From dc80035960d8fc7c9d1166431c142a07288f0fc3 Mon Sep 17 00:00:00 2001 From: ranrubin Date: Wed, 10 Mar 2021 09:24:51 +0200 Subject: [PATCH] added support for service account annotations Signed-off-by: ranrubin --- .../templates/argo-events-cluster-roles.yaml | 4 ++-- charts/argo-events/templates/argo-events-roles.yaml | 4 ++-- charts/argo-events/templates/argo-events-sa.yaml | 13 +++++++++++-- .../templates/eventbus-controller-deployment.yaml | 2 +- .../eventsource-controller-deployment.yaml | 2 +- .../templates/sensor-controller-deployment.yaml | 2 +- charts/argo-events/values.yaml | 5 ++++- 7 files changed, 22 insertions(+), 10 deletions(-) diff --git a/charts/argo-events/templates/argo-events-cluster-roles.yaml b/charts/argo-events/templates/argo-events-cluster-roles.yaml index 16f55e46..55e8223b 100644 --- a/charts/argo-events/templates/argo-events-cluster-roles.yaml +++ b/charts/argo-events/templates/argo-events-cluster-roles.yaml @@ -10,10 +10,10 @@ roleRef: name: argo-events-role subjects: - kind: ServiceAccount - name: {{ .Values.serviceAccount }} + name: {{ .Values.serviceAccount.name }} namespace: {{ .Release.Namespace }} {{- if .Values.additionalSaNamespaces }} - {{ $sa := .Values.serviceAccount }} + {{ $sa := .Values.serviceAccount.name }} {{- range $namespace := .Values.additionalSaNamespaces }} - kind: ServiceAccount name: {{ $sa }} diff --git a/charts/argo-events/templates/argo-events-roles.yaml b/charts/argo-events/templates/argo-events-roles.yaml index d6de39d2..cb392be5 100644 --- a/charts/argo-events/templates/argo-events-roles.yaml +++ b/charts/argo-events/templates/argo-events-roles.yaml @@ -11,10 +11,10 @@ roleRef: name: argo-events-role subjects: - kind: ServiceAccount - name: {{ .Values.serviceAccount }} + name: {{ .Values.serviceAccount.name }} namespace: {{ .Release.Namespace }} {{- if .Values.additionalSaNamespaces }} - {{ $sa := .Values.serviceAccount }} + {{ $sa := .Values.serviceAccount.name }} {{- range $namespace := .Values.additionalSaNamespaces }} - kind: ServiceAccount name: {{ $sa }} diff --git a/charts/argo-events/templates/argo-events-sa.yaml b/charts/argo-events/templates/argo-events-sa.yaml index f13b8a1d..3f974cd1 100644 --- a/charts/argo-events/templates/argo-events-sa.yaml +++ b/charts/argo-events/templates/argo-events-sa.yaml @@ -3,15 +3,24 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: {{ .Values.serviceAccount }} + name: {{ .Values.serviceAccount.name }} namespace: {{ .Release.Namespace }} +{{- with .Values.serviceAccount.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} {{- if .Values.additionalSaNamespaces }} -{{ $sa := .Values.serviceAccount }} +{{ $sa := .Values.serviceAccount.name }} +{{ $annotations := .Values.serviceAccount.annotations }} {{- range $namespace := .Values.additionalSaNamespaces }} --- apiVersion: v1 kind: ServiceAccount metadata: +{{- with $annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} name: {{ $sa }} namespace: {{ $namespace }} {{- end }} diff --git a/charts/argo-events/templates/eventbus-controller-deployment.yaml b/charts/argo-events/templates/eventbus-controller-deployment.yaml index dd734a88..aa4f26ca 100644 --- a/charts/argo-events/templates/eventbus-controller-deployment.yaml +++ b/charts/argo-events/templates/eventbus-controller-deployment.yaml @@ -19,7 +19,7 @@ spec: app: {{ .Release.Name }}-{{ .Values.eventbusController.name }} release: {{ .Release.Name }} spec: - serviceAccountName: {{ .Values.serviceAccount }} + serviceAccountName: {{ .Values.serviceAccount.name }} containers: - name: {{ .Values.eventbusController.name }} image: "{{ .Values.registry }}/{{ .Values.eventbusController.image }}:{{ .Values.eventbusController.tag }}" diff --git a/charts/argo-events/templates/eventsource-controller-deployment.yaml b/charts/argo-events/templates/eventsource-controller-deployment.yaml index 95e7e83a..07b71658 100644 --- a/charts/argo-events/templates/eventsource-controller-deployment.yaml +++ b/charts/argo-events/templates/eventsource-controller-deployment.yaml @@ -19,7 +19,7 @@ spec: app: {{ .Release.Name }}-{{ .Values.eventsourceController.name }} release: {{ .Release.Name }} spec: - serviceAccountName: {{ .Values.serviceAccount }} + serviceAccountName: {{ .Values.serviceAccount.name }} containers: - name: {{ .Values.eventsourceController.name }} image: "{{ .Values.registry }}/{{ .Values.eventsourceController.image }}:{{ .Values.eventsourceController.tag }}" diff --git a/charts/argo-events/templates/sensor-controller-deployment.yaml b/charts/argo-events/templates/sensor-controller-deployment.yaml index 214ee2bb..a2190dbc 100644 --- a/charts/argo-events/templates/sensor-controller-deployment.yaml +++ b/charts/argo-events/templates/sensor-controller-deployment.yaml @@ -19,7 +19,7 @@ spec: app: {{ .Release.Name }}-{{ .Values.sensorController.name }} release: {{ .Release.Name }} spec: - serviceAccountName: {{ .Values.serviceAccount }} + serviceAccountName: {{ .Values.serviceAccount.name }} containers: - name: {{ .Values.sensorController.name }} image: "{{ .Values.registry }}/{{ .Values.sensorController.image }}:{{ .Values.sensorController.tag }}" diff --git a/charts/argo-events/values.yaml b/charts/argo-events/values.yaml index 05a8d634..89538941 100644 --- a/charts/argo-events/values.yaml +++ b/charts/argo-events/values.yaml @@ -12,7 +12,10 @@ imagePullSecrets: [] installCRD: true # ServiceAccount to use for running controller. -serviceAccount: argo-events-sa +serviceAccount: + name: argo-events-sa +# annotations: +# eks.amazonaws.com/role-arn: arn:aws:iam::123456789000:role/iam-role-name-here # Create service accounts in additional namespaces specified # The SA will always be created in the release namespaces