-
Notifications
You must be signed in to change notification settings - Fork 66
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[FEATURE] - Run Jobs in central namespace #295
Conversation
24a7fe2
to
cf28b06
Compare
Codecov Report
@@ Coverage Diff @@
## master #295 +/- ##
==========================================
- Coverage 81.84% 80.76% -1.08%
==========================================
Files 19 19
Lines 1333 1383 +50
==========================================
+ Hits 1091 1117 +26
- Misses 174 196 +22
- Partials 68 70 +2
Flags with carried forward coverage won't be shown. Click here to find out more.
Continue to review full report at Codecov.
|
68e3994
to
ea74383
Compare
75e3482
to
8849414
Compare
return ctrl.Result{}, errors.Wrap(updateErr, errSettingStatus) | ||
} | ||
|
||
return ctrl.Result{}, nil | ||
return ctrl.Result{}, err |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Indeed .. though admitted not the best way of doing it .. i wasn't sure where else as you always want the Status() to be updated.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Then we had better not return err here. The rest are LGTM.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great job!
Here are two minor questions, please take a look.
a8587aa
to
8bee771
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
good job
@chivalryq I think we can have this PR merged to address the request from https://cloud-native.slack.com/archives/C01BLQ3HTJA/p1657554463584499?thread_ts=1656829163.511879&channel=C01BLQ3HTJA&message_ts=1657554463.584499. |
Thanks for reminding! I'll take another review. BTW, could you resolve the conflict before we merge this? @gambol99 |
Apologizes for the delay .. I'll fix this up now .. |
Signed-off-by: Rohith Jayawardene <gambol99@gmail.com>
…a central namespace and avoiding the need to copy global secrets around Signed-off-by: Rohith Jayawardene <gambol99@gmail.com>
…ocalizing to a single namespace if required Signed-off-by: Rohith Jayawardene <gambol99@gmail.com>
Signed-off-by: Rohith Jayawardene <gambol99@gmail.com>
Signed-off-by: Rohith Jayawardene <gambol99@gmail.com>
Signed-off-by: Rohith Jayawardene <gambol99@gmail.com>
- changing the variable name in controller and meta to reflect changes i.e JobNamespace -> ControllerNamespace - updated the helm chart to reflect the changes Signed-off-by: Rohith Jayawardene <gambol99@gmail.com>
Signed-off-by: Rohith Jayawardene <gambol99@gmail.com>
Signed-off-by: Rohith Jayawardene <gambol99@gmail.com>
Signed-off-by: Rohith Jayawardene <gambol99@gmail.com>
Hi Guys, justy following up on if this will be merged in time for 1.5.0 release? cc: @wonderflow @zzxwill |
@anoop2811 Addon can be release apart from the KubeVela. So once @gambol99 finishes fixing and this is merged, we can release a patch version. |
8bee771
to
ba3f22b
Compare
Codecov Report
@@ Coverage Diff @@
## master #295 +/- ##
=========================================
Coverage ? 75.13%
=========================================
Files ? 24
Lines ? 1701
Branches ? 0
=========================================
Hits ? 1278
Misses ? 344
Partials ? 79
Flags with carried forward coverage won't be shown. Click here to find out more. Continue to review full report at Codecov.
|
ba3f22b
to
c2ffc8e
Compare
…ng it works Signed-off-by: Rohith Jayawardene <gambol99@gmail.com>
c2ffc8e
to
eaeaa17
Compare
Rebased and fixed up 👍🏼 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good job
Currently all jobs are run in the namespace the
configuration
CRD is created in, which given how the provider secret implementation works (copying the secret into the desiganated namespace) exposes central credentials. This PR adds a conntroller flag (--controller-namespace
) which runs all jobs in a specific namespace and ensuring any secrets are never exposed beyond that boundary.--job-namespace
the platform administrator can provision a service account with Pod identity (EKS IRSA) and remove the need for static secrets.