Adds serviceAccountTemplate to cluster configuration

Co-authored-by: Dariusch Ochlast <[email protected]> Signed-off-by: Dariusch Ochlast <[email protected]> Signed-off-by: Itay Grudev <[email protected]>
cloudnative-pg · Dec 7, 2024 · 9cb6f05 · 9cb6f05
1 parent 7b388ba
commit 9cb6f05
Show file tree

Hide file tree

Showing 6 changed files with 20 additions and 0 deletions.
diff --git a/charts/cluster/README.md b/charts/cluster/README.md
@@ -180,6 +180,7 @@ refer to  the [CloudNativePG Documentation](https://cloudnative-pg.io/documentat
 | cluster.priorityClassName | string | `""` |  |
 | cluster.resources | object | `{}` | Resources requirements of every generated Pod. Please refer to https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ for more information. We strongly advise you use the same setting for limits and requests so that your cluster pods are given a Guaranteed QoS. See: https://kubernetes.io/docs/concepts/workloads/pods/pod-qos/ |
 | cluster.roles | list | `[]` | This feature enables declarative management of existing roles, as well as the creation of new roles if they are not already present in the database. See: https://cloudnative-pg.io/documentation/current/declarative_role_management/ |
+| cluster.serviceAccountTemplate | object | `{}` | Configure the metadata of the generated service account |
 | cluster.storage.size | string | `"8Gi"` |  |
 | cluster.storage.storageClass | string | `""` |  |
 | cluster.superuserSecret | string | `""` |  |

diff --git a/charts/cluster/templates/cluster.yaml b/charts/cluster/templates/cluster.yaml
@@ -74,6 +74,11 @@ spec:
       {{- toYaml . | nindent 6 }}
     {{ end }}
 
+  {{- with .Values.cluster.serviceAccountTemplate }}
+  serviceAccountTemplate:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+
   monitoring:
     enablePodMonitor: {{ and .Values.cluster.monitoring.enabled .Values.cluster.monitoring.podMonitor.enabled }}
     disableDefaultQueries: {{ .Values.cluster.monitoring.disableDefaultQueries }}

diff --git a/...er/test/postgresql-cluster-configuration/01-non_default_configuration_cluster-assert.yaml b/...er/test/postgresql-cluster-configuration/01-non_default_configuration_cluster-assert.yaml
@@ -80,3 +80,7 @@ spec:
         inRoles:
           - pg_monitor
           - pg_signal_backend
+  serviceAccountTemplate:
+    metadata:
+      annotations:
+        my-annotation: my-service-account
diff --git a/...s/cluster/test/postgresql-cluster-configuration/01-non_default_configuration_cluster.yaml b/...s/cluster/test/postgresql-cluster-configuration/01-non_default_configuration_cluster.yaml
@@ -76,6 +76,10 @@ cluster:
     foo: bar
   annotations:
     foo: bar
+  serviceAccountTemplate:
+    metadata:
+      annotations:
+        my-annotation: my-service-account
 
 backups:
   enabled: false
diff --git a/charts/cluster/values.schema.json b/charts/cluster/values.schema.json
@@ -288,6 +288,9 @@
                 "roles": {
                     "type": "array"
                 },
+                "serviceAccountTemplate": {
+                    "type": "object"
+                },
                 "storage": {
                     "type": "object",
                     "properties": {

diff --git a/charts/cluster/values.yaml b/charts/cluster/values.yaml
@@ -281,6 +281,9 @@ cluster:
     # postInitApplicationSQL: []
     # postInitTemplateSQL: []
 
+  # -- Configure the metadata of the generated service account
+  serviceAccountTemplate: {}
+
   additionalLabels: {}
   annotations: {}