Add example of a Workload Identity Pool configuration for GitHub Actions

[b-r-o-c-k]

A security check was recently enabled in GCP which prevents insecure workload identity pools from being created for certain providers. This check requires an attribute_condition to specified when creating an OIDC provider for GitHub Actions. GCP documentation already explains how to configure a provider for GitHub Actions, but it would also be helpful to provide an example for Terraform users.

Release Note Template for Downstream PRs (will be copied)

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

[github-actions]

Hello! I am a robot. Tests will require approval from a repository maintainer to run.

@zli82016, a repository maintainer, has been assigned to review your changes. If you have not received review feedback within 2 business days, please leave a comment on this PR asking them to take a look.

You can help make sure that review is quick by doing a self-review and by running impacted tests locally.

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR hasn't generated any diffs, but I'll let you know if a future commit does.

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR hasn't generated any diffs, but I'll let you know if a future commit does.

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR hasn't generated any diffs, but I'll let you know if a future commit does.

[zli82016]

The new example needs to be added to https://github.com/GoogleCloudPlatform/magic-modules/blob/main/mmv1/products/iambeta/WorkloadIdentityPoolProvider.yaml#L51. Otherwise it cannot be added to Terraform.

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

Open in Cloud Shell: Diff ( 4 files changed, 127 insertions(+))

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 2 files changed, 92 insertions(+))
google-beta provider: Diff ( 2 files changed, 92 insertions(+))
Open in Cloud Shell: Diff ( 4 files changed, 127 insertions(+))

[modular-magician]

Tests analytics

Total tests: 19
Passed tests: 18
Skipped tests: 0
Affected tests: 1

Click here to see the affected service packages

• iambeta

Action taken

Found 1 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

• TestAccIAMBetaWorkloadIdentityPoolProvider_iamWorkloadIdentityPoolProviderGithubActionsExample

Get to know how VCR tests work

[modular-magician]

🟢 Tests passed during RECORDING mode:
TestAccIAMBetaWorkloadIdentityPoolProvider_iamWorkloadIdentityPoolProviderGithubActionsExample[Debug log]

🟢 No issues found for passed tests after REPLAYING rerun.

---

🟢 All tests passed!

View the build log or the debug log for each test

[zli82016]

LGTM