added support for service account annotations

Signed-off-by: ranrubin <ranrubin@gmail.com>

charts/argo-events/templates/argo-events-cluster-roles.yaml

@@ -10,10 +10,10 @@ roleRef:
   name: argo-events-role
 subjects:
   - kind: ServiceAccount
-    name: {{ .Values.serviceAccount }}
+    name: {{ .Values.serviceAccount.name }}
     namespace: {{ .Release.Namespace }}
   {{- if .Values.additionalSaNamespaces }}
-  {{ $sa := .Values.serviceAccount }}
+  {{ $sa := .Values.serviceAccount.name }}
   {{- range $namespace := .Values.additionalSaNamespaces }}
   - kind: ServiceAccount
     name: {{ $sa }}

charts/argo-events/templates/argo-events-roles.yaml

@@ -11,10 +11,10 @@ roleRef:
   name: argo-events-role
 subjects:
   - kind: ServiceAccount
-    name: {{ .Values.serviceAccount }}
+    name: {{ .Values.serviceAccount.name }}
     namespace: {{ .Release.Namespace }}
   {{- if .Values.additionalSaNamespaces }}
-  {{ $sa := .Values.serviceAccount }}
+  {{ $sa := .Values.serviceAccount.name }}
   {{- range $namespace := .Values.additionalSaNamespaces }}
   - kind: ServiceAccount
     name: {{ $sa }}

charts/argo-events/templates/argo-events-sa.yaml

@@ -3,15 +3,24 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: {{ .Values.serviceAccount }}
+  name: {{ .Values.serviceAccount.name }}
   namespace: {{ .Release.Namespace }}
+{{- with .Values.serviceAccount.annotations }}
+  annotations:
+{{ toYaml . | indent 4 }}
+{{- end }}
 {{- if .Values.additionalSaNamespaces }}
-{{ $sa := .Values.serviceAccount }}
+{{ $sa := .Values.serviceAccount.name }}
+{{ $annotations := .Values.serviceAccount.annotations  }}
 {{- range $namespace := .Values.additionalSaNamespaces }}
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
+{{- with $annotations }}
+  annotations:
+{{ toYaml . | indent 4 }}
+{{- end }}
   name: {{ $sa }}
   namespace: {{ $namespace }}
 {{- end }}

charts/argo-events/templates/eventbus-controller-deployment.yaml

@@ -19,7 +19,7 @@ spec:
         app: {{ .Release.Name }}-{{ .Values.eventbusController.name }}
         release: {{ .Release.Name }}
     spec:
-      serviceAccountName: {{ .Values.serviceAccount }}
+      serviceAccountName: {{ .Values.serviceAccount.name }}
       containers:
         - name: {{ .Values.eventbusController.name }}
           image: "{{ .Values.registry }}/{{ .Values.eventbusController.image }}:{{ .Values.eventbusController.tag }}"

charts/argo-events/templates/eventsource-controller-deployment.yaml

@@ -19,7 +19,7 @@ spec:
         app: {{ .Release.Name }}-{{ .Values.eventsourceController.name }}
         release: {{ .Release.Name }}
     spec:
-      serviceAccountName: {{ .Values.serviceAccount }}
+      serviceAccountName: {{ .Values.serviceAccount.name }}
       containers:
         - name: {{ .Values.eventsourceController.name }}
           image: "{{ .Values.registry }}/{{ .Values.eventsourceController.image }}:{{ .Values.eventsourceController.tag }}"

charts/argo-events/templates/sensor-controller-deployment.yaml

@@ -19,7 +19,7 @@ spec:
         app: {{ .Release.Name }}-{{ .Values.sensorController.name }}
         release: {{ .Release.Name }}
     spec:
-      serviceAccountName: {{ .Values.serviceAccount }}
+      serviceAccountName: {{ .Values.serviceAccount.name }}
       containers:
         - name: {{ .Values.sensorController.name }}
           image: "{{ .Values.registry }}/{{ .Values.sensorController.image }}:{{ .Values.sensorController.tag }}"

charts/argo-events/values.yaml

@@ -12,7 +12,10 @@ imagePullSecrets: []
 installCRD: true
 
 # ServiceAccount to use for running controller.
-serviceAccount: argo-events-sa
+serviceAccount:
+  name: argo-events-sa
+#  annotations:
+#    eks.amazonaws.com/role-arn: arn:aws:iam::123456789000:role/iam-role-name-here
 
 # Create service accounts in additional namespaces specified
 # The SA will always be created in the release namespaces