This message was deleted.
# ask-for-helps
Slackbot
02/01/2023, 9:30 AMThis message was deleted.
x
Xipeng Guan
02/02/2023, 3:29 AMVery good advice, I will follow up on this
🍱 1
a
amine ben Salah
02/03/2023, 2:31 PMHello again! I took a look at the code of yatai. Yatai-deployment doesnt need any change. In Yatai, there is a function that lists all the namespaces in cluster. I removed it and the service works fine. In fact, it only serves to verify if a certain namespace really exists (kubernetes would return an error if so, thus this function is not necessary). for yatai-image-builder, I see that it lists the resources (bentos, bentorequests, pods...) across all the namespaces. So it needs clusterRole. But it is is possible to restrict it just by adding "Namespace" to the options of the manager (in main.go). And adding a boolean env var called "singleNamespace" for example can help to ensure retro-compatibility. Finally, in the helm charts, it is possible to add an if statement before the "kind" field in the clusterRole templates to control it according to the "singleNamespace" value.