diff --git a/api/v1/store.go b/api/v1/store.go index eef0c37..a1069b3 100644 --- a/api/v1/store.go +++ b/api/v1/store.go @@ -37,6 +37,7 @@ type StoreSpec struct { Otel OtelSpec `json:"otel,omitempty"` FPM FPMSpec `json:"fpm,omitempty"` HorizontalPodAutoscaler HPASpec `json:"horizontalPodAutoscaler,omitempty"` + ServiceAccountName string `json:"serviceAccountName,omitempty"` // +kubebuilder:default=false DisableChecks bool `json:"disableChecks,omitempty"` diff --git a/internal/deployment/admin.go b/internal/deployment/admin.go index fc2daa7..fb1e356 100644 --- a/internal/deployment/admin.go +++ b/internal/deployment/admin.go @@ -79,7 +79,7 @@ func AdminDeployment(store *v1.Store) *appsv1.Deployment { Resources: store.Spec.Container.Resources, }) - return &appsv1.Deployment{ + deployment := &appsv1.Deployment{ TypeMeta: metav1.TypeMeta{ Kind: "Deployment", APIVersion: "apps/v1", @@ -122,12 +122,17 @@ func AdminDeployment(store *v1.Store) *appsv1.Deployment { ImagePullSecrets: store.Spec.Container.ImagePullSecrets, RestartPolicy: store.Spec.Container.RestartPolicy, Containers: containers, - ServiceAccountName: util.GetServiceAccountName(store), SecurityContext: store.Spec.Container.SecurityContext, }, }, }, } + + if store.Spec.ServiceAccountName != "" { + deployment.Spec.Template.Spec.ServiceAccountName = store.Spec.ServiceAccountName + } + + return deployment } func GetAdminDeploymentName(store *v1.Store) string { diff --git a/internal/deployment/storefront.go b/internal/deployment/storefront.go index 96d6219..3c012d6 100644 --- a/internal/deployment/storefront.go +++ b/internal/deployment/storefront.go @@ -81,7 +81,7 @@ func StorefrontDeployment(store *v1.Store) *appsv1.Deployment { Resources: store.Spec.Container.Resources, }) - return &appsv1.Deployment{ + deployment := &appsv1.Deployment{ TypeMeta: metav1.TypeMeta{ Kind: "Deployment", APIVersion: "apps/v1", @@ -123,12 +123,17 @@ func StorefrontDeployment(store *v1.Store) *appsv1.Deployment { ImagePullSecrets: store.Spec.Container.ImagePullSecrets, RestartPolicy: store.Spec.Container.RestartPolicy, Containers: containers, - ServiceAccountName: util.GetServiceAccountName(store), SecurityContext: store.Spec.Container.SecurityContext, }, }, }, } + + if store.Spec.ServiceAccountName != "" { + deployment.Spec.Template.Spec.ServiceAccountName = store.Spec.ServiceAccountName + } + + return deployment } func GetStorefrontDeploymentName(store *v1.Store) string { diff --git a/internal/deployment/worker.go b/internal/deployment/worker.go index edea296..0a1d4f8 100644 --- a/internal/deployment/worker.go +++ b/internal/deployment/worker.go @@ -63,7 +63,7 @@ func WorkerDeployment(store *v1.Store) *appsv1.Deployment { Resources: store.Spec.Container.Resources, }) - return &appsv1.Deployment{ + deployment := &appsv1.Deployment{ TypeMeta: metav1.TypeMeta{ Kind: "Deployment", APIVersion: "apps/v1", @@ -105,12 +105,17 @@ func WorkerDeployment(store *v1.Store) *appsv1.Deployment { ImagePullSecrets: store.Spec.Container.ImagePullSecrets, RestartPolicy: store.Spec.Container.RestartPolicy, Containers: containers, - ServiceAccountName: util.GetServiceAccountName(store), SecurityContext: store.Spec.Container.SecurityContext, }, }, }, } + + if store.Spec.ServiceAccountName != "" { + deployment.Spec.Template.Spec.ServiceAccountName = store.Spec.ServiceAccountName + } + + return deployment } func GetWorkerDeploymentName(store *v1.Store) string { diff --git a/internal/job/migration.go b/internal/job/migration.go index 6292895..39b049f 100644 --- a/internal/job/migration.go +++ b/internal/job/migration.go @@ -74,7 +74,7 @@ func MigrationJob(store *v1.Store) *batchv1.Job { Env: store.GetEnv(), }) - return &batchv1.Job{ + job := &batchv1.Job{ TypeMeta: metav1.TypeMeta{ Kind: "Job", APIVersion: "batch/v1"}, @@ -99,12 +99,17 @@ func MigrationJob(store *v1.Store) *batchv1.Job { ImagePullSecrets: store.Spec.Container.ImagePullSecrets, RestartPolicy: "Never", Containers: containers, - ServiceAccountName: util.GetServiceAccountName(store), SecurityContext: store.Spec.Container.SecurityContext, }, }, }, } + + if store.Spec.ServiceAccountName != "" { + job.Spec.Template.Spec.ServiceAccountName = store.Spec.ServiceAccountName + } + + return job } func MigrateJobName(store *v1.Store) string { diff --git a/internal/job/setup.go b/internal/job/setup.go index b8b1163..21eea3b 100644 --- a/internal/job/setup.go +++ b/internal/job/setup.go @@ -76,7 +76,7 @@ func SetupJob(store *v1.Store) *batchv1.Job { Env: envs, }) - return &batchv1.Job{ + job := &batchv1.Job{ TypeMeta: metav1.TypeMeta{ Kind: "Job", APIVersion: "batch/v1", @@ -102,12 +102,17 @@ func SetupJob(store *v1.Store) *batchv1.Job { ImagePullSecrets: store.Spec.Container.ImagePullSecrets, RestartPolicy: "Never", Containers: containers, - ServiceAccountName: util.GetServiceAccountName(store), SecurityContext: store.Spec.Container.SecurityContext, }, }, }, } + + if store.Spec.ServiceAccountName != "" { + job.Spec.Template.Spec.ServiceAccountName = store.Spec.ServiceAccountName + } + + return job } func GetSetupJobName(store *v1.Store) string { diff --git a/internal/util/serviceaccount.go b/internal/util/serviceaccount.go deleted file mode 100644 index 15dab45..0000000 --- a/internal/util/serviceaccount.go +++ /dev/null @@ -1,11 +0,0 @@ -package util - -import ( - "fmt" - - v1 "github.com/shopware/shopware-operator/api/v1" -) - -func GetServiceAccountName(store *v1.Store) string { - return fmt.Sprintf("%s-store-sa", store.Name) -}