set AutomountServiceAccountToken to nil by default

8 years ago · a619dfb5c6
parent 2b7d216e87
commit a619dfb5c6
1 changed files with 5 additions and 3 deletions
--- a/cmd/helm/installer/install.go
+++ b/cmd/helm/installer/install.go
@ -176,7 +176,6 @@ func generateDeployment(opts *Options) (*v1beta1.Deployment, error) {
 			return nil, err
 		}
 	}
-	automountServiceAccountToken := opts.ServiceAccount != ""
 	d := &v1beta1.Deployment{
 		ObjectMeta: metav1.ObjectMeta{
 			Namespace: opts.Namespace,
@ -190,8 +189,7 @@ func generateDeployment(opts *Options) (*v1beta1.Deployment, error) {
 					Labels: labels,
 				},
 				Spec: v1.PodSpec{
-					ServiceAccountName:           opts.ServiceAccount,
-					AutomountServiceAccountToken: &automountServiceAccountToken,
+					ServiceAccountName: opts.ServiceAccount,
 					Containers: []v1.Container{
 						{
 							Name:            "tiller",
@ -234,6 +232,10 @@ func generateDeployment(opts *Options) (*v1beta1.Deployment, error) {
 		},
 	}

+	if opts.ServiceAccount != "" {
+		d.Spec.Template.Spec.AutomountServiceAccountToken = func(b bool) *bool { return &b }(true)
+	}
+
 	if opts.tls() {
 		const certsDir = "/etc/certs"