Details
-
Bug
-
Resolution: Obsolete
-
Major
-
None
-
None
-
None
Description
Include a serviceaccount object into templates. This will remove the need for manual creation. This will also aid in the use of the Openshift "Create from URL" feature.
Setting template parameters in the URL:
https://openshift.vault101.quicklab.rdu2.cee.redhat.com/console/create?template=eap70-basic-s2i&templateParamsMap={"SOURCE_REPOSITORY_URL"%3A"https:%2F%2Fgithub.com%2Fjboss-developer%2Fjboss-eap-quickstarts"}
Example of a serviceaccount object and associate rolebindings object:
Service account object:
{
"kind": "ServiceAccount",
"apiVersion": "v1",
"metadata": {
"name": "eap-service-account"
}
}
Role binding object:
{
"kind":"RoleBinding",
"apiVersion":"v1",
"metadata": {
"name":"view",
"namespace":"fooman",
"userNames": [
"system:serviceaccount:fooman:eap-service-account"
],
"groupNames":null,
"subjects": [
{
"kind":"ServiceAccount",
"namespace":"fooman",
"name":"eap-service-account"
}
],
"roleRef": {
"name":"view"
}
}
We can then update documentation to remove the need for manually executing the following commands for every middleware container product.
oc create serviceaccount eap-service-account oc policy add-role-to-user view system:serviceaccount:$(oc project -q):eap-service-account oc policy add-role-to-user view system:serviceaccount:$(oc project -q):default -n $(oc project -q)
Attachments
Issue Links
- is related to
-
CLOUD-2209 Remove service account fields from templates
-
- Verified
-
