Skip to content

Commit

Permalink
[Pod Identity Associations] Don't allow --create-service-account fl…
Browse files Browse the repository at this point in the history
…ag when `--config-file` is set (#7789)

don't allow --create-service-account flag when --config-file is set
  • Loading branch information
TiberiuGC authored May 29, 2024
1 parent 586f9d1 commit 5271ed1
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 0 deletions.
1 change: 1 addition & 0 deletions pkg/ctl/cmdutils/pod_identity_association.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ var (
"permission-boundary-arn",
"permission-policy-arn",
"well-known-policies",
"create-service-account",
}
)

Expand Down
4 changes: 4 additions & 0 deletions pkg/ctl/create/pod_identity_association_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,10 @@ var _ = Describe("create pod identity association", func() {
args: []string{"--service-account-name", "test-sa-name", "--config-file", configFile},
expectedErr: "cannot use --service-account-name when --config-file/-f is set",
}),
Entry("setting --create-service-account and --config-file at the same time", createPodIdentityAssociationEntry{
args: []string{"--create-service-account", "--config-file", configFile},
expectedErr: "cannot use --create-service-account when --config-file/-f is set",
}),
Entry("missing all --role-arn, --permission-policy-arns and --well-known-policies", createPodIdentityAssociationEntry{
args: defaultArgs,
expectedErr: "at least one of the following flags must be specified: --role-arn, --permission-policy-arns, --well-known-policies",
Expand Down

0 comments on commit 5271ed1

Please sign in to comment.