[bitnami/etcd] Service account specification (#6055)

* Add support for service account specification * Supports creation or using existing service account * Update common dependency for new patch release 1.4.1 -> 1.4.2 * Increment chart version 6.1.5 -> 6.2.0
2026-03-05 14:57:31 +08:00 · 2021-04-09 08:12:59 -07:00
parent b6d0d26918
commit c1a470352f
7 changed files with 70 additions and 4 deletions
--- a/bitnami/etcd/Chart.lock
+++ b/bitnami/etcd/Chart.lock
@@ -1,6 +1,6 @@
 dependencies:
 - name: common
  repository: https://charts.bitnami.com/bitnami
-  version: 1.4.1
-digest: sha256:81be4c0ebd0a81952423b24268e82697231b8c07991ee60b23b950ff1db003a2
-generated: "2021-03-03T12:54:24.246921+01:00"
+  version: 1.4.2
+digest: sha256:4e3ec38e0e27e9fc1defb2a13f67a0aa12374bf0b15f06a6c13b1b46df6bffeb
+generated: "2021-04-08T09:54:13.075277-07:00"
--- a/bitnami/etcd/Chart.yaml
+++ b/bitnami/etcd/Chart.yaml
@@ -25,4 +25,4 @@ name: etcd
 sources:
  - https://github.com/bitnami/bitnami-docker-etcd
  - https://coreos.com/etcd/
-version: 6.1.5
+version: 6.2.0
--- a/bitnami/etcd/README.md
+++ b/bitnami/etcd/README.md
@@ -218,6 +218,16 @@ The following tables lists the configurable parameters of the etcd chart and the
 | `disasterRecovery.pvc.size`                     | PVC Storage Request                                                                   | `2Gi`                                                       |
 | `disasterRecovery.pvc.storageClassName`         | Storage Class for snapshots volume                                                    | `nfs`                                                       |

+### Service account parameters
+
+| Parameter                                     | Description                                           | Default   |
+|-----------------------------------------------|-------------------------------------------------------|-----------|
+| `serviceAccount.create`                       | Enable/disable service account creation               | `false`   |
+| `serviceAccount.name`                         | Name of the service account to create or use          | `default` |
+| `serviceAccount.automountServiceAccountToken` | Enable/disable auto mounting of service account token | `true`    |
+| `serviceAccount.labels`                       | Additional labels to include on service account       | `{}`      |
+| `serviceAccount.annotations`                  | Additional annotations to include on service account  | `{}`      |
+
 ### Other parameters

 | Parameter                  | Description                                                    | Default |
--- a/bitnami/etcd/templates/_helpers.tpl
+++ b/bitnami/etcd/templates/_helpers.tpl
@@ -150,3 +150,14 @@ etcd: disasterRecovery
    Please enable persistence (--set persistence.enabled=true)
 {{- end -}}
 {{- end -}}
+
+{{/*
+ Create the name of the service account to use
+ */}}
+{{- define "etcd.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create -}}
+{{ default (include "common.names.fullname" .) .Values.serviceAccount.name }}
+{{- else -}}
+{{ default "default" .Values.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
--- a/bitnami/etcd/templates/serviceaccount.yaml
+++ b/bitnami/etcd/templates/serviceaccount.yaml
@@ -0,0 +1,24 @@
+{{- if .Values.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }}
+metadata:
+  name: {{ include "etcd.serviceAccountName" . }}
+  namespace: {{ .Release.Namespace }}
+  labels: {{- include "common.labels.standard" . | nindent 4 }}
+    {{- if .Values.commonLabels }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+    {{- end }}
+    {{- if .Values.serviceAccount.labels }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.serviceAccount.labels "context" $ ) | nindent 4 }}
+    {{- end }}
+  {{- if or .Values.commonAnnotations .Values.serviceAccount.annotations }}
+  annotations:
+    {{- if .Values.commonAnnotations }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+    {{- end }}
+    {{- if .Values.serviceAccount.annotations }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.serviceAccount.annotations "context" $ ) | nindent 4 }}
+    {{- end }}
+  {{- end }}
+{{- end }}
--- a/bitnami/etcd/templates/statefulset.yaml
+++ b/bitnami/etcd/templates/statefulset.yaml
@@ -55,6 +55,7 @@ spec:
      {{- if .Values.podSecurityContext.enabled }}
      securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 8 }}
      {{- end }}
+      serviceAccountName: {{ include "etcd.serviceAccountName" $ | quote }}
      {{- if or .Values.initContainers (and .Values.volumePermissions.enabled .Values.persistence.enabled) }}
      initContainers:
        {{- if .Values.initContainers }}
--- a/bitnami/etcd/values.yaml
+++ b/bitnami/etcd/values.yaml
@@ -448,6 +448,26 @@ service:
  ##
  annotations: {}

+## Service account configuration
+##
+serviceAccount:
+  ## If true, create service account. If false, use service account defined by name.
+  ##
+  create: false
+  ## Name of service account to use or create.
+  ##
+  name: ""
+  ## Whether to auto mount the service account token
+  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#use-the-default-service-account-to-access-the-api-server
+  ##
+  automountServiceAccountToken: true
+  ## Additional annotations to be included on the service account
+  ##
+  annotations: {}
+  ## Additional labels to be included on the service account
+  ##
+  labels: {}
+
 ## Enable persistence using Persistent Volume Claims
 ## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
 ##