From 62134ecbc307620b5efeab929c801fa7f050333e Mon Sep 17 00:00:00 2001
From: Vivek Kumar Singh <vivekkmr45@yahoo.in>
Date: Sat, 20 Sep 2025 21:56:33 +0530
Subject: [PATCH] :sparkles: feat: add capv serviceaccount

- Use a serviceaccount dedicated for capv instead of using an default serviceaccount from the namespace in which it is deployed
---
 config/manager/manager.yaml                   | 1 +
 config/rbac/kustomization.yaml                | 1 +
 config/rbac/leader_election_role_binding.yaml | 2 +-
 config/rbac/role_binding.yaml                 | 2 +-
 config/rbac/serviceaccount.yaml               | 5 +++++
 5 files changed, 9 insertions(+), 2 deletions(-)
 create mode 100644 config/rbac/serviceaccount.yaml

diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml
index 401dd765e5..1f82c08636 100644
--- a/config/manager/manager.yaml
+++ b/config/manager/manager.yaml
@@ -66,6 +66,7 @@ spec:
         seccompProfile:
           type: RuntimeDefault
       terminationGracePeriodSeconds: 10
+      serviceAccountName: manager
       tolerations:
         - effect: NoSchedule
           key: node-role.kubernetes.io/master
diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml
index 0c696c7c44..1aaa9a0215 100644
--- a/config/rbac/kustomization.yaml
+++ b/config/rbac/kustomization.yaml
@@ -6,5 +6,6 @@ resources:
 - leader_election_role.yaml
 - leader_election_role_binding.yaml
 - aggregate_role.yaml
+- serviceaccount.yaml
 patchesStrategicMerge:
 - aggregate_labels.yaml
diff --git a/config/rbac/leader_election_role_binding.yaml b/config/rbac/leader_election_role_binding.yaml
index eed16906f4..d5e0044679 100644
--- a/config/rbac/leader_election_role_binding.yaml
+++ b/config/rbac/leader_election_role_binding.yaml
@@ -8,5 +8,5 @@ roleRef:
   name: leader-election-role
 subjects:
 - kind: ServiceAccount
-  name: default
+  name: manager
   namespace: system
diff --git a/config/rbac/role_binding.yaml b/config/rbac/role_binding.yaml
index 8f2658702c..5a95f66d6f 100644
--- a/config/rbac/role_binding.yaml
+++ b/config/rbac/role_binding.yaml
@@ -8,5 +8,5 @@ roleRef:
   name: manager-role
 subjects:
 - kind: ServiceAccount
-  name: default
+  name: manager
   namespace: system
diff --git a/config/rbac/serviceaccount.yaml b/config/rbac/serviceaccount.yaml
new file mode 100644
index 0000000000..c418005244
--- /dev/null
+++ b/config/rbac/serviceaccount.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: manager
+  namespace: system
\ No newline at end of file