From a0706de78a4a39d6302649139a65cd809c429c23 Mon Sep 17 00:00:00 2001
From: Kyle Cogswell <kyle.cogswell@defence.redspace.com>
Date: Wed, 13 Nov 2024 15:27:16 -0400
Subject: [PATCH] feat: configurable automountServiceAccountToken

Signed-off-by: Kyle Cogswell <kcogswell26@gmail.com>
---
 charts/argo-rollouts/Chart.yaml                           | 6 +++---
 charts/argo-rollouts/README.md                            | 1 +
 charts/argo-rollouts/templates/controller/deployment.yaml | 1 +
 charts/argo-rollouts/templates/dashboard/deployment.yaml  | 1 +
 charts/argo-rollouts/values.yaml                          | 6 +++++-
 5 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/charts/argo-rollouts/Chart.yaml b/charts/argo-rollouts/Chart.yaml
index bd4cf96c0..cee3bfaca 100644
--- a/charts/argo-rollouts/Chart.yaml
+++ b/charts/argo-rollouts/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
 appVersion: v1.7.2
 description: A Helm chart for Argo Rollouts
 name: argo-rollouts
-version: 2.37.8
+version: 2.37.9
 home: https://github.com/argoproj/argo-helm
 icon: https://argoproj.github.io/argo-rollouts/assets/logo.png
 keywords:
@@ -18,5 +18,5 @@ annotations:
     fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
     url: https://argoproj.github.io/argo-helm/pgp_keys.asc
   artifacthub.io/changes: |
-    - kind: fixed
-      description: Fixed rendering of plugins in the ConfigMap
+    - kind: changed
+      description: Add configurable automountServiceAccountToken
diff --git a/charts/argo-rollouts/README.md b/charts/argo-rollouts/README.md
index 126a1dcd1..3fbf59a68 100644
--- a/charts/argo-rollouts/README.md
+++ b/charts/argo-rollouts/README.md
@@ -134,6 +134,7 @@ For full list of changes please check ArtifactHub [changelog].
 | podLabels | object | `{}` | Labels to be added to the Rollout pods |
 | podSecurityContext | object | `{"runAsNonRoot":true}` | Security Context to set on pod level |
 | serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
+| serviceAccount.automount | bool | `true` | Specifies wether a service account should be automounted |
 | serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
 | serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
 | serviceAnnotations | object | `{}` | Annotations to be added to the Rollout service |
diff --git a/charts/argo-rollouts/templates/controller/deployment.yaml b/charts/argo-rollouts/templates/controller/deployment.yaml
index df5dc4db3..5c9c15a29 100644
--- a/charts/argo-rollouts/templates/controller/deployment.yaml
+++ b/charts/argo-rollouts/templates/controller/deployment.yaml
@@ -44,6 +44,7 @@ spec:
         {{- toYaml . | nindent 8 }}
       {{- end }}
       serviceAccountName: {{ include "argo-rollouts.serviceAccountName" . }}
+      automountServiceAccountToken: {{ .Values.serviceAccount.automount }}
       containers:
       - image: "{{ .Values.controller.image.registry }}/{{ .Values.controller.image.repository }}:{{ default .Chart.AppVersion .Values.controller.image.tag }}"
         args:
diff --git a/charts/argo-rollouts/templates/dashboard/deployment.yaml b/charts/argo-rollouts/templates/dashboard/deployment.yaml
index ec0114ba7..67cc03b53 100644
--- a/charts/argo-rollouts/templates/dashboard/deployment.yaml
+++ b/charts/argo-rollouts/templates/dashboard/deployment.yaml
@@ -45,6 +45,7 @@ spec:
         {{- toYaml . | nindent 8 }}
       {{- end }}
       serviceAccountName: {{ include "argo-rollouts.serviceAccountName" . }}-dashboard
+      automountServiceAccountToken: {{ .Values.dashboard.serviceAccount.automount }}
       containers:
       - image: "{{ .Values.dashboard.image.registry }}/{{ .Values.dashboard.image.repository }}:{{ default .Chart.AppVersion .Values.dashboard.image.tag }}"
         imagePullPolicy: {{ .Values.dashboard.image.pullPolicy }}
diff --git a/charts/argo-rollouts/values.yaml b/charts/argo-rollouts/values.yaml
index b6b5821ca..51d94c747 100644
--- a/charts/argo-rollouts/values.yaml
+++ b/charts/argo-rollouts/values.yaml
@@ -229,6 +229,8 @@ serviceAccount:
   # -- The name of the service account to use.
   # If not set and create is true, a name is generated using the fullname template
   name: ""
+  # -- Specifies wether a service account should be automounted
+  automount: true
 
 # -- Annotations to be added to all CRDs
 crdAnnotations: {}
@@ -384,7 +386,9 @@ dashboard:
     # -- The name of the service account to use.
     # If not set and create is true, a name is generated using the fullname template
     name: ""
-
+    # -- Specifies wether a service account should be automounted
+    automount: true
+  
   ## Configure Pod Disruption Budget for the dashboard
   pdb:
     # -- Labels to be added to dashboard [Pod Disruption Budget]