fix: set empty policy arn if create tekton role is set to false (#266)

Signed-off-by: ankitm123 <[email protected]>
jenkins-x · May 27, 2021 · 5a514ff · 5a514ff
1 parent 0bea394
commit 5a514ff
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/main.tf b/main.tf
@@ -147,6 +147,6 @@ module "nginx" {
   nginx_namespace        = var.nginx_namespace
   nginx_chart_version    = var.nginx_chart_version
   create_nginx_namespace = var.create_nginx_namespace
-  nginx_values_file            = var.nginx_values_file
+  nginx_values_file      = var.nginx_values_file
 
 }
diff --git a/modules/cluster/irsa.tf b/modules/cluster/irsa.tf
@@ -43,7 +43,7 @@ module "iam_assumable_role_tekton_bot" {
   create_role                   = var.create_tekton_role
   role_name                     = var.is_jx2 ? substr("tf-${var.cluster_name}-sa-role-tekton-bot-${local.generated_seed}", 0, 60) : "${local.cluster_trunc}-tekton-bot"
   provider_url                  = local.oidc_provider_url
-  role_policy_arns              = concat([aws_iam_policy.tekton-bot[0].arn], var.additional_tekton_role_policy_arns)
+  role_policy_arns              = var.create_tekton_role ? concat([aws_iam_policy.tekton-bot[0].arn], var.additional_tekton_role_policy_arns) : [""]
   oidc_fully_qualified_subjects = ["system:serviceaccount:${local.jenkins-x-namespace}:tekton-bot"]
 }
 resource "kubernetes_service_account" "tekton-bot" {