Skip to content

Allow restricting the Cache's ListWatch to a set of namespaces #218

New issue
New issue
Closed
Closed
Allow restricting the Cache's ListWatch to a set of namespaces#218
Labels
kind/featureCategorizes issue or PR as related to a new feature.priority/important-longtermImportant over the long term, but may not be staffed and/or may need multiple releases to complete.
@hasbro17

Description

@hasbro17
hasbro17
opened on Nov 20, 2018

As a follow up to #124 the manager should allow restricting the cache to a set of namespaces.

Watching on all namespaces and filtering the events(via predicates) to the desired namespaces is the only way to watch a set of namespaces currently.
The problem with that is it still requires a ClusterRoleBinding, whereas the user might want to grant more fine grained permissions of a ClusterRole with multiple RoleBindings(referring to the manager's service account).

Proposed Fix:
As discussed in #124 (comment) we can use a MultiListWatcher in the cache if the manager is passed a set of namespaces.

Metadata

Metadata

Assignees

No one assigned

    Labels

    kind/featureCategorizes issue or PR as related to a new feature.priority/important-longtermImportant over the long term, but may not be staffed and/or may need multiple releases to complete.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions