ABAC: fetch default service account token; RBAC: fetch gitlab service acount token

Keeps existing behaviour for ABAC cluster

2 files changed, 7 insertions, 4 deletions

diff --git a/app/services/clusters/gcp/finalize_creation_service.rb b/app/services/clusters/gcp/finalize_creation_service.rb
index 91e49b8394a..40103d8e213 100644
--- a/app/services/clusters/gcp/finalize_creation_service.rb
+++ b/app/services/clusters/gcp/finalize_creation_service.rb
@@ -47,7 +47,9 @@ module Clusters
       end
 
       def request_kubernetes_token
-        Clusters::Gcp::Kubernetes::FetchKubernetesTokenService.new(kube_client).execute
+        service_account_name = rbac_clusters_feature_enabled? ? Clusters::Gcp::Kubernetes::SERVICE_ACCOUNT_NAME : 'default'
+
+        Clusters::Gcp::Kubernetes::FetchKubernetesTokenService.new(kube_client, service_account_name).execute
       end
 
       def authorization_type
diff --git a/app/services/clusters/gcp/kubernetes/fetch_kubernetes_token_service.rb b/app/services/clusters/gcp/kubernetes/fetch_kubernetes_token_service.rb
index 5b47c0883cb..c16ce451aaf 100644
--- a/app/services/clusters/gcp/kubernetes/fetch_kubernetes_token_service.rb
+++ b/app/services/clusters/gcp/kubernetes/fetch_kubernetes_token_service.rb
@@ -4,10 +4,11 @@ module Clusters
   module Gcp
     module Kubernetes
       class FetchKubernetesTokenService
-        attr_reader :kubeclient
+        attr_reader :kubeclient, :service_account_name
 
-        def initialize(kubeclient)
+        def initialize(kubeclient, service_account_name)
           @kubeclient = kubeclient
+          @service_account_name = service_account_name
         end
 
         def execute
@@ -25,7 +26,7 @@ module Clusters
         private
 
         def token_regex
-          /#{SERVICE_ACCOUNT_NAME}-token/
+          /#{service_account_name}-token/
         end
 
         def read_secrets