Closed tsivachi closed 1 month ago
This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 7 days if no further activity occurs. Thank you for your contributions.
Hello Sorry because I missed this issue 😢 This is already supported using helm chart: https://github.com/kedacore/charts/blob/12433cf661790abe0425f66cd4bd21e73741c010/keda/values.yaml#L289-L316
As default, we prefer to use automountServiceAccountToken
as it's the easiest way, and it's safe with default KEDA installation (with a single container) but you can set it to false and mount the service account by yourself
KEDA operator should look for deploying the component with automountServiceAccountToken=false to comply with best practices around mounting service account tokens.
It seems to be that other OSS components like certmanager are able to implement a token rotation mechanism periodically and avoid mounting a static token as per this link here ?
Originally posted by @tsivachi in https://github.com/kedacore/keda/issues/1934#issuecomment-2179295338