Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: dynamic infrastructure clusters patching #167

Merged

Conversation

prometherion
Copy link
Member

This feature request introduces a feature togglable via the Feature Flag DynamicInfrastructureClusterPatch which allows patching any Infrastructure Cluster specified in the CLI flag --infrastructure-clusters which accepts a comma-separated list of Kubernetes API object kinds.

This feature is useful for developers aiming to integrate Kamaji within their organizations where a Cluster API infrastructure provider is not public.

Upon installation, a proper RBAC must be addressed here, otherwise patching would require a * scope which isn't good from a threat modeling perspective.

@prometherion prometherion force-pushed the feat/dynamic-infracluster-patch branch 3 times, most recently from 89882ab to 707cb45 Compare January 30, 2025 14:43
@prometherion prometherion force-pushed the feat/dynamic-infracluster-patch branch from 707cb45 to 281507d Compare January 30, 2025 14:58
@prometherion prometherion added the enhancement New feature or request label Jan 30, 2025
@prometherion
Copy link
Member Author

Sharing as a note: when specifying a dynamic infrastructure cluster, the CP provider must be granted the required RBAC which isn't managed in the CAPI manifest.

@prometherion prometherion merged commit 63615c0 into clastix:master Jan 30, 2025
4 checks passed
@prometherion prometherion deleted the feat/dynamic-infracluster-patch branch January 30, 2025 15:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant