quartz/Service Account Tokens & Mounting.md at b2cefa4ff8bf975558acd83d19a984f1a5f09f83

GitHub/quartz

mirror of https://github.com/jackyzha0/quartz.git synced 2025-12-25 05:44:06 -06:00

Mischa van den Burg 3da23fc476 Automated commit at Fri Apr 5 10:00:00 CEST 2024

2024-04-05 10:00:00 +02:00

Each Service Account receives a token which is mounted in the pod at

/var/run/secrets/kubernetes.io/serviceaccount

You can cat the token and inspect it at JSON Web Tokens - jwt.io

The auto mounting can be disabled by configuring either the Service account or the pod as follows:

apiVersion: v1
kind: ServiceAccount
metadata:
  name: build-robot
automountServiceAccountToken: false

apiVersion: v1
kind: Pod
metadata:
  name: my-pod
spec:
  serviceAccountName: build-robot
  automountServiceAccountToken: false
  ...

Links:

202404050951