chart adds unused service-account-token-volume which is not found

The chart seems to add a service-account-token-volume volume when it seems like it should not. Specifically, I am looking at:

https://gitlab.com/gitlab-org/charts/gitlab-agent/-/blame/main/templates/deployment.yaml?ref_type=heads#L232

name: service-account-token-volume

It seems like this should be added by the ServiceAccount admission controller, see:

https://kubernetes.io/docs/reference/access-authn-authz/service-accounts-admin/#bound-service-account-token-volume

In my setup with this deployed, ConfigMap kube-root-ca.crt is not found in the same namespace. It doesn't seem to matter because way up on line 41, we have:

automountServiceAccountToken: false

so it's not high priority of course, it's not causing problems, but I think it is incorrect.

Edited Jan 02, 2025 by Steve Wills