vmware-tanzu
/
velero
mirror of https://github.com/vmware-tanzu/velero.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Do not create the rolebinding if user customize the service account 

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
pull/5893/head
Daniel Jiang 2023-02-21 18:20:38 +08:00
parent 5f039b7f7c
commit 42a92e9b3d
2 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pkg/cmd/cli/install/install.go
View File

@ -94,7 +94,8 @@ func (o *InstallOptions) BindFlags(flags *pflag.FlagSet) {
flags.Var(&o.PodAnnotations, "pod-annotations", "Annotations to add to the Velero and node agent pods. Optional. Format is key1=value1,key2=value2")
flags.Var(&o.PodLabels, "pod-labels", "Labels to add to the Velero and node agent pods. Optional. Format is key1=value1,key2=value2")
flags.Var(&o.ServiceAccountAnnotations, "sa-annotations", "Annotations to add to the Velero ServiceAccount. Add iam.gke.io/gcp-service-account=[GSA_NAME]@[PROJECT_NAME].iam.gserviceaccount.com for workload identity. Optional. Format is key1=value1,key2=value2")
flags.StringVar(&o.ServiceAccountName, "service-account-name", o.ServiceAccountName, "ServiceAccountName to be set to the Velero and node agent pods, it should be created before the installation. Optional, if this attribute is set, the default service account 'velero' will not be created, and the flag --sa-annotations will be disregarded.")
flags.StringVar(&o.ServiceAccountName, "service-account-name", o.ServiceAccountName, "ServiceAccountName to be set to the Velero and node agent pods, it should be created before the installation, and the user also needs to create the rolebinding for it."+
" Optional, if this attribute is set, the default service account 'velero' will not be created, and the flag --sa-annotations will be disregarded.")
flags.StringVar(&o.VeleroPodCPURequest, "velero-pod-cpu-request", o.VeleroPodCPURequest, `CPU request for Velero pod. A value of "0" is treated as unbounded. Optional.`)
flags.StringVar(&o.VeleroPodMemRequest, "velero-pod-mem-request", o.VeleroPodMemRequest, `Memory request for Velero pod. A value of "0" is treated as unbounded. Optional.`)
flags.StringVar(&o.VeleroPodCPULimit, "velero-pod-cpu-limit", o.VeleroPodCPULimit, `CPU limit for Velero pod. A value of "0" is treated as unbounded. Optional.`)

4
pkg/install/resources.go
View File

@ -259,10 +259,10 @@ func AllResources(o *VeleroOptions) *unstructured.UnstructuredList {
ns := Namespace(o.Namespace)
appendUnstructured(resources, ns)
crb := ClusterRoleBinding(o.Namespace)
appendUnstructured(resources, crb)
serviceAccountName := defaultServiceAccountName
if o.ServiceAccountName == "" {
crb := ClusterRoleBinding(o.Namespace)
appendUnstructured(resources, crb)
sa := ServiceAccount(o.Namespace, o.ServiceAccountAnnotations)
appendUnstructured(resources, sa)
} else {