I have a kubernetes cluster version 1.26 Here i'm creating a serviceaccount following the instructions in the yaml given below
apiVersion: v1
kind: ServiceAccount
metadata:
creationTimestamp: null
name: devops-serviceaccount
namespace: default
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
creationTimestamp: null
name: role-for-serviceaccount
namespace: default
rules:
- apiGroups: ["*","apps","extensions"]
resources: ["*"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
creationTimestamp: null
name: rolebinding-for-serviceaccount
namespace: default
subjects:
- kind: ServiceAccount
name: devops-serviceaccount
namespace: default
roleRef:
kind: Role
name: role-for-serviceaccount
apiGroup: rbac.authorization.k8s.io
apiVersion: v1
kind: Secret
type: kubernetes.io/service-account-token
metadata:
name: devops-sa-secret
annotations:
kubernetes.io/service-account.name: "devops-serviceaccount"
after deploying the yaml i run the following command
kubectl get serviceAccounts devops-serviceaccount
I expect a Service Account with the secrets attached to it but the secret count is 0
After version K8s 1.24 it does not default to create the secret with a Service account. If you are following any article make sure it's not for an older versions of k8s.
As you are on 1.26 which is the latest and it does not support secret creation by default with SA creation and it wont show.
You can read more about my article : https://medium.com/faun/k8s-v1-24-is-unable-to-create-a-serviceaccount-secret-798f8454e6e7
Update
apiVersion: v1
kind: ServiceAccount
metadata:
name: test-sa
secrets:
- name: token-secret
---
apiVersion: v1
kind: Secret
type: kubernetes.io/service-account-token
metadata:
name: token-secret
annotations:
kubernetes.io/service-account.name: "test-sa"
what i found, field counts the secrets mentioned in the field with a service account.
Code ref of SA struct