-
Notifications
You must be signed in to change notification settings - Fork 112
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
exposed service account name for tcp pods #441
exposed service account name for tcp pods #441
Conversation
✅ Deploy Preview for kamaji-documentation ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
cmd/manager/cmd.go
Outdated
handlers.TenantControlPlaneDefaults{DefaultDatastore: datastore}, | ||
handlers.TenantControlPlaneDefaults{ | ||
DefaultDatastore: datastore, | ||
DefaultServiceAccount: serviceAccount, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No need for this, it can be achieved with the kubebuilder
marker, see previous comment.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I believe I made a follow up comment about this and you didn't comment on it afterwards so I supposed you were ok with it, but apparently not.
The reason behind this was to be able to use a specific service account to be considered as "default" by Kamaji, and that can be different from the actual default
service account. This can be handy when we use the management cluster for something other than just running Kamaji at the same time.
This will have no effects on the users that do not need this since it will be set to "default"
by default.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I get your point, and sorry if I missed the discussion: too many things happening at the same time.
I would avoid this kind of flag, and rely on configuration over convention: it means that if you need to configure a specific ServiceAccount
other tools can be used to enforce this behaviour, such as Kyverno policies, or ClusterClass
in terms of Cluster API.
962848d
to
edc6595
Compare
@hamza-boudouche sorry, some conflicts must be resolved since another PR of yours has been merged. Once solved, getting ready to get it merged! |
434