Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Specify automountServiceAccountToken: true on Deployments (#950)
#922 Signed-off-by: juliankatz <juliankatz@google.com> diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index 50a9dad..d8e1032 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -41,6 +41,7 @@ spec: - webhook topologyKey: kubernetes.io/hostname serviceAccountName: admin + automountServiceAccountToken: true containers: - command: - /manager @@ -118,6 +119,7 @@ spec: annotations: container.seccomp.security.alpha.kubernetes.io/manager: runtime/default spec: + automountServiceAccountToken: true containers: - args: - --operation=audit diff --git a/manifest_staging/charts/gatekeeper/templates/gatekeeper-audit-deployment.yaml b/manifest_staging/charts/gatekeeper/templates/gatekeeper-audit-deployment.yaml index aee81cd..b5e1032 100644 --- a/manifest_staging/charts/gatekeeper/templates/gatekeeper-audit-deployment.yaml +++ b/manifest_staging/charts/gatekeeper/templates/gatekeeper-audit-deployment.yaml @@ -35,6 +35,7 @@ spec: heritage: '{{ .Release.Service }}' release: '{{ .Release.Name }}' spec: + automountServiceAccountToken: true containers: - args: - --audit-interval={{ .Values.auditInterval }} diff --git a/manifest_staging/charts/gatekeeper/templates/gatekeeper-controller-manager-deployment.yaml b/manifest_staging/charts/gatekeeper/templates/gatekeeper-controller-manager-deployment.yaml index a580228..0d17094 100644 --- a/manifest_staging/charts/gatekeeper/templates/gatekeeper-controller-manager-deployment.yaml +++ b/manifest_staging/charts/gatekeeper/templates/gatekeeper-controller-manager-deployment.yaml @@ -47,6 +47,7 @@ spec: - webhook topologyKey: kubernetes.io/hostname weight: 100 + automountServiceAccountToken: true containers: - args: - --port=8443 diff --git a/manifest_staging/deploy/gatekeeper.yaml b/manifest_staging/deploy/gatekeeper.yaml index b1dd78d..c03015f 100644 --- a/manifest_staging/deploy/gatekeeper.yaml +++ b/manifest_staging/deploy/gatekeeper.yaml @@ -675,6 +675,7 @@ spec: gatekeeper.sh/operation: audit gatekeeper.sh/system: "yes" spec: + automountServiceAccountToken: true containers: - args: - --operation=audit @@ -767,6 +768,7 @@ spec: - webhook topologyKey: kubernetes.io/hostname weight: 100 + automountServiceAccountToken: true containers: - args: - --port=8443 Co-authored-by: Max Smythe <smythe@google.com>
- Loading branch information