Merge pull request #8582 from deads2k/add-pull-secrets-to-service-account
add pull secrets to service accounts
This commit is contained in:
Tim Hockin
@@ -1151,6 +1151,11 @@ type ServiceAccount struct {
|
||||
|
||||
// Secrets is the list of secrets allowed to be used by pods running using this ServiceAccount
|
||||
Secrets []ObjectReference `json:"secrets"`
|
||||
|
||||
// ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images
|
||||
// in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets
|
||||
// can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet.
|
||||
ImagePullSecrets []LocalObjectReference `json:"imagePullSecrets,omitempty" description:"list of references to secrets in the same namespace available for pulling container images"`
|
||||
}
|
||||
|
||||
// ServiceAccountList is a list of ServiceAccount objects
|
||||
|
||||
@@ -2020,6 +2020,16 @@ func convert_api_ServiceAccount_To_v1_ServiceAccount(in *api.ServiceAccount, out
|
||||
} else {
|
||||
out.Secrets = nil
|
||||
}
|
||||
if in.ImagePullSecrets != nil {
|
||||
out.ImagePullSecrets = make([]LocalObjectReference, len(in.ImagePullSecrets))
|
||||
for i := range in.ImagePullSecrets {
|
||||
if err := convert_api_LocalObjectReference_To_v1_LocalObjectReference(&in.ImagePullSecrets[i], &out.ImagePullSecrets[i], s); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
} else {
|
||||
out.ImagePullSecrets = nil
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -4284,6 +4294,16 @@ func convert_v1_ServiceAccount_To_api_ServiceAccount(in *ServiceAccount, out *ap
|
||||
} else {
|
||||
out.Secrets = nil
|
||||
}
|
||||
if in.ImagePullSecrets != nil {
|
||||
out.ImagePullSecrets = make([]api.LocalObjectReference, len(in.ImagePullSecrets))
|
||||
for i := range in.ImagePullSecrets {
|
||||
if err := convert_v1_LocalObjectReference_To_api_LocalObjectReference(&in.ImagePullSecrets[i], &out.ImagePullSecrets[i], s); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
} else {
|
||||
out.ImagePullSecrets = nil
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
|
||||
@@ -1143,6 +1143,11 @@ type ServiceAccount struct {
|
||||
|
||||
// Secrets is the list of secrets allowed to be used by pods running using this ServiceAccount
|
||||
Secrets []ObjectReference `json:"secrets,omitempty" description:"list of secrets that can be used by pods running as this service account" patchStrategy:"merge" patchMergeKey:"name"`
|
||||
|
||||
// ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images
|
||||
// in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets
|
||||
// can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet.
|
||||
ImagePullSecrets []LocalObjectReference `json:"imagePullSecrets,omitempty" description:"list of references to secrets in the same namespace available for pulling container images"`
|
||||
}
|
||||
|
||||
// ServiceAccountList is a list of ServiceAccount objects
|
||||
|
||||
@@ -994,6 +994,11 @@ type ServiceAccount struct {
|
||||
|
||||
// Secrets is the list of secrets allowed to be used by pods running using this ServiceAccount
|
||||
Secrets []ObjectReference `json:"secrets" description:"list of secrets that can be used by pods running as this service account" patchStrategy:"merge" patchMergeKey:"name"`
|
||||
|
||||
// ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images
|
||||
// in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets
|
||||
// can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet.
|
||||
ImagePullSecrets []LocalObjectReference `json:"imagePullSecrets,omitempty" description:"list of references to secrets in the same namespace available for pulling container images"`
|
||||
}
|
||||
|
||||
// ServiceAccountList is a list of ServiceAccount objects
|
||||
|
||||
@@ -998,6 +998,11 @@ type ServiceAccount struct {
|
||||
|
||||
// Secrets is the list of secrets allowed to be used by pods running using this ServiceAccount
|
||||
Secrets []ObjectReference `json:"secrets" description:"list of secrets that can be used by pods running as this service account" patchStrategy:"merge" patchMergeKey:"name"`
|
||||
|
||||
// ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images
|
||||
// in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets
|
||||
// can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet.
|
||||
ImagePullSecrets []LocalObjectReference `json:"imagePullSecrets,omitempty" description:"list of references to secrets in the same namespace available for pulling container images"`
|
||||
}
|
||||
|
||||
// ServiceAccountList is a list of ServiceAccount objects
|
||||
|
||||
@@ -1959,6 +1959,16 @@ func convert_api_ServiceAccount_To_v1beta3_ServiceAccount(in *api.ServiceAccount
|
||||
} else {
|
||||
out.Secrets = nil
|
||||
}
|
||||
if in.ImagePullSecrets != nil {
|
||||
out.ImagePullSecrets = make([]LocalObjectReference, len(in.ImagePullSecrets))
|
||||
for i := range in.ImagePullSecrets {
|
||||
if err := convert_api_LocalObjectReference_To_v1beta3_LocalObjectReference(&in.ImagePullSecrets[i], &out.ImagePullSecrets[i], s); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
} else {
|
||||
out.ImagePullSecrets = nil
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -4156,6 +4166,16 @@ func convert_v1beta3_ServiceAccount_To_api_ServiceAccount(in *ServiceAccount, ou
|
||||
} else {
|
||||
out.Secrets = nil
|
||||
}
|
||||
if in.ImagePullSecrets != nil {
|
||||
out.ImagePullSecrets = make([]api.LocalObjectReference, len(in.ImagePullSecrets))
|
||||
for i := range in.ImagePullSecrets {
|
||||
if err := convert_v1beta3_LocalObjectReference_To_api_LocalObjectReference(&in.ImagePullSecrets[i], &out.ImagePullSecrets[i], s); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
} else {
|
||||
out.ImagePullSecrets = nil
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
|
||||
@@ -1150,6 +1150,11 @@ type ServiceAccount struct {
|
||||
|
||||
// Secrets is the list of secrets allowed to be used by pods running using this ServiceAccount
|
||||
Secrets []ObjectReference `json:"secrets,omitempty" description:"list of secrets that can be used by pods running as this service account" patchStrategy:"merge" patchMergeKey:"name"`
|
||||
|
||||
// ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images
|
||||
// in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets
|
||||
// can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet.
|
||||
ImagePullSecrets []LocalObjectReference `json:"imagePullSecrets,omitempty" description:"list of references to secrets in the same namespace available for pulling container images"`
|
||||
}
|
||||
|
||||
// ServiceAccountList is a list of ServiceAccount objects
|
||||
|
||||
Reference in New Issue
Block a user