mirrors/external-secrets
1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Code Activity

Merge pull request #954 from goto-opensource/fix/vault-error-message-store-validation-k8s-sa

Browse source 
fix: error message for Vault store validation of `Auth.Jwt.KubernetesServiceAccountToken`
This commit is contained in:
paul-the-alien[bot] 2022-04-06 13:06:08 +00:00 committed by GitHub
commit d2d9cd7c41
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
pkg/provider/vault/vault.go
View file

@ -96,6 +96,7 @@ const (
errInvalidClientCert = "invalid Auth.Cert.ClientCert: %w"
errInvalidCertSec = "invalid Auth.Cert.SecretRef: %w"
errInvalidJwtSec = "invalid Auth.Jwt.SecretRef: %w"
errInvalidJwtK8sSA = "invalid Auth.Jwt.KubernetesServiceAccountToken.ServiceAccountRef: %w"
errInvalidKubeSA = "invalid Auth.Kubernetes.ServiceAccountRef: %w"
errInvalidKubeSec = "invalid Auth.Kubernetes.SecretRef: %w"
errInvalidLdapSec = "invalid Auth.Ldap.SecretRef: %w"
@ -231,7 +232,7 @@ func (c *connector) ValidateStore(store esv1beta1.GenericStore) error {
}
} else if p.Auth.Jwt.KubernetesServiceAccountToken != nil {
if err := utils.ValidateServiceAccountSelector(store, p.Auth.Jwt.KubernetesServiceAccountToken.ServiceAccountRef); err != nil {
return fmt.Errorf(errInvalidJwtSec, err)
return fmt.Errorf(errInvalidJwtK8sSA, err)
}
} else {
return fmt.Errorf(errJwtNoTokenSource)