From 30a9f627ca8425b90ed4b34594151c3d721a10a4 Mon Sep 17 00:00:00 2001 From: Christian Knell Date: Tue, 8 Oct 2024 09:02:25 +0200 Subject: [PATCH] added option to disable namespace creation --- charts/tenant-namespace/Chart.yaml | 4 +++- charts/tenant-namespace/README.md | 1 + charts/tenant-namespace/templates/namespace/namespace.yaml | 2 ++ charts/tenant-namespace/values.schema.json | 3 +++ charts/tenant-namespace/values.yaml | 2 ++ 5 files changed, 11 insertions(+), 1 deletion(-) diff --git a/charts/tenant-namespace/Chart.yaml b/charts/tenant-namespace/Chart.yaml index 19d801b6..849643ac 100644 --- a/charts/tenant-namespace/Chart.yaml +++ b/charts/tenant-namespace/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: tenant-namespace description: A Helm Chart to bootstrap a Namespace in a Multi-Tenancy setup -version: 1.0.3 +version: 2.0.0 type: application home: https://github.com/christianhuth/helm-charts icon: https://raw.githubusercontent.com/kubernetes/community/master/icons/png/resources/labeled/ns-256.png @@ -12,6 +12,8 @@ annotations: artifacthub.io/changes: | - kind: changed description: URL of Helm Repository in README + - kind: added + description: option to disable the creation of the namespace artifacthub.io/signKey: | fingerprint: EE24F8BB6D099E78FD704F83B5ECDBCDDD485D0E url: https://charts.christianhuth.de/public.key diff --git a/charts/tenant-namespace/README.md b/charts/tenant-namespace/README.md index 2553525d..a3b4328c 100644 --- a/charts/tenant-namespace/README.md +++ b/charts/tenant-namespace/README.md @@ -60,6 +60,7 @@ The command removes all the Kubernetes components associated with the chart and | namespace.annotations.scheduler.defaultTolerations | list | `[]` | This annotation requires the PodTolerationRestriction admission controller to be enabled. This annotation key allows assigning tolerations to a namespace and any new pods created in this namespace would get these tolerations added. | | namespace.annotations.scheduler.nodeSelector | string | `""` | The PodNodeSelector uses this annotation key to assign node selectors to pods in namespaces. | | namespace.annotations.scheduler.tolerationsWhitelist | list | `[]` | This annotation requires the PodTolerationRestriction admission controller to be enabled. The annotation value is a JSON document that defines a list of allowed tolerations for the namespace it annotates. When you create a Pod or modify its tolerations, the API server checks the tolerations to see if they are mentioned in the allow list. The pod is admitted only if the check succeeds. | +| namespace.enabled | bool | `false` | - create a Namespace resource | | namespace.labels.additionalLabels | object | `{}` | Labels to be added to the Namespace | | namespace.labels.podSecurityAdmission.audit.standard | string | `""` | Value must be one of privileged, baseline, or restricted which correspond to Pod Security Standard levels. | | namespace.labels.podSecurityAdmission.audit.version | string | `""` | Version label that can be used to pin the policy to the version that shipped with a given Kubernetes minor version (for example v1.27). | diff --git a/charts/tenant-namespace/templates/namespace/namespace.yaml b/charts/tenant-namespace/templates/namespace/namespace.yaml index 3a77e111..f76030fe 100644 --- a/charts/tenant-namespace/templates/namespace/namespace.yaml +++ b/charts/tenant-namespace/templates/namespace/namespace.yaml @@ -1,3 +1,4 @@ +{{- if .Values.namespace.enabled }} apiVersion: v1 kind: Namespace metadata: @@ -6,3 +7,4 @@ metadata: labels: {{- include "tenant-namespace.namespace.labels" . | nindent 4 }} name: {{ include "tenant-namespace.namespace.name" . | quote }} +{{- end }} diff --git a/charts/tenant-namespace/values.schema.json b/charts/tenant-namespace/values.schema.json index b56fe908..e895c98e 100644 --- a/charts/tenant-namespace/values.schema.json +++ b/charts/tenant-namespace/values.schema.json @@ -67,6 +67,9 @@ } } }, + "enabled": { + "type": "boolean" + }, "labels": { "type": "object", "properties": { diff --git a/charts/tenant-namespace/values.yaml b/charts/tenant-namespace/values.yaml index 604a5f64..c79c1eed 100644 --- a/charts/tenant-namespace/values.yaml +++ b/charts/tenant-namespace/values.yaml @@ -26,6 +26,8 @@ limitRange: name: "" namespace: + # --- create a Namespace resource + enabled: false annotations: # -- Annotations to be added to the Namespace additionalAnnotations: {}