add additional managed namespaces

sparkfabrik · Nov 6, 2024 · c521488 · c521488
1 parent 5b8a5a4
commit c521488
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -20,6 +20,7 @@ This is a Terraform module to install a cron job on a Kubernetes cluster that us
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| <a name="input_additional_managed_namespaces"></a> [additional\_managed\_namespaces](#input\_additional\_managed\_namespaces) | List of additional namespaces where the controller should manage the scale of deployments. | `list(string)` | `[]` | no |
 | <a name="input_cluster_role_name_prefix"></a> [cluster\_role\_name\_prefix](#input\_cluster\_role\_name\_prefix) | Name of the cluster role. | `string` | `"custom:application-sleep-cycles:controller"` | no |
 | <a name="input_configmap_name_prefix"></a> [configmap\_name\_prefix](#input\_configmap\_name\_prefix) | Name prefix for the Config Maps. | `string` | `"application-sleep-cycles-config"` | no |
 | <a name="input_create_namespace"></a> [create\_namespace](#input\_create\_namespace) | Create namespace. If false, the namespace must be created before using this module. | `bool` | `true` | no |
@@ -28,7 +29,7 @@ This is a Terraform module to install a cron job on a Kubernetes cluster that us
 | <a name="input_k8s_additional_labels"></a> [k8s\_additional\_labels](#input\_k8s\_additional\_labels) | Set of additional labels to apply to all resources. | `map(string)` | `{}` | no |
 | <a name="input_k8s_labels"></a> [k8s\_labels](#input\_k8s\_labels) | Set of labels to apply to all resources. | `map(string)` | <pre>{<br>  "managed-by": "terraform",<br>  "scope": "finops"<br>}</pre> | no |
 | <a name="input_managed_namespaces"></a> [managed\_namespaces](#input\_managed\_namespaces) | List of namespaces where the controller should manage the scale of deployments. The namespaces defined here will be merged with the namespaces fetched by the `managed_namespaces_label_selector` variable. | `list(string)` | `[]` | no |
-| <a name="input_managed_namespaces_label_selector"></a> [managed\_namespaces\_label\_selector](#input\_managed\_namespaces\_label\_selector) | Label selector for the namespaces where the controller should manage the scale of deployments. The namespaces fetched by this selector will be merged with the `managed_namespaces` variable. | `map(string)` | <pre>{<br>  "sparkfabrik.com/stage-application-finops": "enabled"<br>}</pre> | no |
+| <a name="input_managed_namespaces_label_selector"></a> [managed\_namespaces\_label\_selector](#input\_managed\_namespaces\_label\_selector) | Label selector for the namespaces where the controller should manage the scale of deployments. The namespaces fetched by this selector will be merged with the `managed_namespaces` variable. **WARNING:** If you use this selector, remember to rerun the pipeline and re-apply the configuration. | `map(string)` | <pre>{<br>  "sparkfabrik.com/application-sleep-cycles": "enabled"<br>}</pre> | no |
 | <a name="input_namespace"></a> [namespace](#input\_namespace) | Namespace to create resources. | `string` | `"application-sleep-cycles"` | no |
 | <a name="input_role_binding_name"></a> [role\_binding\_name](#input\_role\_binding\_name) | Name of the role binding. | `string` | `"custom:application-sleep-cycles:controller"` | no |
 | <a name="input_service_account_name"></a> [service\_account\_name](#input\_service\_account\_name) | Name of the service account. | `string` | `"application-sleep-cycles-sa"` | no |

diff --git a/main.tf b/main.tf
@@ -6,6 +6,8 @@ locals {
   )
 
   final_namespace = var.create_namespace ? resource.kubernetes_namespace_v1.this[0].metadata[0].name : data.kubernetes_namespace_v1.this[0].metadata[0].name
+
+  managed_namespaces = distinct(concat(var.managed_namespaces, var.additional_managed_namespaces))
 }
 
 resource "kubernetes_namespace_v1" "this" {
@@ -38,6 +40,7 @@ resource "kubernetes_service_account_v1" "this" {
 
 resource "kubernetes_secret_v1" "this" {
   metadata {
+    # This is the prefix, used by the server, to generate a unique name ONLY IF the name field has not been provided. This value will also be combined with a unique suffix.
     generate_name = "${var.service_account_name}-"
     namespace     = local.final_namespace
     labels        = local.k8s_full_labels
@@ -103,7 +106,7 @@ resource "kubernetes_cluster_role_v1" "namespace_scoped" {
 }
 
 resource "kubernetes_role_binding_v1" "this" {
-  for_each = toset(var.managed_namespaces)
+  for_each = toset(local.managed_namespaces)
 
   metadata {
     name      = var.role_binding_name

diff --git a/variables.tf b/variables.tf
@@ -49,8 +49,15 @@ variable "managed_namespaces" {
   default     = []
 }
 
+variable "additional_managed_namespaces" {
+  description = "List of additional namespaces where the controller should manage the scale of deployments."
+  type        = list(string)
+  default     = []
+}
+
+
 variable "managed_namespaces_label_selector" {
-  description = "Label selector for the namespaces where the controller should manage the scale of deployments. The namespaces fetched by this selector will be merged with the `managed_namespaces` variable."
+  description = "Label selector for the namespaces where the controller should manage the scale of deployments. The namespaces fetched by this selector will be merged with the `managed_namespaces` variable. **WARNING:** If you use this selector, remember to rerun the pipeline and re-apply the configuration."
   type        = map(string)
   default = {
     "sparkfabrik.com/application-sleep-cycles" : "enabled"