[Feature Request] Matching namespaces with regular expressions

[jmueller42]

Hi team,

thank you for this very nice operator.

It would be very handy if namespaces could not only be matched by their exact name, but instead by a pattern. Currently we use an external script to find matching namespaces per user and then create the RBACDefinition and apply it to the cluster. Unfortunately this creates quite some delay between a newly created namespace and the corresponding team members getting access to it. Unfortunately we cannot use labels on namespaces since in our setups it's not possible to add labels or annotations to the namespaces themselves.

Example how this could look like:

apiVersion: rbacmanager.reactiveops.io/v1beta1
kind: RBACDefinition
metadata:
  name: rbac-manager-users-example
rbacBindings:
  - name: web-developers
    subjects:
      - kind: User
        name: dave@example.com
      - kind: User
        name: joe@example.com
    roleBindings:
      - clusterRole: edit
        namespaceRegex: ".*-project-xy-.*"

[sudermanjr]

Seems like a great idea, thanks for the request!

[ana-ghirghilijiu-sage]

Is this been implemented? Any updates?