Is there a way to add imagePullSecrets to the default ServiceAccount through a Template?

As @user6242207 mentioned in comments

What I ended up using was to create a new Service Account with the template, add the secrets I needed and link the Service Account to all DC's that needed it.

Just to clarify, there is Kubernetes documentation which describes everything step by step.

1.Create an imagePullSecret

Create an imagePullSecret, as described in Specifying ImagePullSecrets on a Pod.

kubectl create secret docker-registry myregistrykey --docker-server=DUMMY_SERVER \        --docker-username=DUMMY_USERNAME --docker-password=DUMMY_DOCKER_PASSWORD \        --docker-email=DUMMY_DOCKER_EMAIL

Verify it has been created.

kubectl get secrets myregistrykey

2.Add image pull secret to service account

Modify the default service account for the namespace to use this secret as an imagePullSecret.

kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "myregistrykey"}]}'

You can instead use kubectl edit, or manually edit the YAML manifests as shown below:

kubectl get serviceaccounts default -o yaml > ./sa.yaml

3.You can also verify the results

Now, when a new Pod is created in the current namespace and using the default ServiceAccount, the new Pod has its spec.imagePullSecrets field set automatically:

kubectl run nginx --image=nginx --restart=Neverkubectl get pod nginx -o=jsonpath='{.spec.imagePullSecrets[0].name}{"\n"}'

The output should be:

myregistrykey

If you use Open Shift then this documentation could be more useful.