
@@ -125,4 +125,4 @@ crossplane.help:
 
 help-special: crossplane.help
 
-.PHONY: crossplane.help help-special
\ No newline at end of file
+.PHONY: crossplane.help help-special
diff --git a/internal/clients/gcp.go b/internal/clients/gcp.go
index 19199c69..6de78683 100644
--- a/internal/clients/gcp.go
+++ b/internal/clients/gcp.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"fmt"
 
+	xpv1 "github.com/crossplane/crossplane-runtime/apis/common/v1"
 	"github.com/crossplane/crossplane-runtime/pkg/resource"
 	"github.com/crossplane/terrajet/pkg/terraform"
 	"github.com/pkg/errors"
@@ -55,18 +56,24 @@ func TerraformSetupBuilder(version, providerSource, providerVersion string) terr
 			return ps, errors.Wrap(err, errTrackUsage)
 		}
 
-		data, err := resource.CommonCredentialExtractor(ctx, pc.Spec.Credentials.Source, client, pc.Spec.Credentials.CommonCredentialSelectors)
-		if err != nil {
-			return ps, errors.Wrap(err, errExtractCredentials)
-		}
-
 		// set provider configuration
 		ps.Configuration = map[string]interface{}{
 			keyProject: pc.Spec.ProjectID,
 		}
-		// set environment variables for sensitive provider configuration
-		ps.Env = []string{
-			fmt.Sprintf(fmtEnvVar, envCredentials, string(data)),
+
+		switch s := pc.Spec.Credentials.Source; s { //nolint:exhaustive
+		case xpv1.CredentialsSourceInjectedIdentity:
+			// We don't need to do anything here, as the TF Provider will take care of workloadIdentity etc.
+		default:
+			data, err := resource.CommonCredentialExtractor(ctx, pc.Spec.Credentials.Source, client, pc.Spec.Credentials.CommonCredentialSelectors)
+			if err != nil {
+				return ps, errors.Wrap(err, errExtractCredentials)
+			}
+
+			// set environment variables for sensitive provider configuration
+			ps.Env = []string{
+				fmt.Sprintf(fmtEnvVar, envCredentials, string(data)),
+			}
 		}
 		return ps, nil
 	}

From bdff9d0cd7f56eb6f70bc5e9bf8f94d7143a77d2 Mon Sep 17 00:00:00 2001
From: David Collom <david@collom.co.uk>
Date: Fri, 18 Mar 2022 19:32:50 +0000
Subject: [PATCH 2/2] Update internal/clients/gcp.go

Co-authored-by: Alper Rifat Ulucinar <ulucinar@users.noreply.github.com>
Signed-off-by: David Collom <david@collom.co.uk>
---
 Makefile                | 2 +-
 internal/clients/gcp.go | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Makefile b/Makefile
index 0b681eaa..11d6b66e 100644
--- a/Makefile
+++ b/Makefile
@@ -125,4 +125,4 @@ crossplane.help:
 
 help-special: crossplane.help
 
-.PHONY: crossplane.help help-special
+.PHONY: crossplane.help help-special
\ No newline at end of file
diff --git a/internal/clients/gcp.go b/internal/clients/gcp.go
index 6de78683..33413c72 100644
--- a/internal/clients/gcp.go
+++ b/internal/clients/gcp.go
@@ -61,7 +61,7 @@ func TerraformSetupBuilder(version, providerSource, providerVersion string) terr
 			keyProject: pc.Spec.ProjectID,
 		}
 
-		switch s := pc.Spec.Credentials.Source; s { //nolint:exhaustive
+		switch pc.Spec.Credentials.Source { //nolint:exhaustive
 		case xpv1.CredentialsSourceInjectedIdentity:
 			// We don't need to do anything here, as the TF Provider will take care of workloadIdentity etc.
 		default: