Skip to content

Add allowed namespaces to vshngarage#682

Merged
github-actions[bot] merged 2 commits into
developfrom
feat/garage-reference-grant
May 26, 2026
Merged

Add allowed namespaces to vshngarage#682
github-actions[bot] merged 2 commits into
developfrom
feat/garage-reference-grant

Conversation

@mikeshootzz
Copy link
Copy Markdown
Contributor

@mikeshootzz mikeshootzz commented May 20, 2026
edited
Loading

Summary

  • This uses the GarageReferenceGrant to restrict where GarageKeys and GarageBuckets can be provisioned.
  • syn-appcat is included by default so AppCat can provision the buckets as normal

Checklist

  • Update tests.
  • Link this PR to related issues.
  • Merge with /merge comment.

Component PR: vshn/component-appcat#1193

@mikeshootzz
Add allowed namespaces to vshngarage
5d34b28 
This uses the GarageReferenceGrant to restrict where GarageKeys and
GarageBuckets can be provisioned.
@vshnbot vshnbot mentioned this pull request May 20, 2026
Merged
3 tasks
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 20, 2026

@mikeshootzz mikeshootzz marked this pull request as draft May 20, 2026 11:47
@mikeshootzz mikeshootzz marked this pull request as ready for review May 20, 2026 14:10
@mikeshootzz mikeshootzz requested review from a team, Kidswiss, TheBigLee, mdnix and zugao and removed request for a team May 20, 2026 14:10
TheBigLee
TheBigLee approved these changes May 21, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@TheBigLee TheBigLee left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit in the comment

Comment thread pkg/comp-functions/functions/vshngarage/deploy.go Outdated
zugao
zugao approved these changes May 21, 2026
View reviewed changes
Comment thread pkg/comp-functions/functions/vshngarage/deploy.go Outdated
zugao
zugao reviewed May 21, 2026
View reviewed changes
Comment thread pkg/comp-functions/functions/vshngarage/deploy.go
}

if err := applyAllowedNamespaces(values, svc.Config.Data["garageAllowedNamespaces"]); err != nil {
return runtime.NewFatalResult(err)
Copy link
Copy Markdown
Collaborator

@zugao zugao May 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can this fatal error return too early and try to delete managed resources?

Copy link
Copy Markdown
Contributor Author

@mikeshootzz mikeshootzz May 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It doesn't, no. if we'd throw an error instead of a fatal we would have no allowed namespaces, which means no reference grant would be created. Throwing a fatal doesn't return early, it just halts the reconciliation, which in this case is what we want.

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 26, 2026

@mikeshootzz
Copy link
Copy Markdown
Contributor Author

mikeshootzz commented May 26, 2026

/merge

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 26, 2026

🔗 Workflow run triggered by this comment

@github-actions github-actions Bot merged commit fff4106 into develop May 26, 2026
9 checks passed
@github-actions github-actions Bot deleted the feat/garage-reference-grant branch May 26, 2026 08:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zugao zugao zugao approved these changes

@TheBigLee TheBigLee TheBigLee approved these changes

@Kidswiss Kidswiss Awaiting requested review from Kidswiss Kidswiss was automatically assigned from vshn/schedar

@mdnix mdnix Awaiting requested review from mdnix mdnix was automatically assigned from vshn/schedar

Assignees

No one assigned

Labels

minor

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mikeshootzz @TheBigLee @zugao