search

redhat-cop / namespace-configuration-operator

The namespace-configuration-operator helps keeping configurations related to Users, Groups and Namespaces aligned with one of more policies specified as a CRs
Apache License 2.0
204 stars 55 forks source link

add the ability to define templated resources #29

Closed raffaelespazzoli closed 4 years ago

raffaelespazzoli commented 4 years ago

this covers for the following issues #28 #21 #20 a straw-man design is:

  1. go templating language
  2. the current namespace is passed as the only parameter to the template
  3. the same functions as helm will be available to the template engine.
raffaelespazzoli commented 4 years ago

@redmikhail @D1abloRUS you both have showed interest in the ability of templating resources. I am redesigning this operator to allow to do that. I wanted to submit this new design to your attention to see what you think about it. Instead of an array of resources you'll have the ability to define an array of golang templates. Once processed the templates need to resolved to a resource. The templates will receive one parameter which is the namespace for which we are processing. So, let's take the role binding example it will look something like this:

kind: RoleBinding
metadata:
  annotations:
  name: {{.Name}}-myrole
  namespace: {{.Name}}
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: myrole
subjects:
- kind: ServiceAccount
  name: mysa

Please let me know what you think.

sergeimonakhov commented 4 years ago

no need anymore