Add serviceAccount to Kafka metrics deployment and add automountServiceAccountToken on SA (#5988)

Signed-off-by: Ankit Mehta <ankit.mehta@appian.com>
2026-03-06 15:10:15 +08:00 · 2021-04-02 05:21:38 -04:00
parent 14777a22d7
commit 3596309a6d
5 changed files with 7 additions and 1 deletions
--- a/bitnami/kafka/Chart.yaml
+++ b/bitnami/kafka/Chart.yaml
@@ -29,4 +29,4 @@ name: kafka
 sources:
  - https://github.com/bitnami/bitnami-docker-kafka
  - https://kafka.apache.org/
-version: 12.15.1
+version: 12.16.0
--- a/bitnami/kafka/README.md
+++ b/bitnami/kafka/README.md
@@ -225,6 +225,7 @@ The following tables lists the configurable parameters of the Kafka chart and th
 |-------------------------|------------------------------------------------------------------------------------------------|---------------------------------------------------------|
 | `serviceAccount.create` | Enable creation of ServiceAccount for Kafka pods                                               | `true`                                                  |
 | `serviceAccount.name`   | The name of the service account to use. If not set and `create` is `true`, a name is generated | Generated using the `kafka.serviceAccountName` template |
+ `serviceAccount.automountServiceAccountToken` | Enable/Disable automountServiceAccountToken  for Service Account                                             | `true`                                                  |
 | `rbac.create`           | Whether to create & use RBAC resources or not                                                  | `false`                                                 |

 ### Volume Permissions parameters
--- a/bitnami/kafka/templates/kafka-metrics-deployment.yaml
+++ b/bitnami/kafka/templates/kafka-metrics-deployment.yaml
@@ -30,6 +30,7 @@ spec:
      {{- if .Values.metrics.kafka.schedulerName }}
      schedulerName: {{ .Values.metrics.kafka.schedulerName | quote }}
      {{- end }}
+      serviceAccountName: {{ template "kafka.serviceAccountName" . }}
      containers:
        - name: kafka-exporter
          image: {{ include "kafka.metrics.kafka.image" . }}
--- a/bitnami/kafka/templates/serviceaccount.yaml
+++ b/bitnami/kafka/templates/serviceaccount.yaml
@@ -11,4 +11,5 @@ metadata:
  {{- if .Values.commonAnnotations }}
  annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
  {{- end }}
+automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }}
 {{- end }}
--- a/bitnami/kafka/values.yaml
+++ b/bitnami/kafka/values.yaml
@@ -832,6 +832,9 @@ serviceAccount:
  ## If not set and create is true, a name is generated using the kafka.serviceAccountName template
  ##
  # name:
+  # Allows auto mount of ServiceAccountToken on the serviceAccount created
+  # Can be set to false if pods using this serviceAccount do not need to use K8s API
+  automountServiceAccountToken: true

 ## Role Based Access
 ## ref: https://kubernetes.io/docs/admin/authorization/rbac/