diff --git a/config/crd/bases/logging.banzaicloud.io_loggings.yaml b/config/crd/bases/logging.banzaicloud.io_loggings.yaml index 73c82d1319..d7e0eff49b 100644 --- a/config/crd/bases/logging.banzaicloud.io_loggings.yaml +++ b/config/crd/bases/logging.banzaicloud.io_loggings.yaml @@ -17762,6 +17762,29 @@ spec: - enabled type: object type: object + watchNamespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object watchNamespaces: items: type: string diff --git a/config/samples/logging_logging_watchNamespaceSelector.yaml b/config/samples/logging_logging_watchNamespaceSelector.yaml new file mode 100644 index 0000000000..d6d283b6fa --- /dev/null +++ b/config/samples/logging_logging_watchNamespaceSelector.yaml @@ -0,0 +1,12 @@ +apiVersion: logging.banzaicloud.io/v1beta1 +kind: Logging +metadata: + name: defaultlogging +spec: + fluentd: + disablePvc: true + fluentbit: {} + controlNamespace: default + watchNamespaceSelector: + matchLabels: + a: b diff --git a/docs/configuration/crds/v1beta1/logging_types.md b/docs/configuration/crds/v1beta1/logging_types.md index 0d24f341e6..014f6c17bf 100644 --- a/docs/configuration/crds/v1beta1/logging_types.md +++ b/docs/configuration/crds/v1beta1/logging_types.md @@ -74,6 +74,14 @@ Limit namespaces to watch Flow and Output custom resources. Default: - +### watchNamespaceSelector (*metav1.LabelSelector, optional) {#loggingspec-watchnamespaceselector} + +WatchNamespaceSelector is a LabelSelector to find matching namespaces to watch as in WatchNamespaceses. + +Note: This setting is mutually exclusive with watchNamespaces + +Default: - + ### controlNamespace (string, required) {#loggingspec-controlnamespace} Namespace for cluster wide configuration resources like ClusterFlow and ClusterOutput. This should be a protected namespace from regular users. Resources like fluentbit and fluentd will run in this namespace as well. diff --git a/pkg/resources/model/repository.go b/pkg/resources/model/repository.go index a383e805f8..585e441b45 100644 --- a/pkg/resources/model/repository.go +++ b/pkg/resources/model/repository.go @@ -22,6 +22,7 @@ import ( "emperror.dev/errors" "github.com/go-logr/logr" corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "sigs.k8s.io/controller-runtime/pkg/client" "github.com/kube-logging/logging-operator/pkg/sdk/logging/api/v1beta1" @@ -63,9 +64,18 @@ func (r LoggingResourceRepository) LoggingResourcesFor(ctx context.Context, logg errs = errors.Append(errs, err) watchNamespaces := logging.Spec.WatchNamespaces + nsLabelSelector := logging.Spec.WatchNamespaceSelector if len(watchNamespaces) == 0 { var nsList corev1.NamespaceList - if err := r.Client.List(ctx, &nsList); err != nil { + selector, err := metav1.LabelSelectorAsSelector(nsLabelSelector) + if err != nil { + errs = errors.Append(errs, errors.WrapIf(err, "error in watchNamespaceSelector")) + return + } + nsListOptions := &client.ListOptions{ + LabelSelector: selector, + } + if err := r.Client.List(ctx, &nsList, nsListOptions); err != nil { errs = errors.Append(errs, errors.WrapIf(err, "listing namespaces")) return } diff --git a/pkg/sdk/logging/api/v1beta1/logging_types.go b/pkg/sdk/logging/api/v1beta1/logging_types.go index a7486fc4dc..dc8ab0b42e 100644 --- a/pkg/sdk/logging/api/v1beta1/logging_types.go +++ b/pkg/sdk/logging/api/v1beta1/logging_types.go @@ -65,6 +65,8 @@ type LoggingSpec struct { GlobalFilters []Filter `json:"globalFilters,omitempty"` // Limit namespaces to watch Flow and Output custom resources. WatchNamespaces []string `json:"watchNamespaces,omitempty"` + // WatchNamespaceSelector is a LabelSelector to find matching namespaces to watch as in WatchNamespaces + WatchNamespaceSelector *metav1.LabelSelector `json:"watchNamespaceSelector,omitempty"` // Cluster domain name to be used when templating URLs to services (default: "cluster.local"). ClusterDomain *string `json:"clusterDomain,omitempty"` // Namespace for cluster wide configuration resources like CLusterFlow and ClusterOutput.