From aff03c1d0053198dcc86ca64cc11bdff67bf4312 Mon Sep 17 00:00:00 2001 From: jessebot Date: Sun, 26 Nov 2023 13:27:35 +0100 Subject: [PATCH] User global.serviceAccountName to populate ServiceAccount, ClusterRole, and ClusterRoleBinding --- k8s/charts/seaweedfs/Chart.yaml | 2 +- k8s/charts/seaweedfs/templates/service-account.yaml | 10 +++++----- k8s/charts/seaweedfs/values.yaml | 2 ++ 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/k8s/charts/seaweedfs/Chart.yaml b/k8s/charts/seaweedfs/Chart.yaml index b760fd5a9..fe25e136e 100644 --- a/k8s/charts/seaweedfs/Chart.yaml +++ b/k8s/charts/seaweedfs/Chart.yaml @@ -2,4 +2,4 @@ apiVersion: v1 description: SeaweedFS name: seaweedfs appVersion: "3.59" -version: 3.59.3 +version: 3.59.4 diff --git a/k8s/charts/seaweedfs/templates/service-account.yaml b/k8s/charts/seaweedfs/templates/service-account.yaml index a0ca3f004..56f18ac5b 100644 --- a/k8s/charts/seaweedfs/templates/service-account.yaml +++ b/k8s/charts/seaweedfs/templates/service-account.yaml @@ -4,7 +4,7 @@ kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: - name: seaweedfs-rw-cr + name: {{ .Values.global.serviceAccountName }}-rw-cr labels: app.kubernetes.io/name: {{ template "seaweedfs.name" . }} helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} @@ -18,7 +18,7 @@ rules: apiVersion: v1 kind: ServiceAccount metadata: - name: seaweedfs-rw-sa + name: {{ .Values.global.serviceAccountName }} namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: {{ template "seaweedfs.name" . }} @@ -29,7 +29,7 @@ metadata: kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: - name: system:serviceaccount:seaweedfs-rw-sa:default + name: system:serviceaccount:{{ .Values.global.serviceAccountName }}:default labels: app.kubernetes.io/name: {{ template "seaweedfs.name" . }} helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} @@ -37,10 +37,10 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} subjects: - kind: ServiceAccount - name: seaweedfs-rw-sa + name: {{ .Values.global.serviceAccountName }} namespace: {{ .Release.Namespace }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: seaweedfs-rw-cr + name: {{ .Values.global.serviceAccountName }}-rw-cr {{- end }} diff --git a/k8s/charts/seaweedfs/values.yaml b/k8s/charts/seaweedfs/values.yaml index 8ffc1acb2..7a2b04d64 100644 --- a/k8s/charts/seaweedfs/values.yaml +++ b/k8s/charts/seaweedfs/values.yaml @@ -16,6 +16,8 @@ global: volumeRead: false filerWrite: false filerRead: false + # we will use this serviceAccountName for all ClusterRoles/ClusterRoleBindings + serviceAccountName: "seaweedfs" certificates: alphacrds: false monitoring: