From b6c7814540a23aa9f603628cb96fd75db55f731a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?V=C3=A1clav=20Muzik=C3=A1=C5=99?= <vmuzikar@redhat.com>
Date: Fri, 15 Jul 2022 17:18:55 +0200
Subject: [PATCH] RH-SSO Deployment doesn't reflect serviceAccountName

---
 pkg/model/keycloak_deployment.go      | 10 ++--------
 pkg/model/keycloak_deployment_test.go | 22 ++++++++++++----------
 pkg/model/rhsso_deployment.go         |  2 ++
 pkg/model/rhsso_deployment_test.go    |  8 ++++++++
 4 files changed, 24 insertions(+), 18 deletions(-)

diff --git a/pkg/model/keycloak_deployment.go b/pkg/model/keycloak_deployment.go
index cecf8c99..1f94dc82 100644
--- a/pkg/model/keycloak_deployment.go
+++ b/pkg/model/keycloak_deployment.go
@@ -256,7 +256,7 @@ func KeycloakDeployment(cr *v1alpha1.Keycloak, dbSecret *v1.Secret, dbSSLSecret
 							Resources:       getResources(cr),
 						},
 					},
-					ServiceAccountName: getServiceAccountName(cr),
+					ServiceAccountName: cr.Spec.KeycloakDeploymentSpec.Experimental.ServiceAccountName,
 				},
 			},
 		},
@@ -285,6 +285,7 @@ func KeycloakDeploymentReconciled(cr *v1alpha1.Keycloak, currentState *v13.State
 	reconciled.Spec.Template.ObjectMeta.Labels = AddPodLabels(cr, reconciled.Spec.Template.ObjectMeta.Labels)
 	reconciled.Spec.Template.ObjectMeta.Annotations = AddPodAnnotations(cr, reconciled.Spec.Template.ObjectMeta.Annotations)
 	reconciled.Spec.Selector.MatchLabels = GetLabelsSelector()
+	reconciled.Spec.Template.Spec.ServiceAccountName = cr.Spec.KeycloakDeploymentSpec.Experimental.ServiceAccountName
 
 	reconciled.ResourceVersion = currentState.ResourceVersion
 	if !cr.Spec.DisableReplicasSyncing {
@@ -539,13 +540,6 @@ func KeycloakPodAffinity(cr *v1alpha1.Keycloak) *v1.Affinity {
 	}
 }
 
-func getServiceAccountName(cr *v1alpha1.Keycloak) string {
-	if cr.Spec.KeycloakDeploymentSpec.Experimental.ServiceAccountName == "" {
-		return "default"
-	}
-	return cr.Spec.KeycloakDeploymentSpec.Experimental.ServiceAccountName
-}
-
 func GetLabelsSelector() map[string]string {
 	return map[string]string{
 		"app":       ApplicationName,
diff --git a/pkg/model/keycloak_deployment_test.go b/pkg/model/keycloak_deployment_test.go
index 370d2ca6..3c66b398 100644
--- a/pkg/model/keycloak_deployment_test.go
+++ b/pkg/model/keycloak_deployment_test.go
@@ -12,7 +12,7 @@ import (
 )
 
 type createDeploymentStatefulSet func(*v1alpha1.Keycloak, *v1.Secret, *v1.Secret) *v13.StatefulSet
-type reconcileRHSSODeployment func(*v1alpha1.Keycloak, *v13.StatefulSet, *v1.Secret, *v1.Secret) *v13.StatefulSet
+type reconciledDeployment func(*v1alpha1.Keycloak, *v13.StatefulSet, *v1.Secret, *v1.Secret) *v13.StatefulSet
 
 func TestKeycloakDeployment_testExperimentalEnvs(t *testing.T) {
 	testExperimentalEnvs(t, KeycloakDeployment)
@@ -54,8 +54,8 @@ func TestKeycloakDeployment_testServiceAccountSetExperimental(t *testing.T) {
 	testServiceAccountSet(t, KeycloakDeployment)
 }
 
-func TestKeycloakDeployment_testServiceAccountDefaultExperimental(t *testing.T) {
-	testServiceAccountDefault(t, KeycloakDeployment)
+func TestKeycloakDeployment_testServiceAccountReconciledSetExperimental(t *testing.T) {
+	testServiceAccountReconciledSet(t, KeycloakDeployment, KeycloakDeploymentReconciled)
 }
 
 func TestKeycloakDeployment_testDeploymentSpecImagePolicy(t *testing.T) {
@@ -489,20 +489,22 @@ func testServiceAccountSet(t *testing.T, deploymentFunction createDeploymentStat
 	assert.Equal(t, "test", serviceAccountName)
 }
 
-func testServiceAccountDefault(t *testing.T, deploymentFunction createDeploymentStatefulSet) {
+func testServiceAccountReconciledSet(t *testing.T, deploymentFunction createDeploymentStatefulSet, reconciliationFunction reconciledDeployment) {
 	//given
 	dbSecret := &v1.Secret{}
 	cr := &v1alpha1.Keycloak{}
-
-	//If serviceAccountName is not set in the cr, then the serviceAccountName should be default
+	statefulSet := deploymentFunction(cr, dbSecret, nil)
 
 	//when
-	serviceAccountName := deploymentFunction(cr, dbSecret, nil).Spec.Template.Spec.ServiceAccountName
 
-	assert.Equal(t, "default", serviceAccountName)
+	//If serviceAccountName is set in the cr, is should manifest itself in the statefulset
+	cr.Spec.KeycloakDeploymentSpec.Experimental.ServiceAccountName = "test2"
+	serviceAccountName := reconciliationFunction(cr, statefulSet, dbSecret, nil).Spec.Template.Spec.ServiceAccountName
+
+	assert.Equal(t, "test2", serviceAccountName)
 }
 
-func testDisableDeploymentReplicasSyncingFalse(t *testing.T, deploymentFunction createDeploymentStatefulSet, deploymentFunction2 reconcileRHSSODeployment) {
+func testDisableDeploymentReplicasSyncingFalse(t *testing.T, deploymentFunction createDeploymentStatefulSet, deploymentFunction2 reconciledDeployment) {
 	//given
 	dbSecret := &v1.Secret{}
 	cr := &v1alpha1.Keycloak{
@@ -520,7 +522,7 @@ func testDisableDeploymentReplicasSyncingFalse(t *testing.T, deploymentFunction
 	assert.Equal(t, int32(2), *replicasCount)
 }
 
-func testDisableDeploymentReplicasSyncingTrue(t *testing.T, deploymentFunction createDeploymentStatefulSet, deploymentFunction2 reconcileRHSSODeployment) {
+func testDisableDeploymentReplicasSyncingTrue(t *testing.T, deploymentFunction createDeploymentStatefulSet, deploymentFunction2 reconciledDeployment) {
 	//given
 	dbSecret := &v1.Secret{}
 	cr := &v1alpha1.Keycloak{
diff --git a/pkg/model/rhsso_deployment.go b/pkg/model/rhsso_deployment.go
index 50822d40..0420eb4a 100644
--- a/pkg/model/rhsso_deployment.go
+++ b/pkg/model/rhsso_deployment.go
@@ -205,6 +205,7 @@ func RHSSODeployment(cr *v1alpha1.Keycloak, dbSecret *v1.Secret, dbSSLSecret *v1
 							ImagePullPolicy: cr.Spec.KeycloakDeploymentSpec.ImagePullPolicy,
 						},
 					},
+					ServiceAccountName: cr.Spec.KeycloakDeploymentSpec.Experimental.ServiceAccountName,
 				},
 			},
 		},
@@ -234,6 +235,7 @@ func RHSSODeploymentReconciled(cr *v1alpha1.Keycloak, currentState *v13.Stateful
 	reconciled.Spec.Template.ObjectMeta.Labels = AddPodLabels(cr, reconciled.Spec.Template.ObjectMeta.Labels)
 	reconciled.Spec.Template.ObjectMeta.Annotations = AddPodAnnotations(cr, reconciled.Spec.Template.ObjectMeta.Annotations)
 	reconciled.Spec.Selector.MatchLabels = GetLabelsSelector()
+	reconciled.Spec.Template.Spec.ServiceAccountName = cr.Spec.KeycloakDeploymentSpec.Experimental.ServiceAccountName
 
 	reconciled.ResourceVersion = currentState.ResourceVersion
 	if !cr.Spec.DisableReplicasSyncing {
diff --git a/pkg/model/rhsso_deployment_test.go b/pkg/model/rhsso_deployment_test.go
index 8ab1284c..bc3d888f 100644
--- a/pkg/model/rhsso_deployment_test.go
+++ b/pkg/model/rhsso_deployment_test.go
@@ -39,3 +39,11 @@ func TestRHSSODeploymentReconciled_testDisableRHSSOReplicasSyncingFalse(t *testi
 func TestRHSSODeploymentReconciled_testDisableRHSSOReplicasSyncingTrue(t *testing.T) {
 	testDisableDeploymentReplicasSyncingTrue(t, RHSSODeployment, RHSSODeploymentReconciled)
 }
+
+func TestRHSSODeployment_testServiceAccountSetExperimental(t *testing.T) {
+	testServiceAccountSet(t, RHSSODeployment)
+}
+
+func TestRHSSODeployment_testServiceAccountReconciledSetExperimental(t *testing.T) {
+	testServiceAccountReconciledSet(t, RHSSODeployment, RHSSODeploymentReconciled)
+}
-- 
GitLab