Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add option to create a service account and specify a default user id in securityContext #815

Merged
merged 3 commits into from
Sep 23, 2021
Merged

add option to create a service account and specify a default user id in securityContext #815

merged 3 commits into from
Sep 23, 2021

Conversation

AndreZiviani
Copy link
Contributor

I had two problems trying to use avhq in AWS EKS:

  • Lack of ServiceAccount in the helm chart
  • The container was running with the akhq user (uid=1000 gid=1000) but it wasn't specified in the securityContext so AWS created the token file with strict permissions (only the root user could read it)

This PR adds an option to automatically create the ServiceAccount and specify some options in the securitContext by default

tchiotludo
tchiotludo requested changes Sep 16, 2021
View reviewed changes
Copy link
Owner

@tchiotludo tchiotludo left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you use the standard way to handle service account for a better readability please ?

serviceAccountName: {{ include "bla.serviceAccountName" . }}

{{/*
Create the name of the service account to use
*/}}
{{- define "bla.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "bla.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

if the user input serviceAccountName & serviceAccountCreate the yaml will be invalid

@AndreZiviani
Copy link
Contributor Author

@tchiotludo can you please review the changes?

@tchiotludo tchiotludo merged commit b93598e into tchiotludo:dev Sep 23, 2021
@AndreZiviani AndreZiviani deleted the improve-aws-support branch September 29, 2021 17:45
tchiotludo pushed a commit that referenced this pull request Oct 24, 2021
@AndreZiviani @tchiotludo
feat(helm): add option to create a service account and specify a defa…
8ed9673 
…ult user id in securityContext (#815)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tchiotludo tchiotludo tchiotludo requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@AndreZiviani @tchiotludo