knative
/
func
mirror of https://github.com/knative/func.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add support for `serviceAccountName` on deploy (#1811) 

This allows setting the service account for the resulting knative
service, which must pre-exist in the namespace to let the deployment
succeed.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
This commit is contained in:
Sascha Grunert 2023-06-19 18:46:54 +02:00 committed by GitHub
parent 3d1176680d
commit c1a90f65f2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 20 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/reference/func_yaml.md
View File

@ -121,6 +121,14 @@ subsequent deployments.
The Kubernetes namespace where your function will be deployed.
### `serviceAccountName`
The name of the service account used for the function pod. The service account
must exist in the namespace to succeed.
More info: https://k8s.io/docs/tasks/configure-pod-container/configure-service-account
### `options`
Options allows you to set specific configuration for the deployed function, allowing you to tweak Knative Service options related to autoscaling and other properties. If these options are not set, the Knative defaults will be used.
- `scale`

6
pkg/functions/function.go
View File

@ -152,6 +152,12 @@ type DeploySpec struct {
// Health endpoints specified by the language pack
HealthEndpoints HealthEndpoints `yaml:"healthEndpoints,omitempty"`
// ServiceAccountName is the name of the service account used for the
// function pod. The service account must exist in the namespace to
// succeed.
// More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
ServiceAccountName string `yaml:"serviceAccountName,omitempty"`
}
// HealthEndpoints specify the liveness and readiness endpoints for a Runtime

3
pkg/knative/deployer.go
View File

@ -370,7 +370,8 @@ func generateNewService(f fn.Function, decorator DeployDecorator) (*v1.Service,
Containers: []corev1.Container{
container,
},
Volumes: newVolumes,
ServiceAccountName: f.Deploy.ServiceAccountName,
Volumes: newVolumes,
},
},
},

4
schema/func_yaml-schema.json
View File

@ -86,6 +86,10 @@
"$schema": "http://json-schema.org/draft-04/schema#",
"$ref": "#/definitions/HealthEndpoints",
"description": "Health endpoints specified by the language pack"
},
"serviceAccountName": {
"type": "string",
"description": "ServiceAccountName is the name of the service account used for the\nfunction pod. The service account must exist in the namespace to\nsucceed.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/"
}
},
"additionalProperties": false,