svcacct: move claim generation out of TokenGenerator

2026-01-05 23:47:50 +00:00 · 2018-02-05 20:07:50 -08:00
parent c02b784b76
commit 7d74c35963
7 changed files with 71 additions and 36 deletions
--- a/pkg/controller/serviceaccount/tokens_controller.go
+++ b/pkg/controller/serviceaccount/tokens_controller.go
@@ -395,7 +395,7 @@ func (e *TokensController) ensureReferencedToken(serviceAccount *v1.ServiceAccou
 	}

 	// Generate the token
-	token, err := e.token.GenerateToken(*serviceAccount, *secret)
+	token, err := e.token.GenerateToken(serviceaccount.LegacyClaims(*serviceAccount, *secret))
 	if err != nil {
 		// retriable error
 		return true, err
@@ -551,7 +551,7 @@ func (e *TokensController) generateTokenIfNeeded(serviceAccount *v1.ServiceAccou

 	// Generate the token
 	if needsToken {
-		token, err := e.token.GenerateToken(*serviceAccount, *liveSecret)
+		token, err := e.token.GenerateToken(serviceaccount.LegacyClaims(*serviceAccount, *liveSecret))
 		if err != nil {
 			return false, err
 		}