adding needed flags to impersonate

[45cali]

this pull request provides the needed flags to impersonate when using the get, upsert and remove commands

• --as
• --as-user

 go run main.go upsert -h
upsert updates or inserts a user or role to the aws-auth configmap

Usage:
  aws-auth upsert [flags]

Flags:
      --append                    append to a existing group list
      --as string                 Username to impersonate for the operation
      --as-group strings          Group to impersonate for the operation, this flag can be repeated to specify multiple groups
      --groups strings            Groups to upsert
  -h, --help                      help for upsert
      --kubeconfig string         Path to kubeconfig
      --maproles                  Upsert a role
      --mapusers                  Upsert a user
      --retry                     Retry on failure with exponential backoff
      --retry-max-count int       Maximum number of retries before giving up (default 12)
      --retry-max-time duration   Maximum wait interval (default 30s)
      --retry-min-time duration   Minimum wait interval (default 200ms)
      --rolearn string            Role ARN to upsert
      --update-username           set to false to not overwite username (default true)
      --userarn string            User ARN to upsert
      --username string           Username to upsert

[codecov]

Codecov Report

Merging #49 (8f1b0ef) into master (4c9d160) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master      #49   +/-   ##
=======================================
  Coverage   86.00%   86.00%           
=======================================
  Files           5        5           
  Lines         343      343           
=======================================
  Hits          295      295           
  Misses         25       25           
  Partials       23       23           

Impacted Files	Coverage Δ
pkg/mapper/types.go	79.48% <ø> (ø)

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[eytan-avisror]

Wondering if these flags can be rootCmd flags and carry over to all commands as a result

[45cali]

I had them initially as root but then they show up in version -h if your fine with that more then happy to change it

[eytan-avisror]

Good point - thats fine, lets leave as is then

[eytan-avisror]

Will a comma separated list work in this case as well? if thats the case description can just say "List of groups to impersonate..."

[45cali]

i believe so ill write a test to validate. I pulled the wording directly from kubectl

[45cali]

@eytan-avisror actually not sure off hand how to write a test for this, there isnt anything in place in the tests where the cli is being called. this works though

 go run main.go upsert --as me --as-group "system:masters" --as-group "sudoers"  --maproles --rolearn arn:aws:iam::xxxxxxxxxxxxxxxx:role/test_team   --append --groups testing --username foo --update-username=false
role arn:aws:iam::xxxxxxxxxxxxxxxx:role/test_team has been updated

[eytan-avisror]

Can you elaborate more on the use-case for being able to impersonate in the case of modifying aws-auth?

[45cali]

this allows the ability to not have to hardcode --as and --as-group values in the kube config.

[eytan-avisror]

Thanks @45cali 👍
Added some comments

[eytan-avisror]

LGTM, you need to sign the commits to address the DCO