func getServiceAccounts(psprSpec securityapi.PodSecurityPolicyReviewSpec, saCache oscache.StoreToServiceAccountLister, namespace string) ([]*kapi.ServiceAccount, error) { serviceAccounts := []*kapi.ServiceAccount{} // TODO: express 'all service accounts' //if serviceAccountList, err := client.Core().ServiceAccounts(namespace).List(kapi.ListOptions{}); err == nil { // serviceAccounts = serviceAccountList.Items // return serviceAccounts, fmt.Errorf("unable to retrieve service accounts: %v", err) //} if len(psprSpec.ServiceAccountNames) > 0 { errs := []error{} for _, saName := range psprSpec.ServiceAccountNames { sa, err := saCache.ServiceAccounts(namespace).Get(saName) if err != nil { errs = append(errs, fmt.Errorf("unable to retrieve ServiceAccount %s: %v", saName, err)) } serviceAccounts = append(serviceAccounts, sa) } return serviceAccounts, kerrors.NewAggregate(errs) } saName := "default" if len(psprSpec.Template.Spec.ServiceAccountName) > 0 { saName = psprSpec.Template.Spec.ServiceAccountName } sa, err := saCache.ServiceAccounts(namespace).Get(saName) if err != nil { return serviceAccounts, fmt.Errorf("unable to retrieve ServiceAccount %s: %v", saName, err) } serviceAccounts = append(serviceAccounts, sa) return serviceAccounts, nil }