diff --git a/docs/modules/ROOT/partials/apis/camel-k-crds.adoc b/docs/modules/ROOT/partials/apis/camel-k-crds.adoc index a8be03912d..abe5aee8c4 100644 --- a/docs/modules/ROOT/partials/apis/camel-k-crds.adoc +++ b/docs/modules/ROOT/partials/apis/camel-k-crds.adoc @@ -4909,6 +4909,13 @@ PodSpec defines a group of Kubernetes resources. |Field |Description +|`automountServiceAccountToken` + +bool +| + + +AutomountServiceAccountToken + |`volumes` + *https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#volume-v1-core[[\]Kubernetes core/v1.Volume]* | diff --git a/helm/camel-k/crds/crd-integration.yaml b/helm/camel-k/crds/crd-integration.yaml index 808ad117ff..40b06eff20 100644 --- a/helm/camel-k/crds/crd-integration.yaml +++ b/helm/camel-k/crds/crd-integration.yaml @@ -242,6 +242,9 @@ spec: description: ActiveDeadlineSeconds format: int64 type: integer + automountServiceAccountToken: + description: AutomountServiceAccountToken + type: boolean containers: description: Containers items: diff --git a/helm/camel-k/crds/crd-kamelet-binding.yaml b/helm/camel-k/crds/crd-kamelet-binding.yaml index 40f60e223f..fbfba55cab 100644 --- a/helm/camel-k/crds/crd-kamelet-binding.yaml +++ b/helm/camel-k/crds/crd-kamelet-binding.yaml @@ -238,6 +238,9 @@ spec: description: ActiveDeadlineSeconds format: int64 type: integer + automountServiceAccountToken: + description: AutomountServiceAccountToken + type: boolean containers: description: Containers items: diff --git a/helm/camel-k/crds/crd-pipe.yaml b/helm/camel-k/crds/crd-pipe.yaml index e1d2f7fd20..29962f2686 100644 --- a/helm/camel-k/crds/crd-pipe.yaml +++ b/helm/camel-k/crds/crd-pipe.yaml @@ -236,6 +236,9 @@ spec: description: ActiveDeadlineSeconds format: int64 type: integer + automountServiceAccountToken: + description: AutomountServiceAccountToken + type: boolean containers: description: Containers items: diff --git a/pkg/apis/camel/v1/integration_types.go b/pkg/apis/camel/v1/integration_types.go index 7d7626c8fa..4ba8630528 100644 --- a/pkg/apis/camel/v1/integration_types.go +++ b/pkg/apis/camel/v1/integration_types.go @@ -23,7 +23,7 @@ import ( ) // NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. -// Important: Run "make generate-deepcopy" to regenerate code after modifying this file +// Important: Run "make generate" to regenerate code after modifying this file // +genclient // +genclient:method=GetScale,verb=get,subresource=scale,result=k8s.io/api/autoscaling/v1.Scale @@ -284,6 +284,8 @@ type PodSpecTemplate struct { // PodSpec defines a group of Kubernetes resources. type PodSpec struct { + // AutomountServiceAccountToken + AutomountServiceAccountToken *bool `json:"automountServiceAccountToken,omitempty" protobuf:"varint,21,opt,name=automountServiceAccountToken"` // Volumes Volumes []corev1.Volume `json:"volumes,omitempty" patchStrategy:"merge,retainKeys" patchMergeKey:"name" protobuf:"bytes,1,rep,name=volumes"` // InitContainers diff --git a/pkg/apis/camel/v1/zz_generated.deepcopy.go b/pkg/apis/camel/v1/zz_generated.deepcopy.go index eac7e2550f..d5df39c00a 100644 --- a/pkg/apis/camel/v1/zz_generated.deepcopy.go +++ b/pkg/apis/camel/v1/zz_generated.deepcopy.go @@ -2644,6 +2644,11 @@ func (in *PodCondition) DeepCopy() *PodCondition { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PodSpec) DeepCopyInto(out *PodSpec) { *out = *in + if in.AutomountServiceAccountToken != nil { + in, out := &in.AutomountServiceAccountToken, &out.AutomountServiceAccountToken + *out = new(bool) + **out = **in + } if in.Volumes != nil { in, out := &in.Volumes, &out.Volumes *out = make([]corev1.Volume, len(*in)) diff --git a/pkg/client/camel/applyconfiguration/camel/v1/podspec.go b/pkg/client/camel/applyconfiguration/camel/v1/podspec.go index 12de22cf52..795ae186dc 100644 --- a/pkg/client/camel/applyconfiguration/camel/v1/podspec.go +++ b/pkg/client/camel/applyconfiguration/camel/v1/podspec.go @@ -26,6 +26,7 @@ import ( // PodSpecApplyConfiguration represents an declarative configuration of the PodSpec type for use // with apply. type PodSpecApplyConfiguration struct { + AutomountServiceAccountToken *bool `json:"automountServiceAccountToken,omitempty"` Volumes []v1.Volume `json:"volumes,omitempty"` InitContainers []v1.Container `json:"initContainers,omitempty"` Containers []v1.Container `json:"containers,omitempty"` @@ -45,6 +46,14 @@ func PodSpec() *PodSpecApplyConfiguration { return &PodSpecApplyConfiguration{} } +// WithAutomountServiceAccountToken sets the AutomountServiceAccountToken field in the declarative configuration to the given value +// and returns the receiver, so that objects can be built by chaining "With" function invocations. +// If called multiple times, the AutomountServiceAccountToken field is set to the value of the last call. +func (b *PodSpecApplyConfiguration) WithAutomountServiceAccountToken(value bool) *PodSpecApplyConfiguration { + b.AutomountServiceAccountToken = &value + return b +} + // WithVolumes adds the given value to the Volumes field in the declarative configuration // and returns the receiver, so that objects can be build by chaining "With" function invocations. // If called multiple times, values provided by each call will be appended to the Volumes field. diff --git a/pkg/resources/config/crd/bases/camel.apache.org_integrations.yaml b/pkg/resources/config/crd/bases/camel.apache.org_integrations.yaml index 808ad117ff..40b06eff20 100644 --- a/pkg/resources/config/crd/bases/camel.apache.org_integrations.yaml +++ b/pkg/resources/config/crd/bases/camel.apache.org_integrations.yaml @@ -242,6 +242,9 @@ spec: description: ActiveDeadlineSeconds format: int64 type: integer + automountServiceAccountToken: + description: AutomountServiceAccountToken + type: boolean containers: description: Containers items: diff --git a/pkg/resources/config/crd/bases/camel.apache.org_kameletbindings.yaml b/pkg/resources/config/crd/bases/camel.apache.org_kameletbindings.yaml index 40f60e223f..fbfba55cab 100644 --- a/pkg/resources/config/crd/bases/camel.apache.org_kameletbindings.yaml +++ b/pkg/resources/config/crd/bases/camel.apache.org_kameletbindings.yaml @@ -238,6 +238,9 @@ spec: description: ActiveDeadlineSeconds format: int64 type: integer + automountServiceAccountToken: + description: AutomountServiceAccountToken + type: boolean containers: description: Containers items: diff --git a/pkg/resources/config/crd/bases/camel.apache.org_pipes.yaml b/pkg/resources/config/crd/bases/camel.apache.org_pipes.yaml index e1d2f7fd20..29962f2686 100644 --- a/pkg/resources/config/crd/bases/camel.apache.org_pipes.yaml +++ b/pkg/resources/config/crd/bases/camel.apache.org_pipes.yaml @@ -236,6 +236,9 @@ spec: description: ActiveDeadlineSeconds format: int64 type: integer + automountServiceAccountToken: + description: AutomountServiceAccountToken + type: boolean containers: description: Containers items: diff --git a/pkg/trait/pod_test.go b/pkg/trait/pod_test.go index 96875c763b..520a9d388e 100755 --- a/pkg/trait/pod_test.go +++ b/pkg/trait/pod_test.go @@ -104,6 +104,14 @@ func TestSupplementalGroup(t *testing.T) { assert.Contains(t, templateSpec.Spec.SecurityContext.SupplementalGroups, int64(666)) } +func TestAutomountServiceAccountToken(t *testing.T) { + templateString := `automountServiceAccountToken: false` + templateSpec := testPodTemplateSpec(t, templateString) + + assert.NotNil(t, templateSpec.Spec.AutomountServiceAccountToken) + assert.False(t, *templateSpec.Spec.AutomountServiceAccountToken) +} + // nolint: unparam func createPodTest(podSpecTemplate string) (*podTrait, *Environment, *appsv1.Deployment) { trait, _ := newPodTrait().(*podTrait)