Skip to content

Commit

Permalink
Use a list instead of a map for the value of the "assume_role_with_we…
Browse files Browse the repository at this point in the history
…b_identity" config key

Signed-off-by: Alper Rifat Ulucinar <[email protected]>
(cherry picked from commit 396bcc2)
  • Loading branch information
ulucinar authored and github-actions[bot] committed Jan 3, 2024
1 parent 8f8e547 commit 36d7f76
Showing 1 changed file with 10 additions and 4 deletions.
14 changes: 10 additions & 4 deletions internal/clients/aws.go
Original file line number Diff line number Diff line change
Expand Up @@ -130,23 +130,29 @@ func pushDownTerraformSetupBuilder(ctx context.Context, c client.Client, pc *v1b
if pc.Spec.Credentials.WebIdentity == nil {
return errors.New(`spec.credentials.webIdentity of ProviderConfig cannot be nil when the credential source is "WebIdentity"`)
}
ps.Configuration[keyAssumeRoleWithWebIdentity] = map[string]any{
webIdentityConfig := map[string]any{
keyRoleArn: aws.ToString(pc.Spec.Credentials.WebIdentity.RoleARN),
keyWebIdentityTokenFile: os.Getenv(envWebIdentityTokenFile),
}
if pc.Spec.Credentials.WebIdentity.RoleSessionName != "" {
ps.Configuration[keySessionName] = pc.Spec.Credentials.WebIdentity.RoleSessionName
webIdentityConfig[keySessionName] = pc.Spec.Credentials.WebIdentity.RoleSessionName
}
ps.Configuration[keyAssumeRoleWithWebIdentity] = []any{
webIdentityConfig,
}
case authKeyUpbound:
if pc.Spec.Credentials.Upbound == nil || pc.Spec.Credentials.Upbound.WebIdentity == nil {
return errors.New(`spec.credentials.upbound.webIdentity of ProviderConfig cannot be nil when the credential source is "Upbound"`)
}
ps.Configuration[keyAssumeRoleWithWebIdentity] = map[string]any{
webIdentityConfig := map[string]any{
keyRoleArn: aws.ToString(pc.Spec.Credentials.Upbound.WebIdentity.RoleARN),
keyWebIdentityTokenFile: upboundProviderIdentityTokenFile,
}
if pc.Spec.Credentials.Upbound.WebIdentity.RoleSessionName != "" {
ps.Configuration[keySessionName] = pc.Spec.Credentials.Upbound.WebIdentity.RoleSessionName
webIdentityConfig[keySessionName] = pc.Spec.Credentials.Upbound.WebIdentity.RoleSessionName
}
ps.Configuration[keyAssumeRoleWithWebIdentity] = []any{
webIdentityConfig,
}
case authKeySecret:
data, err := resource.CommonCredentialExtractor(ctx, s, c, pc.Spec.Credentials.CommonCredentialSelectors)
Expand Down

0 comments on commit 36d7f76

Please sign in to comment.