Coverage for ocp_resources/service_account.py: 0%

20 statements  

« prev     ^ index     » next       coverage.py v7.6.10, created at 2025-01-30 10:48 +0200

1import kubernetes 

2from ocp_resources.resource import NamespacedResource 

3 

4 

5class ServiceAccount(NamespacedResource): 

6 """ 

7 https://kubernetes.io/docs/reference/kubernetes-api/authentication-resources/service-account-v1/ 

8 """ 

9 

10 api_version = NamespacedResource.ApiVersion.V1 

11 

12 def __init__( 

13 self, 

14 automount_service_account_token=None, 

15 image_pull_secrets=None, 

16 secrets=None, 

17 **kwargs, 

18 ): 

19 """ 

20 Args: 

21 automount_service_account_token (bool, Optional): indicates whether pods running as this service account should have an 

22 API token automatically mounted 

23 image_pull_secrets (list, Optional): list of references to secrets in the same namespace to use for pulling pod images 

24 secrets (list, Optional): list of secrets for the pods to use 

25 """ 

26 super().__init__(**kwargs) 

27 self.automount_service_account_token = automount_service_account_token 

28 self.image_pull_secrets = image_pull_secrets 

29 self.secrets = secrets 

30 

31 def to_dict(self) -> None: 

32 super().to_dict() 

33 if not self.kind_dict and not self.yaml_file: 

34 if self.automount_service_account_token: 

35 self.res["automountServiceAccountToken"] = self.automount_service_account_token 

36 if self.image_pull_secrets: 

37 self.res["imagePullSecrets"] = self.image_pull_secrets 

38 if self.secrets: 

39 self.res["secrets"] = self.secrets 

40 

41 def create_service_account_token(self, audiences=None, bound_object_ref=None, expiration_seconds=None): 

42 """ 

43 Args: 

44 audiences (list, Optional): Intended audiences of the token 

45 bound_object_ref (dict, Optional): Reference to an object that a token is bound to 

46 expiration_seconds (int, Optional): Requested duration of validity of the token in seconds. 

47 """ 

48 return self._kube_v1_api.create_namespaced_service_account_token( 

49 name=self.name, 

50 namespace=self.namespace, 

51 body=kubernetes.client.AuthenticationV1TokenRequest( 

52 spec={ 

53 "audiences": audiences, 

54 "boundObjectRef": bound_object_ref, 

55 "expirationSeconds": expiration_seconds, 

56 } 

57 ), 

58 )