-
Notifications
You must be signed in to change notification settings - Fork 2
Workspace API setup
The following configuration must be provided for the workspace API:
PREFIX_FOR_NAME: This is prefixed to preferred user names to determine the namespace.
WORKSPACE_SECRET_NAME: Secret name which must be present for the workspace to be considered ready.
NAMESPACE_FOR_BUCKET_RESOURCE: Namespace where the bucket will be created
WORKSPACE_CONFIG_MAP_NAME: Name of config map which is used to update config values.
GIT_REPO_RESOURCE_FOR_HELM_CHART_NAME: Name of GitRepo source which contains the helm chart to be installed.
GIT_REPO_RESOURCE_FOR_HELM_CHART_NAMESPACE: Namespace of GitRepo source.
HELM_CHART_NAME: Name of helm chart to be installed.
HELM_CHART_VERSION: Version of helm chart to be installed.
BUCKET_ENDPOINT_URL: The url of the bucket operator wrapper.
As the workspace API creates and modified resources across different namespaces, it requires a ClusterRole with at least the following rules:
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: workspace-api-rm
rules:
- apiGroups: [""]
verbs: ["get", "watch"]
resources:
- secrets
- apiGroups: [""]
verbs: ["get", "patch"]
resources:
- configmaps
- apiGroups: ["extensions"]
verbs: ["get", "list"]
resources:
- ingresses
- apiGroups: [""]
verbs: ["create", "get", "delete"]
resources:
- namespaces
- apiGroups: ["helm.toolkit.fluxcd.io"]
verbs: ["create"]
resources:
- helmreleases
- apiGroups: ["epca.eo"]
verbs: ["create"]
resources:
- buckets