Skip to content

Commit b2d3f67

Browse files
darkdocdarkdoc
authored
Merge pull request #46 from mbaldessari/subscription_namespace
subscription namespace
2 parents b169996 + 260cb3d commit b2d3f67

4 files changed

Lines changed: 159 additions & 5 deletions

File tree

templates/_helpers.tpl

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -67,6 +67,8 @@ if this chart gets DeleteSpokeChildApps, it will set deletePattern to DeleteChil
6767
{{- else }}
6868
value: {{ $.Values.global.deletePattern }}
6969
{{- end }}
70+
- name: global.gitOpsSubNamespace
71+
value: {{ $.Values.global.gitOpsSubNamespace }}
7072
{{- end }} {{- /*acm.app.policies.helmparameters */}}
7173

7274
{{- define "acm.app.clusterSelector" -}}

templates/policies/ocp-gitops-policy.yaml

Lines changed: 17 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -26,16 +26,30 @@ spec:
2626
include:
2727
- default
2828
object-templates:
29+
{{- if $.Values.global.gitOpsSubNamespace }}
30+
- complianceType: mustonlyhave
31+
objectDefinition:
32+
apiVersion: v1
33+
kind: Namespace
34+
metadata:
35+
name: {{ $.Values.global.gitOpsSubNamespace }}
36+
- complianceType: mustonlyhave
37+
objectDefinition:
38+
apiVersion: operators.coreos.com/v1
39+
kind: OperatorGroup
40+
metadata:
41+
name: {{ $.Values.global.gitOpsSubNamespace }}-operator-group
42+
namespace: {{ $.Values.global.gitOpsSubNamespace }}
43+
spec:
44+
{{- end }}
2945
- complianceType: mustonlyhave
3046
objectDefinition:
3147
# This is an auto-generated file. DO NOT EDIT
3248
apiVersion: operators.coreos.com/v1alpha1
3349
kind: Subscription
3450
metadata:
3551
name: openshift-gitops-operator
36-
namespace: openshift-operators
37-
labels:
38-
operators.coreos.com/openshift-gitops-operator.openshift-operators: ''
52+
namespace: {{ if $.Values.global.gitOpsSubNamespace }}{{ $.Values.global.gitOpsSubNamespace }}{{ else }}openshift-operators{{ end }}
3953
spec:
4054
channel: {{- if and $.Values.acm.spokeGitops $.Values.acm.spokeGitops.channel }} {{ $.Values.acm.spokeGitops.channel }}{{- else if and $.Values.main $.Values.main.gitops $.Values.main.gitops.channel }} {{ $.Values.main.gitops.channel }}{{- else }} gitops-1.18{{- end }}
4155
installPlanApproval: Automatic

tests/application_policy_test.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -209,7 +209,7 @@ tests:
209209
value: group-one-clustergroup-policy
210210
lengthEqual:
211211
path: spec.policy-templates[0].objectDefinition.spec.object-templates[0].objectDefinition.spec.sources[1].helm.parameters
212-
count: 19 # 17 (in the helper) +2 (1 override, and 1 clusterGroup.name)
212+
count: 20 # 17 (in the helper) +3 (1 override, and 1 clusterGroup.name)
213213
- documentSelector:
214214
path: metadata.name
215215
value: group-one-clustergroup-policy
@@ -244,7 +244,7 @@ tests:
244244
value: group-one-clustergroup-policy
245245
lengthEqual:
246246
path: spec.policy-templates[0].objectDefinition.spec.object-templates[0].objectDefinition.spec.sources[1].helm.parameters
247-
count: 19 # 17 (in the helper) +2 (1 override, and 1 clusterGroup.name)
247+
count: 20 # 17 (in the helper) +3 (1 override, and 1 clusterGroup.name)
248248
- documentSelector:
249249
path: metadata.name
250250
value: group-one-clustergroup-policy

tests/gitops_sub_namespace_test.yaml

Lines changed: 138 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,138 @@
1+
suite: Test gitOpsSubNamespace in gitops policy
2+
templates:
3+
- templates/policies/ocp-gitops-policy.yaml
4+
release:
5+
name: release-test
6+
tests:
7+
- it: should default subscription namespace to openshift-operators when gitOpsSubNamespace is not set
8+
set:
9+
clusterGroup:
10+
managedClusterGroups:
11+
region-one:
12+
name: region-one
13+
acmlabels:
14+
- name: clusterGroup
15+
value: region-one
16+
asserts:
17+
- documentSelector:
18+
path: metadata.name
19+
value: region-one-gitops-policy
20+
isKind:
21+
of: Policy
22+
- documentSelector:
23+
path: metadata.name
24+
value: region-one-gitops-policy
25+
matchRegex:
26+
path: spec.policy-templates[0].objectDefinition.spec.object-templates[0].objectDefinition.metadata.namespace
27+
pattern: ^openshift-operators$
28+
29+
- it: should not create namespace or operatorgroup object-templates when gitOpsSubNamespace is not set
30+
set:
31+
clusterGroup:
32+
managedClusterGroups:
33+
region-one:
34+
name: region-one
35+
acmlabels:
36+
- name: clusterGroup
37+
value: region-one
38+
asserts:
39+
- documentSelector:
40+
path: metadata.name
41+
value: region-one-gitops-policy
42+
equal:
43+
path: spec.policy-templates[0].objectDefinition.spec.object-templates[0].objectDefinition.kind
44+
value: Subscription
45+
46+
- it: should default subscription namespace to openshift-operators when gitOpsSubNamespace is empty
47+
set:
48+
global:
49+
gitOpsSubNamespace: ""
50+
clusterGroup:
51+
managedClusterGroups:
52+
region-one:
53+
name: region-one
54+
acmlabels:
55+
- name: clusterGroup
56+
value: region-one
57+
asserts:
58+
- documentSelector:
59+
path: metadata.name
60+
value: region-one-gitops-policy
61+
matchRegex:
62+
path: spec.policy-templates[0].objectDefinition.spec.object-templates[0].objectDefinition.metadata.namespace
63+
pattern: ^openshift-operators$
64+
65+
- it: should create namespace object-template when gitOpsSubNamespace is set
66+
set:
67+
global:
68+
gitOpsSubNamespace: my-gitops-ns
69+
clusterGroup:
70+
managedClusterGroups:
71+
region-one:
72+
name: region-one
73+
acmlabels:
74+
- name: clusterGroup
75+
value: region-one
76+
asserts:
77+
- documentSelector:
78+
path: metadata.name
79+
value: region-one-gitops-policy
80+
equal:
81+
path: spec.policy-templates[0].objectDefinition.spec.object-templates[0].objectDefinition.kind
82+
value: Namespace
83+
- documentSelector:
84+
path: metadata.name
85+
value: region-one-gitops-policy
86+
equal:
87+
path: spec.policy-templates[0].objectDefinition.spec.object-templates[0].objectDefinition.metadata.name
88+
value: my-gitops-ns
89+
90+
- it: should create operatorgroup object-template when gitOpsSubNamespace is set
91+
set:
92+
global:
93+
gitOpsSubNamespace: my-gitops-ns
94+
clusterGroup:
95+
managedClusterGroups:
96+
region-one:
97+
name: region-one
98+
acmlabels:
99+
- name: clusterGroup
100+
value: region-one
101+
asserts:
102+
- documentSelector:
103+
path: metadata.name
104+
value: region-one-gitops-policy
105+
equal:
106+
path: spec.policy-templates[0].objectDefinition.spec.object-templates[1].objectDefinition.kind
107+
value: OperatorGroup
108+
- documentSelector:
109+
path: metadata.name
110+
value: region-one-gitops-policy
111+
equal:
112+
path: spec.policy-templates[0].objectDefinition.spec.object-templates[1].objectDefinition.metadata.name
113+
value: my-gitops-ns-operator-group
114+
- documentSelector:
115+
path: metadata.name
116+
value: region-one-gitops-policy
117+
equal:
118+
path: spec.policy-templates[0].objectDefinition.spec.object-templates[1].objectDefinition.metadata.namespace
119+
value: my-gitops-ns
120+
121+
- it: should use gitOpsSubNamespace as subscription namespace when set
122+
set:
123+
global:
124+
gitOpsSubNamespace: my-gitops-ns
125+
clusterGroup:
126+
managedClusterGroups:
127+
region-one:
128+
name: region-one
129+
acmlabels:
130+
- name: clusterGroup
131+
value: region-one
132+
asserts:
133+
- documentSelector:
134+
path: metadata.name
135+
value: region-one-gitops-policy
136+
matchRegex:
137+
path: spec.policy-templates[0].objectDefinition.spec.object-templates[2].objectDefinition.metadata.namespace
138+
pattern: ^my-gitops-ns$

0 commit comments

Comments
 (0)