Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Annotation to protect tenant from accidental deletion #563

Closed
MaxFedotov opened this issue May 16, 2022 · 4 comments · Fixed by #566
Closed

Annotation to protect tenant from accidental deletion #563

MaxFedotov opened this issue May 16, 2022 · 4 comments · Fixed by #566
Assignees
Labels
enhancement New feature or request
Milestone

Comments

@MaxFedotov
Copy link
Collaborator

Now if we delete a tenant all tenant namespaces are deleted automatically by kubernetes garbage collector. To protect critical tenants from accidental deletion (e.g. wrong commit to ci\cd system) it would be good to have some annotation, like
capsule.clastix.io/protected, which will make capsule-controller to ignore tenant deletion and instead add event and message to a log.

@prometherion WDYT?

@MaxFedotov MaxFedotov added the blocked-needs-validation Issue need triage and validation label May 16, 2022
@bsctl
Copy link
Member

bsctl commented May 16, 2022

@MaxFedotov we have a customer having the same request. We solved by adding a finalizer, so tenant cannot be deleted accidentally.

@MaxFedotov
Copy link
Collaborator Author

@bsctl the tenant won't be deleted. But resources from tenant namespace will be deleted and namespaces would be stuck in Terminating state (I've just verified this in our staging environment by making accidental commit which removed system tenant, where we install all our additional cluster components :) )

@prometherion
Copy link
Member

What about using the actual webhook handlers to prevent deletion? We got already /tenant, it's just a matter of adding a new handler.

@MaxFedotov
Copy link
Collaborator Author

yep, can add it there :) are you ok with annotation name?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants