[feature request] sidecarset support inject serviceaccount

[magicsong]

Use Case:
For example, if a sidecar container needs to access Kubernetes resources such as ConfigMaps, Secrets, or interact with the API server for other reasons, it would require a ServiceAccount with appropriate permissions. Injecting the ServiceAccount directly through the SidecarSet simplifies this process and makes it more manageable.

Proposed Implementation:

Extend the SidecarSet specification to include an optional serviceAccountName field.
When applying the SidecarSet to a Pod, inject the specified ServiceAccount into the sidecar container configuration.

By the way, there is no reason to ask user's pod to inject a service account which not used by their app

[furykerry]

it will be very limited in usage even if sidecarset support service account injection. consider the case that the pod already has service account configured, actually most pod will use the default servicer account. Shall we replace the service account with the one in sidecarset ?

[magicsong]

it will be very limited in usage even if sidecarset support service account injection. consider the case that the pod already has service account configured, actually most pod will use the default servicer account. Shall we replace the service account with the one in sidecarset ?

The default service account is often just a default value that users are not aware of. The scenario I'm referring to is replacing this default. If the user is already using a service account, my application will provide documentation that requires updating its permissions rather than replacing the user's service account.