add workload identity support

[aliotta]

Description

Adds support for workload identity via a option desired workload identity param.

#23877

🎟 Issue(s)

🧪 Functional Testing

📸 Screenshots

On create no errors:

On update of a non-workload identity param no errors:

On update of a workload identity param no errors:

UI on create:

UI on update:

Generated .tf from import script:

Updating the workload identity:

Results of update in ui:

📋 Checklist

• Added/updated applicable tests
• Added/updated examples in the examples/ directory
• Updated any related documentation

[ichung08]

change looks good overall, can you also test importing a deployment without workload identity and updating that?

[aliotta]

change looks good overall, can you also test importing a deployment without workload identity and updating that?

good call I did need to make changes to the import script. One thing to note though is that deployments will always have a workload identity as if one is not sent the backend makes one for you.

[yfried]

thank you for this much needed feature.
Small question: why desired_workload_identity instead of simply workload_identity?

[aliotta]

thank you for this much needed feature. Small question: why desired_workload_identity instead of simply workload_identity?

From the ticket I worked off of:

We need to support deployment workload identity in terraform however due to how we have workload identities in astro
terraform doesnt like the uncertain nature of the values
for eg. if we have workload_identity as optional and we set it as null, we create a deployment then the workload_identity is auto generated but in terraform we have it as null so terraform errors out

[chobberoni]

closes #189