-
Notifications
You must be signed in to change notification settings - Fork 1
ServiceAccount
Gregory Nickonov edited this page Apr 2, 2019
·
1 revision
R.service_account :watcher do
automount_service_account_token false
image_pull_secrets 'my-registry-pull-secret', 'other-registry-pull-secret'
add_secret :passwords
end
Create ServiceAccount, disable mounting SA token automatically, specify image pull secrets to use and allow to consume secret 'passwords'.
Sunstone property | Kubernetes property | Type |
---|---|---|
metadata | metadata | Kubernetes Object Metadata |
automount_service_account_token | automountServiceAccountToken | Boolean |
image_pull_secrets | imagePullSecrets | Array of LocalObjectReference |
secrets | secrets | Array of ObjectReference |
Adds names to the list of image pull secrets:
image_pull_secrets 'image-pull-secret'
Alias image_pull_secret
is provided for aesthetic purposes.
Creates, initializes and adds a secret to the list of secrets allowed to be used by pods running using this ServiceAccount:
# Add reference to Secret 'passwords'
add_secret :passwords
# Add reference to Secret 'password' from namespace 'default'
add_secret :passwords, :default
# The same, but name and namespace are passed in the path form
add_secret 'default/passwords'