Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix bug where AWS IAM roles could be created for a particular workload even when disabled for that particular workload #549

Merged
merged 1 commit into from
Jan 22, 2025
Merged

Fix bug where AWS IAM roles could be created for a particular workload even when disabled for that particular workload #549

merged 1 commit into from
Jan 22, 2025

Conversation

amitlicht
Copy link
Contributor

@amitlicht amitlicht commented Jan 21, 2025
edited
Loading

Description

This PR fixes an issue with the AWS IAM integration, where pods labeled with credentials-operator.otterize.com/create-aws-role were assigned an Otterize-generated IAM role, ignoring the label value. Meaning that if a pod was labeled with credentials-operator.otterize.com/create-aws-role=false, the integration would still create and assign an IAM role for it, possibly overriding any other user-managed role assigned to it.

References

otterize/credentials-operator#178
#549

Testing

Describe how this can be tested by reviewers. Be specific about anything not tested and reasons why. If this library has unit and/or integration testing, tests should be added for new functionality and existing tests should complete without errors.

Please include any manual steps for testing end-to-end or functionality not covered by unit/integration tests.

Also include details of the environment this PR was developed in (language/platform/browser version).

  • This change adds test coverage for new/changed/fixed functionality

Checklist

  • I have added documentation for new/changed functionality in this PR and in github.com/otterize/docs

@amitlicht
Fix bug where the AWS IAM integration would create an IAM role for po…
b920969 
…ds labeled with 'credentials-operator.otterize.com/create-aws-role=false'
@amitlicht amitlicht mentioned this pull request Jan 21, 2025
Merged
2 tasks
@amitlicht amitlicht changed the title Fix AWS IAM integration creating an IAM role for pods labeled with 'credentials-operator.otterize.com/create-aws-role=false' Fix bug where AWS IAM roles could be created when they should not have been Jan 21, 2025
@amitlicht amitlicht requested a review from omris94 January 21, 2025 18:46
@orishoshan orishoshan changed the title Fix bug where AWS IAM roles could be created when they should not have been Fix bug where AWS IAM roles could be created for a particular workload even when disabled for that particular workload Jan 21, 2025
@amitlicht amitlicht merged commit 56ba685 into main Jan 22, 2025
20 checks passed
@amitlicht amitlicht deleted the amitlicht/check_apply_on_pod_label_value branch January 22, 2025 08:22
@github-actions github-actions bot locked and limited conversation to collaborators Jan 22, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@omris94 omris94 omris94 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@amitlicht @omris94