Update comments on UpdateWorkloadIdentity

gravitational · Dec 9, 2024 · 9fb2f88 · 9fb2f88
1 parent 7ff27ee
commit 9fb2f88
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 3 deletions.
diff --git a/lib/services/local/workload_identity.go b/lib/services/local/workload_identity.go
@@ -106,7 +106,10 @@ func (b *WorkloadIdentityService) UpsertWorkloadIdentity(
 	return upserted, trace.Wrap(err)
 }
 
-// UpdateWorkloadIdentity updates a specific WorkloadIdentity.
+// UpdateWorkloadIdentity updates a specific WorkloadIdentity. The resource must
+// already exist, and, condition update semantics are used - e.g the submitted
+// resource must have a revision matching the revision of the resource in the
+// backend.
 func (b *WorkloadIdentityService) UpdateWorkloadIdentity(
 	ctx context.Context, resource *workloadidentityv1pb.WorkloadIdentity,
 ) (*workloadidentityv1pb.WorkloadIdentity, error) {

diff --git a/lib/services/workload_identity.go b/lib/services/workload_identity.go
@@ -45,8 +45,10 @@ type WorkloadIdentities interface {
 	) (*workloadidentityv1pb.WorkloadIdentity, error)
 	// DeleteWorkloadIdentity deletes a SPIFFE Federation by name.
 	DeleteWorkloadIdentity(ctx context.Context, name string) error
-	// UpdateWorkloadIdentity updates a WorkloadIdentity. It will not act if the
-	// resource is not found or where the revision does not match.
+	// UpdateWorkloadIdentity updates a specific WorkloadIdentity. The resource must
+	// already exist, and, condition update semantics are used - e.g the submitted
+	// resource must have a revision matching the revision of the resource in the
+	// backend.
 	UpdateWorkloadIdentity(
 		ctx context.Context, workloadIdentity *workloadidentityv1pb.WorkloadIdentity,
 	) (*workloadidentityv1pb.WorkloadIdentity, error)