Add annotations for serviceaccount

[muffl0n]

Change Overview

Add possibility to add annotations to the serviceaccount

Pull request type

Please check the type of change your PR introduces:

• 🚧 Work in Progress
• 🌈 Refactoring (no functional changes, no api changes)
• 🐹 Trivial/Minor
• 🐛 Bugfix
• 🌻 Feature
• 🗺️ Documentation
• 🤖 Test

Issues

n/a

Test Plan

• 💪 Manual
• ⚡ Unit test
• 💚 E2E

[muffl0n]

Is there anything I can provide, so this can be merged? We use this feature, so that gcloud calls in our blueprint can make use of "Workload Identity".

serviceAccount:
  annotations:
    iam.gke.io/gcp-service-account: kanister@myproject.iam.gserviceaccount.com

      - func: KubeTask
        name: backupMysql
        args:
          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
          podOverride:
            serviceAccount: kanister-kanister-operator
          command:
            - /bin/bash
            - -ce
            - |
              backupId="{{ .Options.id }}"

              gcloud sql backups create -i archive --description="${backupId}"
              kando output mysqlArchiveBackupId "${mysqlArchiveBackupId}"

[ihcsim]

LGTM Works great!

With this added to my values.yaml:

diff --git a/helm/kanister-operator/values.yaml b/helm/kanister-operator/values.yaml
index 763d1ad8..c36dc251 100644
--- a/helm/kanister-operator/values.yaml
+++ b/helm/kanister-operator/values.yaml
@@ -10,6 +10,10 @@ rbac:
 serviceAccount:
   create: true
   name:
+  annotations:
+    foo1: bar
+    foo2: bar
+    kubernetes.io/apps: kanister
 controller:
   service:
     port: 443

I get:

$ helm template helm/kanister-operator --set image-tag=latest 2>&1 | grep -5 annotations                                                       
---
# Source: kanister-operator/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  annotations:
    foo1: bar
    foo2: bar
    kubernetes.io/apps: kanister
  labels:
    heritage: Helm