Skip to content

feat: Add SINGLE_NAMESPACE_MODE support to operator #16

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jeremyeder merged 1 commit into from
Oct 2, 2025
Merged

feat: Add SINGLE_NAMESPACE_MODE support to operator #16

jeremyeder merged 1 commit into from
Oct 2, 2025

Conversation

@jeremyeder
Copy link
Owner

@jeremyeder jeremyeder commented Oct 2, 2025

Description

Implements comprehensive single-namespace mode support to enable deployment in MPP environments where cluster-wide permissions are not available.

Changes

  • Add SINGLE_NAMESPACE_MODE and STORAGE_CLASS environment variables
  • Conditionally disable namespace watcher in single-namespace mode
  • Add namespace filtering to watchAgenticSessions() and watchProjectSettings()
  • Add StorageClass parameter to PVC creation (defaults to gp3-csi)
  • Add pod security contexts to Job and content service deployments
  • Bootstrap namespace resources on startup in single-namespace mode

Resolves

Closes #2

Critical Issues Addressed

Generated with Claude Code

@github-actions @jeremyeder
feat: Add SINGLE_NAMESPACE_MODE support to operator
38fa27e 
Implements comprehensive single-namespace mode support to enable
deployment in MPP environments where cluster-wide permissions
are not available.

Changes:
- Add SINGLE_NAMESPACE_MODE and STORAGE_CLASS environment variables
- Conditionally disable namespace watcher in single-namespace mode
- Add namespace filtering to watchAgenticSessions() and watchProjectSettings()
- Add StorageClass parameter to PVC creation (defaults to gp3-csi)
- Add pod security contexts to Job and content service deployments
- Bootstrap namespace resources on startup in single-namespace mode

Resolves critical issues:
- Operator watching all namespaces without filter
- Namespace watcher cannot be disabled
- Missing StorageClass parameter
- Missing pod security contexts

Resolves #2

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-authored-by: Jeremy Eder <jeremyeder@users.noreply.github.com>
@jeremyeder jeremyeder merged commit efb0914 into main Oct 2, 2025
4 of 8 checks passed
chatgpt-codex-connector[bot]
chatgpt-codex-connector bot reviewed Oct 2, 2025
View reviewed changes
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

components/operator/main.go
Comment on lines +81 to +86
// Get storage class from environment or use default
storageClass = os.Getenv("STORAGE_CLASS")
if storageClass == "" {
storageClass = "gp3-csi"
}

Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot Oct 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Avoid hard-coding gp3-csi as default storage class

The new single‑namespace flow always assigns storageClass to "gp3-csi" when STORAGE_CLASS is unset (lines 81‑85) and ensureProjectWorkspacePVC uses that value for StorageClassName when creating the PVC. On clusters that do not define a gp3-csi storage class (GKE, kind, many on‑prem installs), the PVC create call fails with storageclass ... not found; in single‑namespace mode this error triggers the log.Fatalf at startup and the operator never comes up, whereas the previous code allowed Kubernetes to pick the default class. Consider leaving the field nil unless the environment variable is explicitly provided or verifying the class exists before defaulting.

Useful? React with 👍 / 👎.

jeremyeder added a commit that referenced this pull request Oct 17, 2025
@jeremyeder
Merge pull request #16 from jeremyeder/feature/add-workflow-sequence-…
77efaff 
…numbers

Add sequence numbering to RFE Council workflow diagram
jeremyeder pushed a commit that referenced this pull request Oct 17, 2025
@Gkrumbach07
Merge pull request #16 from chambridge/feat/add-agent-personas-in-sch…
f15810d 
…ema-format

feat: add new agent personas in agent schema format
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Phase 1] Add SINGLE_NAMESPACE_MODE support to operator

2 participants

@jeremyeder