Skip to content

Commit

Permalink
feat(lifecycle-operator): add option to exclude additional namespaces (
Browse files Browse the repository at this point in the history 
…#2536)
  • Loading branch information
@knutgoetz
knutgoetz authored Nov 22, 2023
1 parent c2d8bd9 commit fd42ac7
Show file tree
Hide file tree
Showing 7 changed files with 20 additions and 28 deletions.
6 changes: 1 addition & 5 deletions .github/scripts/.helm-tests/default/result.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9393,11 +9393,7 @@ webhooks:
- lifecycle-operator
- key: kubernetes.io/metadata.name
operator: NotIn
values:
- cert-manager
- keptn-lifecycle-toolkit-system
- observability
- monitoring
values: ["cert-manager","keptn-lifecycle-toolkit-system","observability","monitoring"]
- key: kubernetes.io/metadata.name
operator: NotIn
values:
Expand Down
6 changes: 1 addition & 5 deletions .github/scripts/.helm-tests/lifecycle-only/result.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6719,11 +6719,7 @@ webhooks:
- lifecycle-operator
- key: kubernetes.io/metadata.name
operator: NotIn
values:
- cert-manager
- keptn-lifecycle-toolkit-system
- observability
- monitoring
values: ["foo","bar"]
- key: kubernetes.io/metadata.name
operator: NotIn
values:
Expand Down
1 change: 1 addition & 0 deletions .github/scripts/.helm-tests/lifecycle-only/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ lifecycleOperator:
scheduler:
image:
tag: v0.0.0
deniedNamespaces: ["foo", "bar"]

metricsOperator:
enabled: false
Expand Down
6 changes: 1 addition & 5 deletions .github/scripts/.helm-tests/lifecycle-with-certs/result.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6975,11 +6975,7 @@ webhooks:
- lifecycle-operator
- key: kubernetes.io/metadata.name
operator: NotIn
values:
- cert-manager
- keptn-lifecycle-toolkit-system
- observability
- monitoring
values: ["cert-manager","keptn-lifecycle-toolkit-system","observability","monitoring"]
- key: kubernetes.io/metadata.name
operator: NotIn
values:
Expand Down
15 changes: 8 additions & 7 deletions lifecycle-operator/chart/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,13 +68,14 @@ and application health checks

### Global

| Name | Description | Value |
| ------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | --------------- |
| `kubernetesClusterDomain` | overrides cluster.local | `cluster.local` |
| `annotations` | add deployment level annotations | `{}` |
| `podAnnotations` | adds pod level annotations | `{}` |
| `schedulingGatesEnabled` | enables the scheduling gates in lifecycle-operator. This feature is available in alpha version from K8s 1.27 or 1.26 enabling the alpha version | `false` |
| `allowedNamespaces` | specifies the allowed namespaces for the lifecycle orchestration functionality | `[]` |
| Name | Description | Value |
| ------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------- |
| `kubernetesClusterDomain` | overrides cluster.local | `cluster.local` |
| `annotations` | add deployment level annotations | `{}` |
| `podAnnotations` | adds pod level annotations | `{}` |
| `schedulingGatesEnabled` | enables the scheduling gates in lifecycle-operator. This feature is available in alpha version from K8s 1.27 or 1.26 enabling the alpha version | `false` |
| `allowedNamespaces` | specifies the allowed namespaces for the lifecycle orchestration functionality | `[]` |
| `deniedNamespaces` | specifies a list of namespaces where the lifecycle orchestration functionality is disabled, ignored if `allowedNamespaces` is set | `["cert-manager","keptn-lifecycle-toolkit-system","observability","monitoring"]` |

### Keptn Scheduler

Expand Down
6 changes: 1 addition & 5 deletions lifecycle-operator/chart/templates/lifecycle-mutating-webhook-configuration.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,11 +28,7 @@ webhooks:
{{- if eq (len .Values.allowedNamespaces) 0 }}
- key: kubernetes.io/metadata.name
operator: NotIn
values:
- cert-manager
- keptn-lifecycle-toolkit-system
- observability
- monitoring
values: {{ .Values.deniedNamespaces | default list | toJson }}
{{- else }}
- key: kubernetes.io/metadata.name
operator: In
Expand Down
8 changes: 7 additions & 1 deletion lifecycle-operator/chart/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -163,7 +163,7 @@ lifecycleOperatorMetricsService:
type: ClusterIP

## @section Global
## Current available parameters: kubernetesClusterDomain, imagePullSecrets, schedulingGatesEnabled
## Current available parameters: kubernetesClusterDomain, imagePullSecrets, schedulingGatesEnabled, allowedNamespaces, deniedNamespaces
## @param kubernetesClusterDomain overrides cluster.local
kubernetesClusterDomain: cluster.local
## @param annotations add deployment level annotations
Expand All @@ -174,6 +174,12 @@ podAnnotations: {}
schedulingGatesEnabled: false
## @param allowedNamespaces specifies the allowed namespaces for the lifecycle orchestration functionality
allowedNamespaces: []
## @param deniedNamespaces specifies a list of namespaces where the lifecycle orchestration functionality is disabled, ignored if `allowedNamespaces` is set
deniedNamespaces:
- cert-manager
- keptn-lifecycle-toolkit-system
- observability
- monitoring

# yamllint disable rule:line-length
## @section Keptn Scheduler
Expand Down

0 comments on commit fd42ac7

Please sign in to comment.