From 8dc07c0435305b7036cdf80ed21960a88ba8d60d Mon Sep 17 00:00:00 2001
From: Tibi <110664232+TiberiuGC@users.noreply.github.com>
Date: Wed, 29 May 2024 18:48:12 +0300
Subject: [PATCH] don't allow --create-service-account flag when --config-file
 is set

---
 pkg/ctl/cmdutils/pod_identity_association.go    | 1 +
 pkg/ctl/create/pod_identity_association_test.go | 4 ++++
 2 files changed, 5 insertions(+)

diff --git a/pkg/ctl/cmdutils/pod_identity_association.go b/pkg/ctl/cmdutils/pod_identity_association.go
index ef4a9d0d41..4df52700cb 100644
--- a/pkg/ctl/cmdutils/pod_identity_association.go
+++ b/pkg/ctl/cmdutils/pod_identity_association.go
@@ -19,6 +19,7 @@ var (
 		"permission-boundary-arn",
 		"permission-policy-arn",
 		"well-known-policies",
+		"create-service-account",
 	}
 )
 
diff --git a/pkg/ctl/create/pod_identity_association_test.go b/pkg/ctl/create/pod_identity_association_test.go
index 9c0e4d0d5f..49a488a569 100644
--- a/pkg/ctl/create/pod_identity_association_test.go
+++ b/pkg/ctl/create/pod_identity_association_test.go
@@ -49,6 +49,10 @@ var _ = Describe("create pod identity association", func() {
 			args:        []string{"--service-account-name", "test-sa-name", "--config-file", configFile},
 			expectedErr: "cannot use --service-account-name when --config-file/-f is set",
 		}),
+		Entry("setting --create-service-account and --config-file at the same time", createPodIdentityAssociationEntry{
+			args:        []string{"--create-service-account", "--config-file", configFile},
+			expectedErr: "cannot use --create-service-account when --config-file/-f is set",
+		}),
 		Entry("missing all --role-arn, --permission-policy-arns and --well-known-policies", createPodIdentityAssociationEntry{
 			args:        defaultArgs,
 			expectedErr: "at least one of the following flags must be specified: --role-arn, --permission-policy-arns, --well-known-policies",