github/steve
1
0
Fork 0
mirror of https://github.com/niusmallnan/steve.git synced 2025-07-19 17:07:10 +00:00
Code Issues Projects Releases Wiki Activity

wait for svc account secret to be populated with token

Browse Source
This commit is contained in:
Kinara Shah 2022-06-28 16:14:35 -07:00
parent 3d379c3dd8
commit 3c8925cc12
1 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
pkg/podimpersonation/podimpersonation.go
View File

@ -348,7 +348,19 @@ func (s *PodImpersonation) createPod(ctx context.Context, user user.Info, role *
if err != nil {
return nil, err
}
if _, ok := tokenSecret.Data[v1.ServiceAccountTokenKey]; !ok {
for {
logrus.Debugf("wait for svc account secret to be populated with token %s", tokenSecret.Name)
time.Sleep(2 * time.Second)
tokenSecret, err = client.CoreV1().Secrets(sa.Namespace).Get(ctx, sc.Name, metav1.GetOptions{})
if err != nil {
return nil, err
}
if _, ok := tokenSecret.Data[v1.ServiceAccountTokenKey]; ok {
break
}
}
}
pod = s.augmentPod(pod, sa, tokenSecret, podOptions.ImageOverride)
if err := s.createConfigMaps(ctx, user, role, pod, podOptions, client); err != nil {
@ -358,7 +370,6 @@ func (s *PodImpersonation) createPod(ctx context.Context, user user.Info, role *
if err := s.createSecrets(ctx, role, pod, podOptions, client); err != nil {
return nil, err
}
pod.OwnerReferences = ref(role)
if pod.Annotations == nil {
pod.Annotations = map[string]string{}