diff --git a/apis/druid/v1alpha1/druid_types.go b/apis/druid/v1alpha1/druid_types.go index 36c122f7..58ad0c00 100644 --- a/apis/druid/v1alpha1/druid_types.go +++ b/apis/druid/v1alpha1/druid_types.go @@ -477,6 +477,10 @@ type DruidNodeSpec struct { // Operator deploys the sidecar container based on these properties. // +optional AdditionalContainer []AdditionalContainer `json:"additionalContainer,omitempty"` + + // ServiceAccountName Kubernetes native `serviceAccountName` specification. + // +optional + ServiceAccountName string `json:"serviceAccountName,omitempty"` } // ZookeeperSpec IGNORED (Future API): In order to make Druid dependency setup extensible from within Druid operator. diff --git a/chart/crds/druid.apache.org_druids.yaml b/chart/crds/druid.apache.org_druids.yaml index 589ddd03..236a3d0e 100644 --- a/chart/crds/druid.apache.org_druids.yaml +++ b/chart/crds/druid.apache.org_druids.yaml @@ -5949,6 +5949,10 @@ spec: type: string type: object type: object + serviceAccountName: + description: ServiceAccountName Kubernetes native `serviceAccountName` + specification. + type: string services: description: Services Overrides services at top level. items: diff --git a/config/crd/bases/druid.apache.org_druids.yaml b/config/crd/bases/druid.apache.org_druids.yaml index 589ddd03..236a3d0e 100644 --- a/config/crd/bases/druid.apache.org_druids.yaml +++ b/config/crd/bases/druid.apache.org_druids.yaml @@ -5949,6 +5949,10 @@ spec: type: string type: object type: object + serviceAccountName: + description: ServiceAccountName Kubernetes native `serviceAccountName` + specification. + type: string services: description: Services Overrides services at top level. items: diff --git a/controllers/druid/handler.go b/controllers/druid/handler.go index e01e1804..7c951bbc 100644 --- a/controllers/druid/handler.go +++ b/controllers/druid/handler.go @@ -1120,7 +1120,7 @@ func makePodSpec(nodeSpec *v1alpha1.DruidNodeSpec, m *v1alpha1.Druid, nodeSpecUn TerminationGracePeriodSeconds: nodeSpec.TerminationGracePeriodSeconds, Volumes: getVolume(nodeSpec, m, nodeSpecUniqueStr), SecurityContext: firstNonNilValue(nodeSpec.PodSecurityContext, m.Spec.PodSecurityContext).(*v1.PodSecurityContext), - ServiceAccountName: m.Spec.ServiceAccount, + ServiceAccountName: firstNonEmptyStr(nodeSpec.ServiceAccountName, m.Spec.ServiceAccount), PriorityClassName: firstNonEmptyStr(nodeSpec.PriorityClassName, m.Spec.PriorityClassName), }