"Path to the file that contains the current private key of the service account token issuer. The issuer will sign issued ID tokens with this private key. (Ignored unless alpha TokenRequest is enabled")
returnnil,nil,nil,nil,nil,fmt.Errorf("the TokenRequest feature is not enabled but --service-account-signing-key-file and/or --service-account-issuer-id flags were passed")
returnnil,errors.NewBadRequest(fmt.Sprintf("cannot bind token to object of type %s",gvk.String()))
}
ifref.UID!=""&&uid!=ref.UID{
returnnil,errors.NewConflict(schema.GroupResource{Group:gvk.Group,Resource:gvk.Kind},ref.Name,fmt.Errorf("the UID in the bound object reference (%s) does not match the UID in record (%s). The object might have been deleted and then recreated",ref.UID,uid))