Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Workload Identity: Add workload-identity-api service #50859

Merged
merged 11 commits into from
Jan 17, 2025
Prev Previous commit
Next Next commit
Fix CLI flags
  • Loading branch information
strideynet committed Jan 17, 2025
commit 1db7675d73330ed33248cdf8b0b8d60cbf00ed62
6 changes: 3 additions & 3 deletions lib/tbot/cli/start_workload_identity_api.go
Original file line number Diff line number Diff line change
Expand Up @@ -85,20 +85,20 @@ func (c *WorkloadIdentityAPICommand) ApplyConfig(cfg *config.BotConfig, l *slog.

switch {
case c.NameSelector != "" && c.LabelSelector != "":
return trace.BadParameter("workload-identity-name and workload-identity-labels flags are mutually exclusive")
return trace.BadParameter("name-selector and label-selector flags are mutually exclusive")
case c.NameSelector != "":
svc.Selector.Name = c.NameSelector
case c.LabelSelector != "":
labels, err := client.ParseLabelSpec(c.LabelSelector)
if err != nil {
return trace.Wrap(err, "parsing --workload-identity-labels")
return trace.Wrap(err, "parsing label-selector")
}
svc.Selector.Labels = map[string][]string{}
for k, v := range labels {
svc.Selector.Labels[k] = []string{v}
}
default:
return trace.BadParameter("workload-identity-name or workload-identity-labels must be specified")
return trace.BadParameter("name-selector and label-selector must be specified")
}

cfg.Services = append(cfg.Services, svc)
Expand Down
6 changes: 3 additions & 3 deletions lib/tbot/cli/start_workload_identity_x509.go
Original file line number Diff line number Diff line change
Expand Up @@ -89,20 +89,20 @@ func (c *WorkloadIdentityX509Command) ApplyConfig(cfg *config.BotConfig, l *slog

switch {
case c.NameSelector != "" && c.LabelSelector != "":
return trace.BadParameter("workload-identity-name and workload-identity-labels flags are mutually exclusive")
return trace.BadParameter("name-selector and label-selector flags are mutually exclusive")
case c.NameSelector != "":
svc.Selector.Name = c.NameSelector
case c.LabelSelector != "":
labels, err := client.ParseLabelSpec(c.LabelSelector)
if err != nil {
return trace.Wrap(err, "parsing --workload-identity-labels")
return trace.Wrap(err, "parsing --label-selector")
}
svc.Selector.Labels = map[string][]string{}
for k, v := range labels {
svc.Selector.Labels[k] = []string{v}
}
default:
return trace.BadParameter("workload-identity-name or workload-identity-labels must be specified")
return trace.BadParameter("name-selector or label-selector must be specified")
}

cfg.Services = append(cfg.Services, svc)
Expand Down
Loading