New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(authentik): add option to set serviceaccount #253
base: main
Are you sure you want to change the base?
Conversation
02601ca
to
9c8565d
Compare
@@ -1,6 +1,6 @@ | |||
--- | |||
apiVersion: v2 | |||
version: 2024.2.2 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll let @BeryJu comment on whether we should increase the chart version.
d08e3d4
to
8940664
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think for the server container we could just not mount a service account at all since it doesn't need one. Although I suppose that would only change the defaults as there might still be usecases where someone might want to mount a service account themselves
That is not BSI conform to use default serviceAccount, take a look in: if you prefer to stop using the mount of the serviceaccount, it will break additional feature which user of this helm-chart could needed (e.g. #146). |
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space> Signed-off-by: WrenIX <133280015+wrenix@users.noreply.github.com>
8940664
to
6d30ff4
Compare
I like to follow security guide lines, which say nobody should use the "default" serviceAccount of an namespace ...
so i like to create my own serviceAccount and assign it with this helm-chart.
PS: maybe it is also needed for #146