feature: Support additional ServiceAccounts beyond the default accoun…

…t in each namespace Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
alexellis · Nov 3, 2020 · 56c6e47 · 56c6e47
1 parent 678a467
commit 56c6e47
Show file tree

Hide file tree

Showing 4 changed files with 26 additions and 8 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -20,13 +20,13 @@ COPY controllers/ controllers/
 
 # Build
 RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} \
-  GO111MODULE=on go build -ldflags="-w -s" -a -o /usr/bin/controller
+  GO111MODULE=on go build -ldflags="-w -s" -a -o /usr/bin/manager
 
 # Use distroless as minimal base image to package the manager binary
 # Refer to https://github.com/GoogleContainerTools/distroless for more details
 FROM --platform=${BUILDPLATFORM:-linux/amd64} gcr.io/distroless/static:nonroot
 WORKDIR /
-COPY --from=builder /usr/bin/controller .
+COPY --from=builder /usr/bin/manager .
 USER nonroot:nonroot
 
-ENTRYPOINT ["/controller"]
+ENTRYPOINT ["/manager"]
diff --git a/README.md b/README.md
@@ -67,7 +67,7 @@ Todo:
 Apply the YAML for the manifest.
 
 ```bash
-kubectl apply -f https://raw.githubusercontent.com/alexellis/registry-creds/master/mainfest.yaml
+kubectl apply -f https://raw.githubusercontent.com/alexellis/registry-creds/master/manifest.yaml
 ```
 
 ### Or make locally

diff --git a/controllers/secret_reconciler.go b/controllers/secret_reconciler.go
@@ -76,16 +76,34 @@ func (r *SecretReconciler) Reconcile(clusterPullSecret v1.ClusterPullSecret, ns
 		return err
 	}
 
-	serviceAccountName := "default"
-	err = r.appendSecretToSA(clusterPullSecret, pullSecret, ns, serviceAccountName)
+	SAs, err := r.listWithin(ns)
 	if err != nil {
-		r.Log.Info(err.Error())
-		return err
+		wrappedErr := errors.Wrapf(err, "failed to list service accounts in %s namespace", ns)
+		r.Log.Info(wrappedErr.Error())
+		return wrappedErr
+	}
+
+	for _, sa := range SAs.Items {
+		err = r.appendSecretToSA(clusterPullSecret, pullSecret, ns, sa.Name)
+		if err != nil {
+			r.Log.Info(err.Error())
+			return err
+		}
 	}
 
 	return nil
 }
 
+func (r *SecretReconciler) listWithin(ns string) (*corev1.ServiceAccountList, error) {
+	ctx := context.Background()
+	SAs := &corev1.ServiceAccountList{}
+	err := r.Client.List(ctx, SAs, client.InNamespace(ns))
+	if err != nil {
+		return nil, err
+	}
+	return SAs, nil
+}
+
 func (r *SecretReconciler) createSecret(clusterPullSecret v1.ClusterPullSecret, pullSecret *corev1.Secret, ns string) error {
 	ctx := context.Background()
 

diff --git a/mainfest.yaml → manifest.yaml b/mainfest.yaml → manifest.yaml