Remove default service token from all pod spec

Change-Id: I3c182806245056bfc87c8737a7ffbf611614b2af

openstack_operator/templates/ceilometer/deployment-agent-notification.yml.j2

@@ -32,6 +32,7 @@ spec:
       labels:
         {{ labels("ceilometer", "ceilometer") | indent(8) }}
     spec:
+      automountServiceAccountToken: false
       containers:
       - name: agent
         image: vexxhost/ceilometer-agent-notification:latest

openstack_operator/templates/chronyd/daemonset.yml.j2

@@ -33,6 +33,7 @@ spec:
       labels:
         {{ labels("chronyd", "chronyd") | indent(8) }}
     spec:
+      automountServiceAccountToken: false
       containers:
       - name: main
         image: vexxhost/chronyd:latest

openstack_operator/templates/glance/daemonset.yml.j2

@@ -35,6 +35,7 @@ spec:
       annotations:
         checksum/config: "{{ config_hash }}"
     spec:
+      automountServiceAccountToken: false
       initContainers:
       - name: db-sync
         image: vexxhost/glance-api:latest

openstack_operator/templates/heat/cronjob-service-clean.yml.j2

@@ -26,6 +26,7 @@ spec:
     spec:
       template:
         spec:
+          automountServiceAccountToken: false
           containers:
           - name: service-clean
             image: vexxhost/heat-engine:latest

openstack_operator/templates/heat/daemonset.yml.j2

@@ -41,6 +41,7 @@ spec:
       annotations:
         checksum/config: "{{ config_hash }}"
     spec:
+      automountServiceAccountToken: false
       {% if 'engine' in component %}
       terminationGracePeriodSeconds: 300
       initContainers:

openstack_operator/templates/horizon/daemonset.yml.j2

@@ -35,6 +35,7 @@ spec:
       annotations:
         checksum/config: "{{ config_hash }}"
     spec:
+      automountServiceAccountToken: false
       containers:
       - name: horizon
         image: vexxhost/horizon:latest

openstack_operator/templates/keystone/daemonset.yml.j2

@@ -35,6 +35,7 @@ spec:
       annotations:
         checksum/config: "{{ config_hash }}"
     spec:
+      automountServiceAccountToken: false
       initContainers:
       - name: db-sync
         image: vexxhost/keystone:latest

openstack_operator/templates/libvirtd_exporter/daemonset.yml.j2

@@ -29,6 +29,7 @@ spec:
       labels:
         {{ labels("libvirtd-exporter", "libvirtd-exporter") | indent(8) }}
     spec:
+      automountServiceAccountToken: false
       containers:
       - name: main
         image: vexxhost/libvirtd-exporter:latest

openstack_operator/templates/magnum/daemonset.yml.j2

@@ -35,6 +35,7 @@ spec:
       annotations:
         checksum/config: "{{ config_hash }}"
     spec:
+      automountServiceAccountToken: false
       {% if 'conductor' in component %}
       initContainers:
       - name: db-sync

openstack_operator/templates/mcrouter/deployment.yml.j2

@@ -29,6 +29,7 @@ spec:
       labels:
         {{ labels("mcrouter", name) | indent(8) }}
     spec:
+      automountServiceAccountToken: false
       containers:
       - name: mcrouter
         image: vexxhost/mcrouter:latest

openstack_operator/templates/memcached/deployment.yml.j2

@@ -29,6 +29,7 @@ spec:
       labels:
         {{ labels("memcached", name) | indent(8) }}
     spec:
+      automountServiceAccountToken: false
       containers:
       - name: memcached
         image: vexxhost/memcached:latest

openstack_operator/templates/memcached/statefulset.yml.j2

@@ -30,6 +30,7 @@ spec:
       labels:
         {{ labels("memcached", name) | indent(8) }}
     spec:
+      automountServiceAccountToken: false
       containers:
       - name: memcached
         image: vexxhost/memcached:latest

openstack_operator/templates/rabbitmq/deployment.yml.j2

@@ -29,6 +29,7 @@ spec:
       labels:
         {{ labels("rabbitmq", name) | indent(8) }}
     spec:
+      automountServiceAccountToken: false
       containers:
       - name: rabbitmq
         env: