From d586d3fa0a0e3470f5c63376fa633b60d3b05eee Mon Sep 17 00:00:00 2001
From: pascal-meunier <pmeunier100@gmail.com>
Date: Fri, 16 Jun 2023 09:54:48 -0400
Subject: [PATCH] Allow sk-admin-update to create Kubernetes secrets

Specify a serviceAccountName when the default service account doesn't have the roleBinding necessary to do so.
---
 .../skadmin/templates/kube/updateSecrets/sk-admin-update.yml   | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/playbooks/roles/skadmin/templates/kube/updateSecrets/sk-admin-update.yml b/playbooks/roles/skadmin/templates/kube/updateSecrets/sk-admin-update.yml
index 7f1f7be3..dd0095df 100644
--- a/playbooks/roles/skadmin/templates/kube/updateSecrets/sk-admin-update.yml
+++ b/playbooks/roles/skadmin/templates/kube/updateSecrets/sk-admin-update.yml
@@ -7,6 +7,9 @@ metadata:
 spec:
   template:
     spec:
+{% if skadmin_sk_privileged_sa is not none %}
+      serviceAccountName: {{ skadmin_sk_privileged_sa }}
+{% endif %}
       restartPolicy: Never
       containers:
       - name: sk-admin-update