charts/pipelines-library/templates/resources/serviceaccount-tekton.yaml (26 lines of code) (raw):
apiVersion: v1
kind: ServiceAccount
metadata:
name: tekton
labels:
{{- include "edp-tekton.labels" . | nindent 4 }}
{{- if .Values.kaniko.roleArn }}
annotations:
eks.amazonaws.com/role-arn: {{ .Values.kaniko.roleArn }}
{{ end }}
# -- Define secrets which will be mounted to service account. This allow signed image while push to Harbor
{{- if eq .Values.global.dockerRegistry.type "harbor" }}
secrets:
- name: kaniko-docker-config
{{- end }}
---
{{- if eq .Values.global.platform "openshift" -}}
apiVersion: v1
kind: Secret
metadata:
labels:
{{- include "edp-tekton.labels" . | nindent 4 }}
name: edp-tekton-helm-push
annotations:
kubernetes.io/service-account.name: tekton
type: kubernetes.io/service-account-token
{{- end -}}