github.com/replicatedcom/ship@v0.50.0/integration/init/istio/expected/base/charts/security/templates/ServiceAccount-istio-cleanup-secrets-service-account.yaml (about) 1 --- 2 # Source: istio/charts/security/templates/cleanup-secrets.yaml 3 # The reason for creating a ServiceAccount and ClusterRole specifically for this 4 # post-delete hooked job is because the citadel ServiceAccount is being deleted 5 # before this hook is launched. On the other hand, running this hook before the 6 # deletion of the citadel (e.g. pre-delete) won't delete the secrets because they 7 # will be re-created immediately by the to-be-deleted citadel. 8 # 9 # It's also important that the ServiceAccount, ClusterRole and ClusterRoleBinding 10 # will be ready before running the hooked Job therefore the hook weights. 11 12 apiVersion: v1 13 kind: ServiceAccount 14 metadata: 15 name: istio-cleanup-secrets-service-account 16 namespace: default 17 annotations: 18 "helm.sh/hook": post-delete 19 "helm.sh/hook-delete-policy": hook-succeeded 20 "helm.sh/hook-weight": "1" 21 labels: 22 app: security 23 chart: security 24 heritage: Tiller 25 release: istio