vmware-tanzu-labs / namespace-operator Goto Github PK
View Code? Open in Web Editor NEWLicense: MIT License
License: MIT License
Add this line into docker build (https://github.com/vmware-tanzu-labs/namespace-operator/blob/master/Dockerfile#L25) and ensure that the image builds correctly.
Currently, RBAC deployment is in place, however, there is not a sane manner in which RBAC is assigned. To do such a thing would require significant elevated privileges for the namespace-operator.
Is there a better way to do this, and to restrict the ability for the namespace-operator to elevate its privileges?
Need to implement agreed upon solution
Add proper unit tests to the Go code. Currently, we are not unit testing anything.
Make YAML Lint pass its tests
Currently, we only allows for LimitRange/ResourceQuota to act on CPU/Memory. Add in appropriate options for storage constraints as well.
This would allow the ability to inject a secret for the purposes of allowing workloads within a namespace/tenant to pull images from a private repository without having to manually copy the secret into said namespace.
We shouldn't error out on an existing namespace. Instead, we should:
-OR-
2021-02-03T22:10:44.098Z ERROR controller-runtime.controller Reconciler error {"controller": "tanzunamespace", "request": "/namespace-30", "error": "namespaces \"namespace-30\" already exists"}
github.com/go-logr/zapr.(*zapLogger).Error
/Users/sdustin/go/pkg/mod/github.com/go-logr/[email protected]/zapr.go:128
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler
/Users/sdustin/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:258
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem
/Users/sdustin/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:232
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).worker
/Users/sdustin/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:211
k8s.io/apimachinery/pkg/util/wait.JitterUntil.func1
/Users/sdustin/go/pkg/mod/k8s.io/[email protected]/pkg/util/wait/wait.go:152
k8s.io/apimachinery/pkg/util/wait.JitterUntil
/Users/sdustin/go/pkg/mod/k8s.io/[email protected]/pkg/util/wait/wait.go:153
k8s.io/apimachinery/pkg/util/wait.Until
/Users/sdustin/go/pkg/mod/k8s.io/[email protected]/pkg/util/wait/wait.go:88
Currently, the v1alpha1 API version (flat structure) is mixed together with nested structures. Users should be able to use v1alpha1 (flat) or the new version (nested) via independent API versions.
NOTE: currently working in the current state. Is it actually time for a new API version?
Currently, the namespace-operator only acts upon object creation. Need to find a way to ensure that it does a full reconciliation when the TanzuNamespace resource gets updated.
For now, simply building, spinning up a KIND cluster, and testing against said KIND cluster would be sufficient.
Make Go lint pass its tests
Update the custom resource definition for a TanzuNamespace to include all requirements to allow users to kubectl explain tanzunamespace.*
the resource.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.