From 59963c8870c508f9816c66e18ca9d55643499b62 Mon Sep 17 00:00:00 2001
From: Michal Dulko <mdulko@redhat.com>
Date: Thu, 25 Apr 2024 16:16:17 +0200
Subject: [PATCH] Set `--use-service-account-credentials=false` (#2572)

The above option seems to be causing CCM to create clients using
ServiceAccount from the `kube-system` namespace, so requires users to
either run in `kube-system` namespace, or manage 2 ServiceAccounts, one
in `kube-system` and other in regular CCM namespace. See [1].

This commit changes this setting.

[1] https://github.com/kubernetes/cloud-provider/blob/c3862938334ba18226098015193374fda40ab7a9/options/options.go#L230-L237
---
 .../openstack-cloud-controller-manager/templates/daemonset.yaml | 2 +-
 .../openstack-cloud-controller-manager-ds.yaml                  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/charts/openstack-cloud-controller-manager/templates/daemonset.yaml b/charts/openstack-cloud-controller-manager/templates/daemonset.yaml
index 1d1b74d66c..df14bd1665 100644
--- a/charts/openstack-cloud-controller-manager/templates/daemonset.yaml
+++ b/charts/openstack-cloud-controller-manager/templates/daemonset.yaml
@@ -54,7 +54,7 @@ spec:
             - --cloud-config=$(CLOUD_CONFIG)
             - --cluster-name=$(CLUSTER_NAME)
             - --cloud-provider=openstack
-            - --use-service-account-credentials=true
+            - --use-service-account-credentials=false
             - --controllers={{- trimAll "," (include "occm.enabledControllers" . ) -}}
             {{- if .Values.serviceMonitor.enabled }}
             - --bind-address=0.0.0.0
diff --git a/manifests/controller-manager/openstack-cloud-controller-manager-ds.yaml b/manifests/controller-manager/openstack-cloud-controller-manager-ds.yaml
index f5ddc2e0b1..8ac4f52b8c 100644
--- a/manifests/controller-manager/openstack-cloud-controller-manager-ds.yaml
+++ b/manifests/controller-manager/openstack-cloud-controller-manager-ds.yaml
@@ -45,7 +45,7 @@ spec:
             - --cluster-name=$(CLUSTER_NAME)
             - --cloud-config=$(CLOUD_CONFIG)
             - --cloud-provider=openstack
-            - --use-service-account-credentials=true
+            - --use-service-account-credentials=false
             - --bind-address=127.0.0.1
           volumeMounts:
             - mountPath: /etc/kubernetes/pki