Home > database >  A mountable secret and token are not automatically generated in serviceaccount
A mountable secret and token are not automatically generated in serviceaccount

Time:06-13

I downloaded Kubernetes for integration with Jenkins and created a Serviceaccount, but the secret is not automatically created.

In the past, I remember that a Secret was automatically created and the Token was mounted when Serviceaccount was created.

How can I automatically create a Secret as before?

CodePudding user response:

You can enabled it using the option automountServiceAccountToken: true

apiVersion: v1
kind: ServiceAccount
metadata:
  name: jenkins
automountServiceAccountToken: true

else remove the option automountServiceAccountToken , by default it will create secret

apiVersion: v1
kind: ServiceAccount
metadata:
  name: jenkins

CodePudding user response:

As mentioned by @P.... In kubernetes version 1.24 this behaviour has been changed, the LegacyServiceAccountTokenNoAutoGeneration feature gate is enabled by default in 1.24.

New secrets containing service account tokens are no longer auto-generated and are not automatically ambient in secrets in 1.24 . Existing secrets containing service account tokens are still usable.

API clients scraping token content from auto-generated Secret API objects must start using the TokenRequest API to obtain a token (preferred, available in all supported versions), or you can explicitly request a secret-based token if a secret-based token is desired/needed.

Refer manually create a service account API token to explicitly request a secret-based token.

  • Related