Closed tobru closed 2 years ago
As a workaround we might hard code the cluster template creation using the env var DEFAULT_API_SECRET_REF_NAME
:
{
"spec": {
"clusterTemplate": {
"gitRepoTemplate": {
"apiSecretRef": {
"name": "$DEFAULT_API_SECRET_REF_NAME"
},
"path": "",
"repoName": "{{ .Name }}"
},
"tenantRef": {}
}
}
}
The field clusterTemplate
holds quite a complex data structure. Adding this to the API will be a lot of simple but time consuming work. As the API is eventually going away, this is not worth the effort.
Just exposing the secret name does not feel right. It would be an unprecedented exception.
So going with the hard coded option an the environment varialbe is what is left.
When implementing https://github.com/projectsyn/lieutenant-operator/pull/110, we talked about having also a TenantTemplate that will act similar to the clusterTemplate within the Tenant CR. This would proably be the most robust solution. I suggest to have this issue closed. Instead we will create one at the Operator to have that TenanTemplate implemented.
I agree that exposing the whole clusterTemplate
field via the API doesn't make any sense (anymore). I also agree that we need a Tenant template. Would you mind creating an issue for that? After this follow-up issue is created I'd like to reevaluate if we still need to have this hard coded environment variable DEFAULT_API_SECRET_REF_NAME
as a quick fix until the Tenant template is in place.
Do we still need this, since we have support for configuring TenantTemplate
objects with https://github.com/projectsyn/lieutenant-operator/issues/136?
At least it not a blocker anymore. If one wants to have different cluster templates per tenant, changes to the tenant must be made through the Kubernetes API instead of the Lieutenant API. I consider this to be an unlikely use case.
Let us see, if this comes up again. It might even become obsolete should we manage to drop the Lieutenant API in favor of Kubernetes.
Context
https://github.com/projectsyn/lieutenant-operator/pull/110 added a cluster template to the Tenant object which is not accessible throught the API. This is an issue as
`spec.clusterTemplate.gitRepoTemplate.apiSecretRef.name
needs to be set. The name of that secret differs between instances of Lieutenant.When creating a tenant the following structure must be set:
This could be done by exposing the field
clusterTemplate
as a whole or the variable field of the secret name. It also would be acceptable to have the secret name configured as an environment variable and have that data structure hard coded.