Add cli arg --with-service-account

Signed-off-by: Stefan Bickel <stefan.bickel@cornelsen.de>
2026-02-06 10:55:56 +00:00 · 2025-06-11 16:25:19 +02:00
parent 7626cd0c86
commit 9f29702f54
1 changed files with 12 additions and 2 deletions
--- a/cmd/flux/create_tenant.go
+++ b/cmd/flux/create_tenant.go
@@ -59,6 +59,7 @@ const (
 type tenantFlags struct {
 	namespaces  []string
 	clusterRole string
+	account     string
 }

 var tenantArgs tenantFlags
@@ -66,6 +67,7 @@ var tenantArgs tenantFlags
 func init() {
 	createTenantCmd.Flags().StringSliceVar(&tenantArgs.namespaces, "with-namespace", nil, "namespace belonging to this tenant")
 	createTenantCmd.Flags().StringVar(&tenantArgs.clusterRole, "cluster-role", "cluster-admin", "cluster role of the tenant role binding")
+	createTenantCmd.Flags().StringVar(&tenantArgs.account, "with-service-account", "", "service account belonging to this tenant")
 	createCmd.AddCommand(createTenantCmd)
 }

@@ -107,9 +109,17 @@ func createTenantCmdRun(cmd *cobra.Command, args []string) error {
 		}
 		namespaces = append(namespaces, namespace)

+		accountName := tenant
+		if tenantArgs.account != "" {
+			accountName = tenantArgs.account
+		}
+		if err := validation.IsQualifiedName(accountName); len(err) > 0 {
+			return fmt.Errorf("invalid service-account name '%s': %v", accountName, err)
+		}
+
 		account := corev1.ServiceAccount{
 			ObjectMeta: metav1.ObjectMeta{
-				Name:      tenant,
+				Name:      accountName,
 				Namespace: ns,
 				Labels:    objLabels,
 			},
@@ -131,7 +141,7 @@ func createTenantCmdRun(cmd *cobra.Command, args []string) error {
 				},
 				{
 					Kind:      "ServiceAccount",
-					Name:      tenant,
+					Name:      accountName,
 					Namespace: ns,
 				},
 			},