aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xkubernetes/policy/components/policy-apex-pdp/requirements.yaml3
-rwxr-xr-xkubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml1
-rwxr-xr-xkubernetes/policy/components/policy-apex-pdp/values.yaml6
-rwxr-xr-xkubernetes/policy/components/policy-api/requirements.yaml3
-rwxr-xr-xkubernetes/policy/components/policy-api/templates/deployment.yaml1
-rwxr-xr-xkubernetes/policy/components/policy-api/values.yaml6
-rw-r--r--kubernetes/policy/components/policy-clamp-be/requirements.yaml3
-rw-r--r--kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml1
-rw-r--r--kubernetes/policy/components/policy-clamp-be/values.yaml6
-rw-r--r--kubernetes/policy/components/policy-clamp-fe/requirements.yaml3
-rw-r--r--kubernetes/policy/components/policy-clamp-fe/templates/deployment.yaml1
-rw-r--r--kubernetes/policy/components/policy-clamp-fe/values.yaml6
-rwxr-xr-xkubernetes/policy/components/policy-distribution/requirements.yaml3
-rwxr-xr-xkubernetes/policy/components/policy-distribution/templates/deployment.yaml1
-rwxr-xr-xkubernetes/policy/components/policy-distribution/values.yaml6
-rwxr-xr-xkubernetes/policy/components/policy-drools-pdp/requirements.yaml3
-rwxr-xr-xkubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml1
-rwxr-xr-xkubernetes/policy/components/policy-drools-pdp/values.yaml6
-rwxr-xr-xkubernetes/policy/components/policy-nexus/requirements.yaml3
-rwxr-xr-xkubernetes/policy/components/policy-nexus/templates/deployment.yaml1
-rwxr-xr-xkubernetes/policy/components/policy-nexus/values.yaml6
-rwxr-xr-xkubernetes/policy/components/policy-pap/requirements.yaml3
-rwxr-xr-xkubernetes/policy/components/policy-pap/templates/deployment.yaml1
-rwxr-xr-xkubernetes/policy/components/policy-pap/values.yaml6
-rwxr-xr-xkubernetes/policy/components/policy-xacml-pdp/requirements.yaml3
-rwxr-xr-xkubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml1
-rwxr-xr-xkubernetes/policy/components/policy-xacml-pdp/values.yaml6
-rwxr-xr-xkubernetes/policy/requirements.yaml3
-rwxr-xr-xkubernetes/policy/templates/job.yaml1
-rwxr-xr-xkubernetes/policy/values.yaml5
30 files changed, 99 insertions, 0 deletions
diff --git a/kubernetes/policy/components/policy-apex-pdp/requirements.yaml b/kubernetes/policy/components/policy-apex-pdp/requirements.yaml
index 1c57aa449b..f320b219dc 100755
--- a/kubernetes/policy/components/policy-apex-pdp/requirements.yaml
+++ b/kubernetes/policy/components/policy-apex-pdp/requirements.yaml
@@ -27,3 +27,6 @@ dependencies:
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml b/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml
index 586f468334..4d9ff9250e 100755
--- a/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml
+++ b/kubernetes/policy/components/policy-apex-pdp/templates/statefulset.yaml
@@ -115,6 +115,7 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
{{ include "common.certInitializer.volumes" . | indent 8 }}
- name: localtime
diff --git a/kubernetes/policy/components/policy-apex-pdp/values.yaml b/kubernetes/policy/components/policy-apex-pdp/values.yaml
index aa1daf703f..eb6292a039 100755
--- a/kubernetes/policy/components/policy-apex-pdp/values.yaml
+++ b/kubernetes/policy/components/policy-apex-pdp/values.yaml
@@ -133,3 +133,9 @@ resources:
cpu: 20m
memory: 2Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: policy-apex-pdp
+ roles:
+ - read
diff --git a/kubernetes/policy/components/policy-api/requirements.yaml b/kubernetes/policy/components/policy-api/requirements.yaml
index 7bc531a759..2365cd729a 100755
--- a/kubernetes/policy/components/policy-api/requirements.yaml
+++ b/kubernetes/policy/components/policy-api/requirements.yaml
@@ -26,3 +26,6 @@ dependencies:
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/policy/components/policy-api/templates/deployment.yaml b/kubernetes/policy/components/policy-api/templates/deployment.yaml
index 899e74e674..de0558e4cd 100755
--- a/kubernetes/policy/components/policy-api/templates/deployment.yaml
+++ b/kubernetes/policy/components/policy-api/templates/deployment.yaml
@@ -107,6 +107,7 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
{{ include "common.certInitializer.volumes" . | indent 8 }}
- name: localtime
diff --git a/kubernetes/policy/components/policy-api/values.yaml b/kubernetes/policy/components/policy-api/values.yaml
index da983e5b5b..36eb5c4899 100755
--- a/kubernetes/policy/components/policy-api/values.yaml
+++ b/kubernetes/policy/components/policy-api/values.yaml
@@ -143,3 +143,9 @@ resources:
cpu: 200m
memory: 2Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: policy-api
+ roles:
+ - read
diff --git a/kubernetes/policy/components/policy-clamp-be/requirements.yaml b/kubernetes/policy/components/policy-clamp-be/requirements.yaml
index 88fd9d90eb..670f8cb65a 100644
--- a/kubernetes/policy/components/policy-clamp-be/requirements.yaml
+++ b/kubernetes/policy/components/policy-clamp-be/requirements.yaml
@@ -20,3 +20,6 @@ dependencies:
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml
index c243e30540..e61cca0e49 100644
--- a/kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml
+++ b/kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml
@@ -114,6 +114,7 @@ spec:
{{- if .Values.affinity }}
affinity: {{ toYaml .Values.affinity | nindent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: {{ include "common.fullname" . }}-config
configMap:
diff --git a/kubernetes/policy/components/policy-clamp-be/values.yaml b/kubernetes/policy/components/policy-clamp-be/values.yaml
index 71d2517be1..dcbe59c382 100644
--- a/kubernetes/policy/components/policy-clamp-be/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-be/values.yaml
@@ -156,3 +156,9 @@ resources:
cpu: 10m
memory: 3Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: policy-clamp-be
+ roles:
+ - read
diff --git a/kubernetes/policy/components/policy-clamp-fe/requirements.yaml b/kubernetes/policy/components/policy-clamp-fe/requirements.yaml
index 88fd9d90eb..670f8cb65a 100644
--- a/kubernetes/policy/components/policy-clamp-fe/requirements.yaml
+++ b/kubernetes/policy/components/policy-clamp-fe/requirements.yaml
@@ -20,3 +20,6 @@ dependencies:
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/policy/components/policy-clamp-fe/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-fe/templates/deployment.yaml
index 97c7919389..1349558651 100644
--- a/kubernetes/policy/components/policy-clamp-fe/templates/deployment.yaml
+++ b/kubernetes/policy/components/policy-clamp-fe/templates/deployment.yaml
@@ -91,6 +91,7 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: {{ include "common.fullname" . }}-config
configMap:
diff --git a/kubernetes/policy/components/policy-clamp-fe/values.yaml b/kubernetes/policy/components/policy-clamp-fe/values.yaml
index 9712a38e10..a7c8d6defa 100644
--- a/kubernetes/policy/components/policy-clamp-fe/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-fe/values.yaml
@@ -146,3 +146,9 @@ resources:
cpu: 10m
memory: 50Mi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: policy-clamp-fe
+ roles:
+ - read
diff --git a/kubernetes/policy/components/policy-distribution/requirements.yaml b/kubernetes/policy/components/policy-distribution/requirements.yaml
index 0006e4965a..db84102327 100755
--- a/kubernetes/policy/components/policy-distribution/requirements.yaml
+++ b/kubernetes/policy/components/policy-distribution/requirements.yaml
@@ -27,3 +27,6 @@ dependencies:
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/policy/components/policy-distribution/templates/deployment.yaml b/kubernetes/policy/components/policy-distribution/templates/deployment.yaml
index 04db6d70c7..4745aac23b 100755
--- a/kubernetes/policy/components/policy-distribution/templates/deployment.yaml
+++ b/kubernetes/policy/components/policy-distribution/templates/deployment.yaml
@@ -121,6 +121,7 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
{{ include "common.certInitializer.volumes" . | indent 8 }}
- name: localtime
diff --git a/kubernetes/policy/components/policy-distribution/values.yaml b/kubernetes/policy/components/policy-distribution/values.yaml
index 6788613ceb..fb6ef6e039 100755
--- a/kubernetes/policy/components/policy-distribution/values.yaml
+++ b/kubernetes/policy/components/policy-distribution/values.yaml
@@ -155,3 +155,9 @@ resources:
cpu: 200m
memory: 2Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: policy-distribution
+ roles:
+ - read
diff --git a/kubernetes/policy/components/policy-drools-pdp/requirements.yaml b/kubernetes/policy/components/policy-drools-pdp/requirements.yaml
index 29b1053600..6c540a4bcf 100755
--- a/kubernetes/policy/components/policy-drools-pdp/requirements.yaml
+++ b/kubernetes/policy/components/policy-drools-pdp/requirements.yaml
@@ -23,3 +23,6 @@ dependencies:
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml b/kubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml
index 7e9c6cfde8..d389246b5c 100755
--- a/kubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml
+++ b/kubernetes/policy/components/policy-drools-pdp/templates/statefulset.yaml
@@ -125,6 +125,7 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
{{ include "common.certInitializer.volumes" . | indent 8 }}
- name: localtime
diff --git a/kubernetes/policy/components/policy-drools-pdp/values.yaml b/kubernetes/policy/components/policy-drools-pdp/values.yaml
index 4eb37c6106..38d398998c 100755
--- a/kubernetes/policy/components/policy-drools-pdp/values.yaml
+++ b/kubernetes/policy/components/policy-drools-pdp/values.yaml
@@ -188,3 +188,9 @@ resources:
cpu: 200m
memory: 2Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: policy-drools-pdp
+ roles:
+ - read
diff --git a/kubernetes/policy/components/policy-nexus/requirements.yaml b/kubernetes/policy/components/policy-nexus/requirements.yaml
index 343812db25..20cc48f360 100755
--- a/kubernetes/policy/components/policy-nexus/requirements.yaml
+++ b/kubernetes/policy/components/policy-nexus/requirements.yaml
@@ -23,3 +23,6 @@ dependencies:
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/policy/components/policy-nexus/templates/deployment.yaml b/kubernetes/policy/components/policy-nexus/templates/deployment.yaml
index 3d5d59fea2..4c945f4605 100755
--- a/kubernetes/policy/components/policy-nexus/templates/deployment.yaml
+++ b/kubernetes/policy/components/policy-nexus/templates/deployment.yaml
@@ -83,6 +83,7 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "nothing" "dot" . )}}
volumes:
- name: localtime
hostPath:
diff --git a/kubernetes/policy/components/policy-nexus/values.yaml b/kubernetes/policy/components/policy-nexus/values.yaml
index 7801b525f2..3d77e67456 100755
--- a/kubernetes/policy/components/policy-nexus/values.yaml
+++ b/kubernetes/policy/components/policy-nexus/values.yaml
@@ -92,3 +92,9 @@ resources:
cpu: 2m
memory: 1Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: policy-nexus
+ roles:
+ - nothing
diff --git a/kubernetes/policy/components/policy-pap/requirements.yaml b/kubernetes/policy/components/policy-pap/requirements.yaml
index 3f0071ab7c..18de3a6517 100755
--- a/kubernetes/policy/components/policy-pap/requirements.yaml
+++ b/kubernetes/policy/components/policy-pap/requirements.yaml
@@ -27,3 +27,6 @@ dependencies:
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/policy/components/policy-pap/templates/deployment.yaml b/kubernetes/policy/components/policy-pap/templates/deployment.yaml
index a02752c033..77474a8387 100755
--- a/kubernetes/policy/components/policy-pap/templates/deployment.yaml
+++ b/kubernetes/policy/components/policy-pap/templates/deployment.yaml
@@ -122,6 +122,7 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
{{ include "common.certInitializer.volumes" . | indent 8 }}
- name: localtime
diff --git a/kubernetes/policy/components/policy-pap/values.yaml b/kubernetes/policy/components/policy-pap/values.yaml
index 18e0e3e171..3c4c3e5ec6 100755
--- a/kubernetes/policy/components/policy-pap/values.yaml
+++ b/kubernetes/policy/components/policy-pap/values.yaml
@@ -169,3 +169,9 @@ resources:
cpu: 200m
memory: 2Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: policy-pap
+ roles:
+ - read
diff --git a/kubernetes/policy/components/policy-xacml-pdp/requirements.yaml b/kubernetes/policy/components/policy-xacml-pdp/requirements.yaml
index 7bc531a759..2365cd729a 100755
--- a/kubernetes/policy/components/policy-xacml-pdp/requirements.yaml
+++ b/kubernetes/policy/components/policy-xacml-pdp/requirements.yaml
@@ -26,3 +26,6 @@ dependencies:
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml b/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml
index 73ae6dd55a..2da0035fa0 100755
--- a/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml
+++ b/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml
@@ -131,6 +131,7 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
{{ include "common.certInitializer.volumes" . | indent 8 }}
- name: localtime
diff --git a/kubernetes/policy/components/policy-xacml-pdp/values.yaml b/kubernetes/policy/components/policy-xacml-pdp/values.yaml
index 64c00e9bed..9eda53ee9b 100755
--- a/kubernetes/policy/components/policy-xacml-pdp/values.yaml
+++ b/kubernetes/policy/components/policy-xacml-pdp/values.yaml
@@ -152,3 +152,9 @@ resources:
cpu: 200m
memory: 2Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: policy-xacml-pdp
+ roles:
+ - read
diff --git a/kubernetes/policy/requirements.yaml b/kubernetes/policy/requirements.yaml
index 33447a2571..c98d4fc7a8 100755
--- a/kubernetes/policy/requirements.yaml
+++ b/kubernetes/policy/requirements.yaml
@@ -59,3 +59,6 @@ dependencies:
- name: repositoryGenerator
version: ~8.x-0
repository: '@local'
+ - name: serviceAccount
+ version: ~8.x-0
+ repository: '@local'
diff --git a/kubernetes/policy/templates/job.yaml b/kubernetes/policy/templates/job.yaml
index ad195722b2..72c94f30c5 100755
--- a/kubernetes/policy/templates/job.yaml
+++ b/kubernetes/policy/templates/job.yaml
@@ -72,6 +72,7 @@ spec:
resources:
{{ include "common.resources" . }}
restartPolicy: Never
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- name: {{ include "common.fullname" . }}-config
configMap:
diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml
index 678772c481..92344dd2fe 100755
--- a/kubernetes/policy/values.yaml
+++ b/kubernetes/policy/values.yaml
@@ -148,3 +148,8 @@ resources:
memory: 2Gi
unlimited: {}
+#Pods Service Account
+serviceAccount:
+ nameOverride: policy
+ roles:
+ - read