Skip to content

Commit 495337d

Browse files
viveksynghviveksyngh
committed
feat: add capv serviceaccount
- Use a serviceaccount dedicated for capv instead of using an default serviceaccount from the namespace in which it is deployed
1 parent 0549509 commit 495337d

File tree

5 files changed

+9
-2
lines changed

5 files changed

+9
-2
lines changed

config/manager/manager.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -66,6 +66,7 @@ spec:
6666
seccompProfile:
6767
type: RuntimeDefault
6868
terminationGracePeriodSeconds: 10
69+
serviceAccountName: manager
6970
tolerations:
7071
- effect: NoSchedule
7172
key: node-role.kubernetes.io/master

config/rbac/kustomization.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,5 +6,6 @@ resources:
66
- leader_election_role.yaml
77
- leader_election_role_binding.yaml
88
- aggregate_role.yaml
9+
- serviceaccount.yaml
910
patchesStrategicMerge:
1011
- aggregate_labels.yaml

config/rbac/leader_election_role_binding.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,5 +8,5 @@ roleRef:
88
name: leader-election-role
99
subjects:
1010
- kind: ServiceAccount
11-
name: default
11+
name: manager
1212
namespace: system

config/rbac/role_binding.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,5 +8,5 @@ roleRef:
88
name: manager-role
99
subjects:
1010
- kind: ServiceAccount
11-
name: default
11+
name: manager
1212
namespace: system

config/rbac/serviceaccount.yaml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
apiVersion: v1
2+
kind: ServiceAccount
3+
metadata:
4+
name: manager
5+
namespace: system

0 commit comments

Comments
 (0)