in pkg/controllers/serviceaccount_controller.go [46:85]
func (saCtrl *ServiceAccountControl) ensureServiceAccount(
ctx context.Context, sc *SyncContext) (*corev1.ServiceAccount, error) {
nc := sc.ndb
ServiceAccountName := nc.GetServiceAccountName()
sa, err := saCtrl.ServiceAccountLister.ServiceAccounts(nc.Namespace).Get(ServiceAccountName)
if err == nil {
// ServiceAccount exists already
if err = sc.isOwnedByNdbCluster(sa); err != nil {
// But it is not owned by the NdbCluster resource
klog.Errorf(
"Attempting to create ServiceAccount %q failed as it exists already but not owned by NdbCluster resource %q",
ServiceAccountName, getNamespacedName(nc))
return nil, err
}
// ServiceAccount already exists and is owned by nc
return sa, nil
}
if !apierrors.IsNotFound(err) {
// Error other than NotFound
klog.Errorf("Error getting ServiceAccount %q from ServiceAccountLister : %s", ServiceAccountName, err)
return nil, err
}
// ServiceAccount not found - create it
sa = resources.NewServiceAccount(nc)
klog.Infof("Creating a new ServiceAccount %q for NdbCluster resource %q", getNamespacedName(sa), getNamespacedName(sc.ndb))
sa, err = saCtrl.getServiceAccountInterface(sc.ndb.Namespace).Create(ctx, sa, metav1.CreateOptions{})
if err != nil && !apierrors.IsAlreadyExists(err) {
// Create failed. Ignore AlreadyExists error as it
// might have been caused due to an outdated cache read.
klog.Errorf("Error creating ServiceAccount %q : %s", getNamespacedName(sa), err)
return nil, err
}
return sa, nil
}