From a947fd2f46cee574bba48a588e231598c9f8c7d8 Mon Sep 17 00:00:00 2001
From: Christoph Ebeling <c.ebeling@nexode.de>
Date: Wed, 14 Aug 2024 22:09:01 +0200
Subject: [PATCH] Deprecate Namespace Resource in Helm Chart in favour of helms
 --create-namespace

---
 manifests/helm/build/templates/kustomization.yaml      |  3 ++-
 manifests/helm/build/templates/overlays/namespace.yaml |  8 ++++++++
 manifests/helm/templates/NOTES.txt                     |  6 +++++-
 manifests/helm/templates/cluster-defaults.yaml.tpl     |  6 +++---
 manifests/helm/templates/image-pull-secrets.yaml.tpl   |  2 +-
 manifests/helm/templates/namespace.depricated.yaml     | 10 ++++++++++
 manifests/helm/values.yaml                             |  5 +++--
 7 files changed, 32 insertions(+), 8 deletions(-)
 create mode 100644 manifests/helm/build/templates/overlays/namespace.yaml
 create mode 100644 manifests/helm/templates/namespace.depricated.yaml

diff --git a/manifests/helm/build/templates/kustomization.yaml b/manifests/helm/build/templates/kustomization.yaml
index 8cd6902a..67e8a6bf 100644
--- a/manifests/helm/build/templates/kustomization.yaml
+++ b/manifests/helm/build/templates/kustomization.yaml
@@ -1,5 +1,5 @@
 namespace: >-
-  {{ .Values.namespace }}
+  {{ if not .Values.createNamespace }}{{.Release.Namespace}}{{else}}{{.Values.namespace}}{{end}}
 
 bases:
   - ../../../install/all/operator
@@ -13,3 +13,4 @@ images:
 
 patchesStrategicMerge:
   - overlays/deployment.yaml
+  - overlays/namespace.yaml
diff --git a/manifests/helm/build/templates/overlays/namespace.yaml b/manifests/helm/build/templates/overlays/namespace.yaml
new file mode 100644
index 00000000..5371dc03
--- /dev/null
+++ b/manifests/helm/build/templates/overlays/namespace.yaml
@@ -0,0 +1,8 @@
+$patch: delete
+kind: Namespace
+apiVersion: v1
+metadata:
+  name: contrast-agent-operator
+  labels:
+    app.kubernetes.io/part-of: contrast-agent-operator
+
diff --git a/manifests/helm/templates/NOTES.txt b/manifests/helm/templates/NOTES.txt
index 5d1b4fb0..7da0a1b0 100644
--- a/manifests/helm/templates/NOTES.txt
+++ b/manifests/helm/templates/NOTES.txt
@@ -1,5 +1,9 @@
 {{ .Chart.Name }} chart version {{ .Chart.Version }} deployed!
 
+{{ if .Values.createNamespace }}
+⚠️   WARNING: Creating Namespaces via Helm Chart is deprecated and will be removed in a future release.
+     Pls use helm --create-namespace flag instead.️ {{ end }}
+
 {{- if .Values.agentInjectors.enabled }}
 ✅ {{ len .Values.agentInjectors.injectors }} {{ len .Values.agentInjectors.injectors | plural "injector" "injectors" }} {{ len .Values.agentInjectors.injectors | plural "has" "have" }} been deployed to {{ len .Values.agentInjectors.namespaces | plural "namespace" "namespaces" }}: {{ join ", " .Values.agentInjectors.namespaces}}
   To use with your workloads:
@@ -50,4 +54,4 @@
 
 📄 More documentation: https://docs.contrastsecurity.com/en/agent-operator.html
 
-🙋 Get support: https://support.contrastsecurity.com / support@contrastsecurity.com
\ No newline at end of file
+🙋 Get support: https://support.contrastsecurity.com / support@contrastsecurity.com
diff --git a/manifests/helm/templates/cluster-defaults.yaml.tpl b/manifests/helm/templates/cluster-defaults.yaml.tpl
index 5b270476..7c781e34 100644
--- a/manifests/helm/templates/cluster-defaults.yaml.tpl
+++ b/manifests/helm/templates/cluster-defaults.yaml.tpl
@@ -4,7 +4,7 @@ kind: ClusterAgentConfiguration
 metadata:
   name: default-agent-configuration
   namespace: >-
-    {{ .Values.namespace }}
+    {{ if not .Values.createNamespace }}{{.Release.Namespace}}{{else}}{{.Values.namespace}}{{end}}
 spec:
   template:
     spec:
@@ -16,7 +16,7 @@ kind: ClusterAgentConnection
 metadata:
   name: default-agent-connection
   namespace: >-
-    {{ .Values.namespace }}
+    {{ if not .Values.createNamespace }}{{.Release.Namespace}}{{else}}{{.Values.namespace}}{{end}}
 spec:
   template:
     spec:
@@ -38,7 +38,7 @@ kind: Secret
 metadata:
   name: default-agent-connection-secret
   namespace: >-
-    {{ .Values.namespace }}
+    {{ if not .Values.createNamespace }}{{.Release.Namespace}}{{else}}{{.Values.namespace}}{{end}}
 type: Opaque
 stringData:
   apiKey: >-
diff --git a/manifests/helm/templates/image-pull-secrets.yaml.tpl b/manifests/helm/templates/image-pull-secrets.yaml.tpl
index 9876c970..ae255c6f 100644
--- a/manifests/helm/templates/image-pull-secrets.yaml.tpl
+++ b/manifests/helm/templates/image-pull-secrets.yaml.tpl
@@ -9,7 +9,7 @@ kind: Secret
 metadata:
   name: {{ .Values.imageCredentials.pullSecretName }}
   namespace: >-
-    {{ .Values.namespace }}
+  {{ if not .Values.createNamespace }}{{.Release.Namespace}}{{else}}{{.Values.Namespace}}{{end}}
 type: kubernetes.io/dockerconfigjson
 data:
   .dockerconfigjson: {{ template "imagePullSecret" . }}
diff --git a/manifests/helm/templates/namespace.depricated.yaml b/manifests/helm/templates/namespace.depricated.yaml
new file mode 100644
index 00000000..af619d3b
--- /dev/null
+++ b/manifests/helm/templates/namespace.depricated.yaml
@@ -0,0 +1,10 @@
+## This resource is deprecated and will be removed in a future release.
+## Pls use helm --create-namespace flag instead.
+{{- if .Values.createNamespace }}
+kind: Namespace
+apiVersion: v1
+metadata:
+ name: {{ .Values.namespace }}
+ labels:
+   app.kubernetes.io/part-of: contrast-agent-operator
+{{- end -}}
diff --git a/manifests/helm/values.yaml b/manifests/helm/values.yaml
index 3285b647..57babac2 100644
--- a/manifests/helm/values.yaml
+++ b/manifests/helm/values.yaml
@@ -1,5 +1,6 @@
-# Release.Namespace is ignored. The operator must be created in a separate namespace.
+# Specifing a namespace here is depricated and will be removed in a future release. Please use helm --namespace / --create-namespace instead.
 namespace: contrast-agent-operator
+createNamespace: true
 image:
   registry: contrast
   repository: agent-operator
@@ -62,7 +63,7 @@ clusterDefaults:
   # Name of a secret to retrieve the cluster-wide connection details from.
   # The secret should contain keys named apiKey, serviceKey and userName.
   # Leave blank if you want the chart to create a secret using the subsequent apiKeyValue, serviceKeyValue and userNameValue values.
-  existingSecret: 
+  existingSecret:
   # Required if existingSecret is not set. The API Key from the Contrast UI.
   apiKeyValue:
   # Required if existingSecret is not set. The Service Key from the Contrast UI.