Merge pull request #1786 from Hmr-ramzi/feature/kafka-deploy-serviceAccount

[bitnami/kafka] added an option to create a service account
2026-03-15 14:57:16 +08:00 · 2019-12-30 16:49:00 +01:00
parent d3e60d2ba1 b335a8797c
commit 104c63ac7e
7 changed files with 48 additions and 1 deletions
--- a/bitnami/kafka/Chart.yaml
+++ b/bitnami/kafka/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v1
 name: kafka
-version: 7.0.5
+version: 7.1.0
 appVersion: 2.4.0
 description: Apache Kafka is a distributed streaming platform.
 keywords:
--- a/bitnami/kafka/README.md
+++ b/bitnami/kafka/README.md
@@ -122,6 +122,8 @@ The following tables lists the configurable parameters of the Kafka chart and th
 | `service.nodePort`                      | Kubernetes Service nodePort                                                                                                                               | `nil`                                                   |
 | `service.loadBalancerIP`                | loadBalancerIP for Kafka Service                                                                                                                          | `nil`                                                   |
 | `service.annotations`                   | Service annotations                                                                                                                                       | ``                                                      |
+| `serviceAccount.create`                 | Enable creation of ServiceAccount for kafka pod                                                                                                           | `false`                                                 |
+| `serviceAccount.name`                   | Name of the created serviceAccount                                                                                                                        | Generated using the `kafka.fullname` template           |
 | `persistence.enabled`                   | Enable Kafka persistence using PVC, note that Zookeeper perisstency is unaffected                                                                         | `true`                                                  |
 | `persistence.existingClaim`             | Provide an existing `PersistentVolumeClaim`, the value is evaluated as a template.                                                                        | `nil`                                                   |
 | `persistence.storageClass`              | PVC Storage Class for Kafka volume                                                                                                                        | `nil`                                                   |
--- a/bitnami/kafka/templates/_helpers.tpl
+++ b/bitnami/kafka/templates/_helpers.tpl
@@ -31,6 +31,17 @@ Create chart name and version as used by the chart label.
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
 {{- end -}}

+{{/*
+ Create the name of the service account to use
+ */}}
+{{- define "kafka.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create -}}
+    {{ default (include "kafka.fullname" .) .Values.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
 {{/*
 Common labels
 */}}
--- a/bitnami/kafka/templates/serviceaccount.yaml
+++ b/bitnami/kafka/templates/serviceaccount.yaml
@@ -0,0 +1,8 @@
+{{- if .Values.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "kafka.serviceAccountName" . }}
+  labels: {{- include "kafka.labels" . | nindent 4 }}
+    role: kafka
+{{- end }}
--- a/bitnami/kafka/templates/statefulset.yaml
+++ b/bitnami/kafka/templates/statefulset.yaml
@@ -4,6 +4,7 @@ metadata:
  name: {{ include "kafka.fullname" . }}
  labels: {{- include "kafka.labels" . | nindent 4 }}
    app.kubernetes.io/component: kafka
+    role: kafka
 spec:
  selector:
    matchLabels: {{- include "kafka.matchLabels" . | nindent 6 }}
@@ -25,6 +26,9 @@ spec:
        app.kubernetes.io/component: kafka
    spec:
 {{- include "kafka.imagePullSecrets" . | indent 6 }}
+      {{- if .Values.serviceAccount.create }}
+      serviceAccountName: {{ template "kafka.serviceAccountName" . }}
+      {{- end }}
      {{- if .Values.securityContext.enabled }}
      securityContext:
        fsGroup: {{ .Values.securityContext.fsGroup }}
--- a/bitnami/kafka/values-production.yaml
+++ b/bitnami/kafka/values-production.yaml
@@ -265,6 +265,17 @@ service:
  ## Service annotations done as key:value pairs
  annotations: {}

+## Service account for Kafka to use.
+## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+##
+serviceAccount:
+  ## Specifies whether a ServiceAccount should be created
+  ##
+  create: false
+  ## The name of the ServiceAccount to use.
+  ## If not set and create is true, a name is generated using the kafka.fullname template
+  # name:
+
 ## Kafka data Persistent Volume Storage Class
 ## If defined, storageClassName: <storageClass>
 ## If set to "-", storageClassName: "", which disables dynamic provisioning
--- a/bitnami/kafka/values.yaml
+++ b/bitnami/kafka/values.yaml
@@ -265,6 +265,17 @@ service:
  ## Service annotations done as key:value pairs
  annotations: {}

+## Service account for Kafka to use.
+## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+##
+serviceAccount:
+  ## Specifies whether a ServiceAccount should be created
+  ##
+  create: false
+  ## The name of the ServiceAccount to use.
+  ## If not set and create is true, a name is generated using the kafka.fullname template
+  # name:
+
 ## Kafka data Persistent Volume Storage Class
 ## If defined, storageClassName: <storageClass>
 ## If set to "-", storageClassName: "", which disables dynamic provisioning