This repository has been archived by the owner on Oct 13, 2021. It is now read-only.
cannot disable clustergittrackobjects CRD #138
Labels
Comments
|
We had a chat internally about this and decided that a flag called The behaviour of the flag would disable listing and watching cluster scoped resources (fixing RBAC issues) and then, in the GitTrack controller, if any resource found in the repository is not namespaced, the resource should be ignored with an appropriate error message, eg. |
JoelSpeed
added
enhancement
|
I was thinking |
terinjokes
added a commit
to terinjokes/faros
that referenced
this issue
May 27, 2019
When running an namespace-scoped instance of Faros in a shared cluster, listing and modifying cluster-scoped resources may not be allowed. As Faros begins by listing cluster-scoped resources, this prevents Faros from operating entirely. This changelist adds a new flag to the controller `--namespaced-only` which modifies the behavior of Faros: 1. Faros no longer lists ClusterGitTrackObjects at controller startup. Any previously created ClusterGitTrackObjects are abandoned and must be cleaned up by the operator. 2. Faros no longer manages any cluster-scoped resources it finds in a Git repository, instead adding them to the ignored objects list. Fixes: pusher#138
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I'm looking at using Faros to manage individual namespaces, where all resources managed are namespaced. It's not currently possible to run Faros without permission to list ClusterGitTrackObjects, as the controllers don't start until after the initial informer listing.
I'm proposing a flag that could be used in conjunction with
--namespaceto disable support for cluster-scoped resources entirely.The text was updated successfully, but these errors were encountered: