namespacing the operator
# spicedbs
Sumedha
07/24/2024, 3:13 PMHi @ecordell, I’m looking into implementing this proposal to limit the spicedb-operator’s scope for specific namespaces https://github.com/authzed/spicedb-operator/issues/291#issuecomment-2209427392 (Josh and I work together).
If I understand correctly, this would involve updating the bootstrap CRDs logic in controller-idioms (here https://github.com/authzed/controller-idioms/blob/8224053d076d6eeb103cb047cc9221043560b872/bootstrap/crds.go#L35-L63) to accept a list of namespaces and create/update CRDs only if they are in one of those namespaces. Am I on the right track?
e
ecordell
07/24/2024, 5:41 PMCRDs are always cluster scoped so there's nothing really to change there
ecordell
07/24/2024, 5:42 PMyou'll want to thread a variable through here: https://github.com/authzed/spicedb-operator/blob/main/pkg/controller/controller.go#L128
that's what tells the controller to watch resources in all namespaces. that's the informer for the owned type (SpiceDBCluster) and you'll want to do the same for the other informers that watch standard objects
ecordell
07/24/2024, 5:43 PMlet me know if that's enough to get going or if you need some more info, happy to help get this through
s
Sumedha
07/24/2024, 6:31 PMThank you, I'll take a look at this and follow up here if I have any questions!
Sumedha
07/29/2024, 6:01 PMHi @ecordell, I have a draft pull request based on the changes mentioned above: https://github.com/authzed/spicedb-operator/pull/331. Could you let me know if I'm missing anything?
The checks on the PR are stalled (maybe because it's a fork?) but I ran the e2e and unit tests locally.
Sumedha
07/31/2024, 3:52 PM@ecordell Thanks for the feedback! I've made the changes in the pull request, but I might need some help with writing the tests. Specifically, in the e2e test suite, it looks like the operator is set up just once for all processes running the tests. Is there a pattern on how to set up an operator (with different options) for a specific test?
Sumedha
08/01/2024, 4:49 PM@ecordell I just saw that the PR was merged, thanks so much for all your help with this. What is the release schedule for the operator usually like?
e
ecordell
08/01/2024, 8:08 PMas needed 🙂 I'll probably get to it next week if that works - I want to get a test in for your change, and probably add 1.34 to the update graph too
s
Sumedha
08/01/2024, 8:14 PMYes, that sounds good, thanks again!
Sumedha
08/08/2024, 6:09 PMHi @ecordell, is the operator release still expected to go out this week?
e
ecordell
08/09/2024, 12:49 PMmaybe - I started writing some tests but realized that there are some issues when watching more than 1 namespace
ecordell
08/09/2024, 12:50 PMit works fine with 1 and all namespaces, but not 2 or more
51 Views