Closed l0rd closed 2 years ago
In order to prevent namespace creation currently one can specify the following CR property:
spec:
components:
cheServer:
extraProperties:
CHE_INFRA_KUBERNETES_NAMESPACE_CREATION__ALLOWED: 'false'
When a user starts the workspace the following error will be shown if the admin has not provisioned the namespace for the user in advance:
Also, in CheCluster v1 we had a dedicated property allowUserDefinedWorkspaceNamespaces: false
but it looks like it cease to exist in v2
In general, as part of this issue, we can probably improve the error message to make it more intuitive e.g. Failed to create a workspace. Namespace for 'username' has not been provisioned. Please, contact the cluster administrator
From the semantics perspective, we can also have a dedicated property autoProvision
(true
by default) in DevEnvironments (I personally find disabled
proposal unintuitive)
devEnvironments:
defaultNamespace:
autoProvision: false
template: <username>-devspaces
+1 to autoProvision: false
. I have updated the description.
sync'd to Red Hat JIRA https://issues.redhat.com/browse/CRW-3317
Is your enhancement related to a problem? Please describe
In some cases administrators want to pre-create their namespaces and don't want to have Eclispe Che to automatically create them.
Describe the solution you'd like
Add a new property in CheCluster CR:
If
spec.devEnvironments.defaultNamespace.disabled: true
then Eclispe Che should not create namespaces if it doesn't exist. Eclispe Che should fail to start the workspace if the namespace doesn't exist:Current workaround
To disable the automatic creation of users namespaces:
Release Notes Text
A new field in
CheCluster
has been added to avoid that users namespaces get created automatically. IfdevEnvironments.defaultNamespace.autoProvision
is set to false and a user doesn't have a Che namespace, workspace creation will fail.autoProvision
is set totrue
by default.