public async Task <k8s.Models.V1ServiceAccount> EnsureServiceAccountExists(KubernetesEndpointManifest clusterInfo) { clusterInfo.ServiceAccount.Spec.Metadata.NamespaceProperty = clusterInfo.Namespace.Metadata.Name; clusterInfo.ServiceAccount.Role.Metadata.NamespaceProperty = clusterInfo.Namespace.Metadata.Name; clusterInfo.ServiceAccount.Binding.Metadata.NamespaceProperty = clusterInfo.Namespace.Metadata.Name; using var operation = Logger.BeginOperation($"Preparing Kubernetes service account '{clusterInfo.ServiceAccount.Spec.Metadata.Name}' ...", "Ensure-K8S-ServiceAccount"); foreach (var item in clusterInfo.ServiceAccount.Binding.Subjects) { item.NamespaceProperty = clusterInfo.Namespace.Metadata.Name; } var found = await GetSaFromNamespace(clusterInfo); if (found == null) { _ = await k8s.CreateNamespacedServiceAccountAsync(clusterInfo.ServiceAccount.Spec, clusterInfo.Namespace.Metadata.Name); operation.EndWithSuccess("SA Created"); } else { using var op = Logger.BeginOperation($"Updating Kubernetes service account '{clusterInfo.ServiceAccount.Spec.Metadata.Name}' ...", "Update-K8S-SA"); _ = await k8s.ReplaceNamespacedServiceAccountAsync(clusterInfo.ServiceAccount.Spec, clusterInfo.ServiceAccount.Spec.Metadata.Name, clusterInfo.Namespace.Metadata.Name); operation.EndWithSuccess("SA Updated"); } await EnsureRoleExistsAsync(clusterInfo); await EnsureRoleBindingExistsAsync(clusterInfo); // You need to reload this - so the secrets are also poplulated return(await GetSaFromNamespace(clusterInfo)); }