Fix tests to use dedicated bootstrapped service accounts instead of one shared account

[roaks3]

Fixes hashicorp/terraform-provider-google#16247

Previously, one shared service account was bootstrapped and reused for at least 2 of these tests. During the bootstrap, which is called on every VCR run, the policy on the service account was designed to be overwritten (to control for drift). However, overwriting the policy is a read-modify-write operation that cannot be done concurrently. This creates a race condition when the bootstrap functions are run at the same time, which seems to be more common in the VCR case.

The solution chosen here is to create a separate service account per-test. Service accounts are cheap, there are only 5 such uses for them so far, and this allows us to enforce the policy on every run the way we do now. Since the accounts are isolated per-test, they can still be bootstrapped ahead of time, while not running into concurrency issues.

Release Note Template for Downstream PRs (will be copied)

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 4 files changed, 15 insertions(+), 8 deletions(-))
google-beta provider: Diff ( 4 files changed, 15 insertions(+), 8 deletions(-))

[modular-magician]

Tests analytics

Total tests: 2811
Passed tests: 2452
Skipped tests: 356
Affected tests: 3

Click here to see the affected service packages

all service packages are affected

Action taken

Found 3 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

TestAccDataSourceGoogleServiceAccountAccessToken_basic|TestAccDataSourceGoogleServiceAccountIdToken_impersonation|TestAccSqlUser_postgresIAM

Get to know how VCR tests work

[modular-magician]

$\textcolor{red}{\textsf{Tests failed during RECORDING mode:}}$
TestAccDataSourceGoogleServiceAccountAccessToken_basic[Error message] [Debug log]
TestAccDataSourceGoogleServiceAccountIdToken_impersonation[Error message] [Debug log]
TestAccSqlUser_postgresIAM[Error message] [Debug log]

$\textcolor{red}{\textsf{Please fix these to complete your PR.}}$
View the build log or the debug log for each test

[roaks3]

/gcbrun

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 4 files changed, 15 insertions(+), 8 deletions(-))
google-beta provider: Diff ( 4 files changed, 15 insertions(+), 8 deletions(-))

[modular-magician]

Tests analytics

Total tests: 3570
Passed tests: 3197
Skipped tests: 369
Affected tests: 4

Click here to see the affected service packages

all service packages are affected

Action taken

Found 4 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

TestAccDataSourceGoogleServiceAccountAccessToken_basic|TestAccDataSourceGoogleServiceAccountIdToken_impersonation|TestAccHealthcareDatasetIamPolicy|TestAccSqlUser_postgresIAM

Get to know how VCR tests work

[modular-magician]

$\textcolor{green}{\textsf{Tests passed during RECORDING mode:}}$
TestAccHealthcareDatasetIamPolicy[Debug log]

$\textcolor{green}{\textsf{No issues found for passed tests after REPLAYING rerun.}}$

---

$\textcolor{red}{\textsf{Tests failed during RECORDING mode:}}$
TestAccDataSourceGoogleServiceAccountAccessToken_basic[Error message] [Debug log]
TestAccDataSourceGoogleServiceAccountIdToken_impersonation[Error message] [Debug log]
TestAccSqlUser_postgresIAM[Error message] [Debug log]

$\textcolor{red}{\textsf{Please fix these to complete your PR.}}$
View the build log or the debug log for each test

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 4 files changed, 15 insertions(+), 8 deletions(-))
google-beta provider: Diff ( 4 files changed, 15 insertions(+), 8 deletions(-))

[modular-magician]

Tests analytics

Total tests: 3570
Passed tests: 3199
Skipped tests: 369
Affected tests: 2

Click here to see the affected service packages

all service packages are affected

Action taken

Found 2 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

TestAccDataSourceGoogleServiceAccountAccessToken_basic|TestAccSqlUser_postgresIAM

Get to know how VCR tests work

[modular-magician]

$\textcolor{green}{\textsf{Tests passed during RECORDING mode:}}$
TestAccDataSourceGoogleServiceAccountAccessToken_basic[Debug log]

$\textcolor{green}{\textsf{No issues found for passed tests after REPLAYING rerun.}}$

---

$\textcolor{red}{\textsf{Tests failed during RECORDING mode:}}$
TestAccSqlUser_postgresIAM[Error message] [Debug log]

$\textcolor{red}{\textsf{Please fix these to complete your PR.}}$
View the build log or the debug log for each test