Skip to content

Commit

Permalink
Make serviceaccount example downloadable
Browse files Browse the repository at this point in the history
  • Loading branch information
sftim committed Jun 3, 2019
1 parent 7cea185 commit 37ed864
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 17 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -89,25 +89,31 @@ ServiceAccount. To create additional API tokens for a service account, you
can create a Secret of type `ServiceAccountToken` with an annotation referencing
the ServiceAccount, and the token controller will update it with a generated token:

secret.json:

```json
{
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
"name": "mysecretname",
"annotations": {
"kubernetes.io/service-account.name": "myserviceaccount"
}
},
"type": "kubernetes.io/service-account-token"
}
```
{{< codenew file="/secret/serviceaccount/mysecretname.yaml" >}}

To create a Secret based on this example, run:

```shell
kubectl create -f ./secret.json
kubectl describe secret mysecretname
kubectl -n examplens create -f https://k8s.io/examples/secret/serviceaccount/mysecretname.yaml
kubectl -n examplens describe secret mysecretname
```
(this assumes you already have a namespace named `examplens`).

You'll see something like:
```
Name: mysecretname
Namespace: examplens
Labels: <none>
Annotations: kubernetes.io/service-account.name=myserviceaccount
kubernetes.io/service-account.uid=8a85c4c4-8483-11e9-bc42-526af7764f64
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1362 bytes
namespace: 9 bytes
token: ...
```

#### To delete/invalidate a service account token
Expand Down
7 changes: 7 additions & 0 deletions content/en/examples/secret/serviceaccount/mysecretname.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
apiVersion: v1
kind: Secret
type: kubernetes.io/service-account-token
metadata:
name: mysecretname
annotations:
- kubernetes.io/service-account.name: myserviceaccount

0 comments on commit 37ed864

Please sign in to comment.