add default namespaces for resources with missing namespaces
raffaelespazzoli opened this issue · 8 comments
if a resource is namespaced and its metadata.namespace is missing, default it to the namespace in which the resourcelocker CR is defined.
Am I understanding correctly that metadata.namespace here refers to the namespace field in the target resource? That is, if I define a ResourceLocker CR where .spec.resources[0].object.metadata.namespace is missing, it should default to the ResourceLocker CR's metadata.namespace value. Is that correct?
I think #12 would still be necessary in the example above, but I think merging #12 as is would be dependent on this issue being resolved.
What do you think?
@raffaelespazzoli I've been poking around with this a bit. Not very familiar with the internals of RawExtension and Unstructured quite yet, but I believe I have this working. Would appreciate any guidance/thoughts on if you'd like this logic to happen elsewhere, or in a different way.
I essentially reversed the getLockedResource logic. I picked the IsInitialized()function because it seemed to make the most sense given the other things that are updated in that block (serviceAccountRef, ExcludedPaths, etc).
Friendly Ping!
@komish sorry for not responding sooner to you. I had looked at your code changes, did not understand the intention of it, and then it fell off my radar.
Please explain what you are trying to achieve and why, the we can discuss the code.
Also I am moving most of the logic in here to the operator-utils project. This is a library that other operators can import. So if an operator has similar logic to this, then it should be easier to write. Depending on what your contribution is about, it might be better to make it there.
I just realized you contribution was probably around solving this issue, in that case please send me a PR.
@raffaelespazzoli In openshift, once a user has installed resource-locker they cannot successfully create a CR using the included example. This is because the included example specifies a namespace that may not exist in every cluster.
The proposal would be to drop the requirement to specify a namespace, instead having the operator default to the namespace where the CR exists if none is specified. Should be able to update the included example in that case.
What do you think is the best way to implement?
Also I am moving most of the logic in here to the operator-utils project. This is a library that other operators can import. So if an operator has similar logic to this, then it should be easier to write. Depending on what your contribution is about, it might be better to make it there.
Understood! If this is the case, does it make sense to keep resource-locker-operator in the community-operators repo or should we look at deprecating?