feat(chart): expose automountServiceAccountToken in the csi-driver chart#700
feat(chart): expose automountServiceAccountToken in the csi-driver chart#700yugstar wants to merge 1 commit into
Conversation
Allow disabling automatic mounting of the ServiceAccount token on the csi-driver pod, matching the option in the trust-manager chart. Defaults to true, preserving current behaviour. Regenerated the values schema and README. Signed-off-by: Aman Raj <aman.yug@gmail.com>
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
|
Hi @yugstar. Thanks for your PR. I'm waiting for a cert-manager member to verify that this patch is reasonable to test. If it is, they should reply with Tip We noticed you've done this a few times! Consider joining the org to skip this step and gain Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
What
Adds an
automountServiceAccountTokenvalue to the csi-driver chart so operators can disable automatic mounting of the ServiceAccount token on the csi-driver pod — a common security-hardening request, matching the option already in the trust-manager chart.Details
automountServiceAccountTokenvalue (defaults totrue, preserving current behaviour).{{- if hasKey .Values "automountServiceAccountToken" }}.values.schema.jsonandREADME.mdwithhelm-tool.helm lintpasses;helm template --set automountServiceAccountToken=falserenders the field correctly.