(namespace string)
| 592 | } |
| 593 | |
| 594 | func (c *Controller) createPodServiceAccount(namespace string) error { |
| 595 | |
| 596 | podServiceAccountName := c.opConfig.PodServiceAccountName |
| 597 | _, err := c.KubeClient.ServiceAccounts(namespace).Get(context.TODO(), podServiceAccountName, metav1.GetOptions{}) |
| 598 | if k8sutil.ResourceNotFound(err) { |
| 599 | |
| 600 | c.logger.Infof("creating pod service account %q in the %q namespace", podServiceAccountName, namespace) |
| 601 | |
| 602 | // get a separate copy of service account |
| 603 | // to prevent a race condition when setting a namespace for many clusters |
| 604 | sa := *c.PodServiceAccount |
| 605 | if _, err = c.KubeClient.ServiceAccounts(namespace).Create(context.TODO(), &sa, metav1.CreateOptions{}); err != nil { |
| 606 | return fmt.Errorf("cannot deploy the pod service account %q defined in the configuration to the %q namespace: %v", podServiceAccountName, namespace, err) |
| 607 | } |
| 608 | |
| 609 | c.logger.Infof("successfully deployed the pod service account %q to the %q namespace", podServiceAccountName, namespace) |
| 610 | } else if k8sutil.ResourceAlreadyExists(err) { |
| 611 | return nil |
| 612 | } |
| 613 | |
| 614 | return err |
| 615 | } |
| 616 | |
| 617 | func (c *Controller) createRoleBindings(namespace string) error { |
| 618 |
no test coverage detected