From d0f1af22a48b8dbdce6a2b1a09f7a0eaa7e5ed49 Mon Sep 17 00:00:00 2001 From: ci-robot Date: Tue, 6 Aug 2024 02:41:22 +0000 Subject: [PATCH] Update to ACK runtime `v0.36.0`, code-generator `v0.36.0` --- apis/v1alpha1/ack-generate-metadata.yaml | 10 ++-- apis/v1alpha1/platform_endpoint.go | 9 --- config/controller/kustomization.yaml | 2 +- ...services.k8s.aws_platformapplications.yaml | 10 ++++ ...ns.services.k8s.aws_platformendpoints.yaml | 10 ---- .../sns.services.k8s.aws_subscriptions.yaml | 2 + .../bases/sns.services.k8s.aws_topics.yaml | 4 ++ go.mod | 25 ++++---- go.sum | 59 ++++++++----------- helm/Chart.yaml | 4 +- ...services.k8s.aws_platformapplications.yaml | 10 ++++ ...ns.services.k8s.aws_platformendpoints.yaml | 10 ---- .../sns.services.k8s.aws_subscriptions.yaml | 2 + helm/crds/sns.services.k8s.aws_topics.yaml | 4 ++ helm/templates/NOTES.txt | 2 +- helm/templates/_helpers.tpl | 11 +++- helm/templates/deployment.yaml | 8 +++ helm/values.schema.json | 7 +++ helm/values.yaml | 9 ++- .../platform_application/references.go | 36 +++++++---- pkg/resource/subscription/references.go | 8 ++- pkg/resource/topic/references.go | 15 +++-- 22 files changed, 152 insertions(+), 105 deletions(-) diff --git a/apis/v1alpha1/ack-generate-metadata.yaml b/apis/v1alpha1/ack-generate-metadata.yaml index bfdc92c..65c3399 100755 --- a/apis/v1alpha1/ack-generate-metadata.yaml +++ b/apis/v1alpha1/ack-generate-metadata.yaml @@ -1,9 +1,9 @@ ack_generate_info: - build_date: "2024-05-02T20:45:59Z" - build_hash: 14cef51778d471698018b6c38b604181a6948248 - go_version: go1.22.0 - version: v0.34.0 -api_directory_checksum: bcc8c2cf96b31122dc6ff2654d065e3bbd8f0c33 + build_date: "2024-08-06T02:41:08Z" + build_hash: 587b90dc860e91ee9a763e9e3bc4d3f1b2fbddb7 + go_version: go1.22.5 + version: v0.36.0 +api_directory_checksum: ca04ac625e016be719b2899d653c5c11451ccb40 api_version: v1alpha1 aws_sdk_go_version: v1.49.0 generator_config_info: diff --git a/apis/v1alpha1/platform_endpoint.go b/apis/v1alpha1/platform_endpoint.go index 0f194b9..76b780f 100644 --- a/apis/v1alpha1/platform_endpoint.go +++ b/apis/v1alpha1/platform_endpoint.go @@ -22,21 +22,12 @@ import ( // PlatformEndpointSpec defines the desired state of PlatformEndpoint. type PlatformEndpointSpec struct { - - // Arbitrary user data to associate with the endpoint. Amazon SNS does not use - // this data. The data must be in UTF-8 format and less than 2KB. CustomUserData *string `json:"customUserData,omitempty"` Enabled *string `json:"enabled,omitempty"` // PlatformApplicationArn returned from CreatePlatformApplication is used to // create a an endpoint. // +kubebuilder:validation:Required PlatformApplicationARN *string `json:"platformApplicationARN"` - // Unique identifier created by the notification service for an app on a device. - // The specific name for Token will vary, depending on which notification service - // is being used. For example, when using APNS as the notification service, - // you need the device token. Alternatively, when using GCM (Firebase Cloud - // Messaging) or ADM, the device token equivalent is called the registration - // ID. // +kubebuilder:validation:Required Token *string `json:"token"` } diff --git a/config/controller/kustomization.yaml b/config/controller/kustomization.yaml index 0bc1e22..028b4e1 100644 --- a/config/controller/kustomization.yaml +++ b/config/controller/kustomization.yaml @@ -6,4 +6,4 @@ kind: Kustomization images: - name: controller newName: public.ecr.aws/aws-controllers-k8s/sns-controller - newTag: 1.0.11 + newTag: 1.0.12 diff --git a/config/crd/bases/sns.services.k8s.aws_platformapplications.yaml b/config/crd/bases/sns.services.k8s.aws_platformapplications.yaml index dad09b5..5a589ae 100644 --- a/config/crd/bases/sns.services.k8s.aws_platformapplications.yaml +++ b/config/crd/bases/sns.services.k8s.aws_platformapplications.yaml @@ -61,6 +61,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object eventEndpointDeleted: @@ -78,6 +80,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object eventEndpointUpdated: @@ -95,6 +99,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object failureFeedbackRoleARN: @@ -112,6 +118,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object name: @@ -145,6 +153,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object successFeedbackSampleRate: diff --git a/config/crd/bases/sns.services.k8s.aws_platformendpoints.yaml b/config/crd/bases/sns.services.k8s.aws_platformendpoints.yaml index fe0ece6..09e3c99 100644 --- a/config/crd/bases/sns.services.k8s.aws_platformendpoints.yaml +++ b/config/crd/bases/sns.services.k8s.aws_platformendpoints.yaml @@ -40,9 +40,6 @@ spec: description: PlatformEndpointSpec defines the desired state of PlatformEndpoint. properties: customUserData: - description: |- - Arbitrary user data to associate with the endpoint. Amazon SNS does not use - this data. The data must be in UTF-8 format and less than 2KB. type: string enabled: type: string @@ -52,13 +49,6 @@ spec: create a an endpoint. type: string token: - description: |- - Unique identifier created by the notification service for an app on a device. - The specific name for Token will vary, depending on which notification service - is being used. For example, when using APNS as the notification service, - you need the device token. Alternatively, when using GCM (Firebase Cloud - Messaging) or ADM, the device token equivalent is called the registration - ID. type: string required: - platformApplicationARN diff --git a/config/crd/bases/sns.services.k8s.aws_subscriptions.yaml b/config/crd/bases/sns.services.k8s.aws_subscriptions.yaml index ed1f2d3..ec67d37 100644 --- a/config/crd/bases/sns.services.k8s.aws_subscriptions.yaml +++ b/config/crd/bases/sns.services.k8s.aws_subscriptions.yaml @@ -140,6 +140,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object required: diff --git a/config/crd/bases/sns.services.k8s.aws_topics.yaml b/config/crd/bases/sns.services.k8s.aws_topics.yaml index 6cea46a..3db2bda 100644 --- a/config/crd/bases/sns.services.k8s.aws_topics.yaml +++ b/config/crd/bases/sns.services.k8s.aws_topics.yaml @@ -80,6 +80,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object name: @@ -109,6 +111,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object signatureVersion: diff --git a/go.mod b/go.mod index ecab083..935037d 100644 --- a/go.mod +++ b/go.mod @@ -1,20 +1,20 @@ module github.com/aws-controllers-k8s/sns-controller -go 1.21 +go 1.22.0 -toolchain go1.21.5 +toolchain go1.22.5 require ( github.com/aws-controllers-k8s/iam-controller v1.1.1 github.com/aws-controllers-k8s/kms-controller v1.0.2 - github.com/aws-controllers-k8s/runtime v0.34.0 + github.com/aws-controllers-k8s/runtime v0.36.0 github.com/aws/aws-sdk-go v1.49.0 github.com/go-logr/logr v1.4.1 github.com/spf13/pflag v1.0.5 - k8s.io/api v0.29.0 - k8s.io/apimachinery v0.29.0 - k8s.io/client-go v0.29.0 - sigs.k8s.io/controller-runtime v0.17.2 + k8s.io/api v0.30.1 + k8s.io/apimachinery v0.30.1 + k8s.io/client-go v0.30.1 + sigs.k8s.io/controller-runtime v0.18.4 ) require ( @@ -23,7 +23,7 @@ require ( github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/emicklei/go-restful/v3 v3.11.0 // indirect - github.com/evanphx/json-patch/v5 v5.8.0 // indirect + github.com/evanphx/json-patch/v5 v5.9.0 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect github.com/go-logr/zapr v1.3.0 // indirect github.com/go-openapi/jsonpointer v0.19.6 // indirect @@ -31,7 +31,7 @@ require ( github.com/go-openapi/swag v0.22.3 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect - github.com/golang/protobuf v1.5.3 // indirect + github.com/golang/protobuf v1.5.4 // indirect github.com/google/gnostic-models v0.6.8 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect @@ -69,10 +69,9 @@ require ( gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/apiextensions-apiserver v0.29.0 // indirect - k8s.io/component-base v0.29.0 // indirect - k8s.io/klog/v2 v2.110.1 // indirect - k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect + k8s.io/apiextensions-apiserver v0.30.1 // indirect + k8s.io/klog/v2 v2.120.1 // indirect + k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect diff --git a/go.sum b/go.sum index c9b5fb9..2673dd6 100644 --- a/go.sum +++ b/go.sum @@ -2,8 +2,8 @@ github.com/aws-controllers-k8s/iam-controller v1.1.1 h1:O6arh7DNlQF26MEKzgA2/kBE github.com/aws-controllers-k8s/iam-controller v1.1.1/go.mod h1:2+ARwRpazTq5MErjMz0MpXHhtAzRfNtY56Uj0gvu9vE= github.com/aws-controllers-k8s/kms-controller v1.0.2 h1:v8nh/oaX/U6spCwBDaWyem7XXpzoP/MnkJyEjNOZN9s= github.com/aws-controllers-k8s/kms-controller v1.0.2/go.mod h1:BeoijsyGjJ9G5VcDjpFdxBW0IxaeKXYX497XmUJiPSQ= -github.com/aws-controllers-k8s/runtime v0.34.0 h1:pz8MTzz8bY9JMTSMjvWx9SAJ6bJQIEx5ZrXw6wS74mc= -github.com/aws-controllers-k8s/runtime v0.34.0/go.mod h1:aCud9ahYydZ22JhBStUOW2hnzyE1lWPhGAfxW5AW1YU= +github.com/aws-controllers-k8s/runtime v0.36.0 h1:XEMVGfUwsT9QMShihuCLHlape+daJWyYtXj45s/iJiU= +github.com/aws-controllers-k8s/runtime v0.36.0/go.mod h1:gI2pWb20UGLP2SnHf1a1VzTd7iVVy+/I9VAzT0Y+Dew= github.com/aws/aws-sdk-go v1.49.0 h1:g9BkW1fo9GqKfwg2+zCD+TW/D36Ux+vtfJ8guF4AYmY= github.com/aws/aws-sdk-go v1.49.0/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= @@ -20,11 +20,10 @@ github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxER github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/evanphx/json-patch/v5 v5.8.0 h1:lRj6N9Nci7MvzrXuX6HFzU8XjmhPiXPlsKEy1u0KQro= -github.com/evanphx/json-patch/v5 v5.8.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= +github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= +github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= -github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= @@ -42,13 +41,11 @@ github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69 github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= -github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= +github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= @@ -97,10 +94,10 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/onsi/ginkgo/v2 v2.14.0 h1:vSmGj2Z5YPb9JwCWT6z6ihcUvDhuXLc3sJiqd3jMKAY= -github.com/onsi/ginkgo/v2 v2.14.0/go.mod h1:JkUdW7JkN0V6rFvsHcJ478egV3XH9NxpD27Hal/PhZw= -github.com/onsi/gomega v1.30.0 h1:hvMK7xYz4D3HapigLTeGdId/NcfQx1VHMJc60ew99+8= -github.com/onsi/gomega v1.30.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= +github.com/onsi/ginkgo/v2 v2.17.1 h1:V++EzdbhI4ZV4ev0UTIj0PzhzOcReJFyJaLjtSF55M8= +github.com/onsi/ginkgo/v2 v2.17.1/go.mod h1:llBI3WDLL9Z6taip6f33H76YcWtJv+7R3HigUjbIBOs= +github.com/onsi/gomega v1.32.0 h1:JRYU78fJ1LPxlckP6Txi/EYqJvjtMrDC04/MM5XRHPk= +github.com/onsi/gomega v1.32.0/go.mod h1:a4x4gW6Pz2yK1MAmvluYme5lvYTn61afQ2ETw/8n4Lg= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= @@ -176,8 +173,8 @@ golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGm golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.16.1 h1:TLyB3WofjdOEepBHAU20JdNC1Zbg87elYofWYAY5oZA= -golang.org/x/tools v0.16.1/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0= +golang.org/x/tools v0.18.0 h1:k8NLag8AGHnn+PHbl7g43CtqZAwG60vZkLqgyZgIHgQ= +golang.org/x/tools v0.18.0/go.mod h1:GL7B4CwcLLeo59yx/9UWWuNOW1n3VZ4f5axWfML7Lcg= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -186,8 +183,6 @@ gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -203,24 +198,22 @@ gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.29.0 h1:NiCdQMY1QOp1H8lfRyeEf8eOwV6+0xA6XEE44ohDX2A= -k8s.io/api v0.29.0/go.mod h1:sdVmXoz2Bo/cb77Pxi71IPTSErEW32xa4aXwKH7gfBA= -k8s.io/apiextensions-apiserver v0.29.0 h1:0VuspFG7Hj+SxyF/Z/2T0uFbI5gb5LRgEyUVE3Q4lV0= -k8s.io/apiextensions-apiserver v0.29.0/go.mod h1:TKmpy3bTS0mr9pylH0nOt/QzQRrW7/h7yLdRForMZwc= -k8s.io/apimachinery v0.29.0 h1:+ACVktwyicPz0oc6MTMLwa2Pw3ouLAfAon1wPLtG48o= -k8s.io/apimachinery v0.29.0/go.mod h1:eVBxQ/cwiJxH58eK/jd/vAk4mrxmVlnpBH5J2GbMeis= -k8s.io/client-go v0.29.0 h1:KmlDtFcrdUzOYrBhXHgKw5ycWzc3ryPX5mQe0SkG3y8= -k8s.io/client-go v0.29.0/go.mod h1:yLkXH4HKMAywcrD82KMSmfYg2DlE8mepPR4JGSo5n38= -k8s.io/component-base v0.29.0 h1:T7rjd5wvLnPBV1vC4zWd/iWRbV8Mdxs+nGaoaFzGw3s= -k8s.io/component-base v0.29.0/go.mod h1:sADonFTQ9Zc9yFLghpDpmNXEdHyQmFIGbiuZbqAXQ1M= -k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0= -k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo= -k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780= -k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= +k8s.io/api v0.30.1 h1:kCm/6mADMdbAxmIh0LBjS54nQBE+U4KmbCfIkF5CpJY= +k8s.io/api v0.30.1/go.mod h1:ddbN2C0+0DIiPntan/bye3SW3PdwLa11/0yqwvuRrJM= +k8s.io/apiextensions-apiserver v0.30.1 h1:4fAJZ9985BmpJG6PkoxVRpXv9vmPUOVzl614xarePws= +k8s.io/apiextensions-apiserver v0.30.1/go.mod h1:R4GuSrlhgq43oRY9sF2IToFh7PVlF1JjfWdoG3pixk4= +k8s.io/apimachinery v0.30.1 h1:ZQStsEfo4n65yAdlGTfP/uSHMQSoYzU/oeEbkmF7P2U= +k8s.io/apimachinery v0.30.1/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc= +k8s.io/client-go v0.30.1 h1:uC/Ir6A3R46wdkgCV3vbLyNOYyCJ8oZnjtJGKfytl/Q= +k8s.io/client-go v0.30.1/go.mod h1:wrAqLNs2trwiCH/wxxmT/x3hKVH9PuV0GGW0oDoHVqc= +k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= +k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag= +k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/controller-runtime v0.17.2 h1:FwHwD1CTUemg0pW2otk7/U5/i5m2ymzvOXdbeGOUvw0= -sigs.k8s.io/controller-runtime v0.17.2/go.mod h1:+MngTvIQQQhfXtwfdGw/UOQ/aIaqsYywfCINOtwMO/s= +sigs.k8s.io/controller-runtime v0.18.4 h1:87+guW1zhvuPLh1PHybKdYFLU0YJp4FhJRmiHvm5BZw= +sigs.k8s.io/controller-runtime v0.18.4/go.mod h1:TVoGrfdpbA9VRFaRnKgk9P5/atA0pMwq+f+msb9M8Sg= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= diff --git a/helm/Chart.yaml b/helm/Chart.yaml index e36a40a..b131a8a 100644 --- a/helm/Chart.yaml +++ b/helm/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 name: sns-chart description: A Helm chart for the ACK service controller for Amazon Simple Notification Service (SNS) -version: 1.0.11 -appVersion: 1.0.11 +version: 1.0.12 +appVersion: 1.0.12 home: https://github.com/aws-controllers-k8s/sns-controller icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png sources: diff --git a/helm/crds/sns.services.k8s.aws_platformapplications.yaml b/helm/crds/sns.services.k8s.aws_platformapplications.yaml index dad09b5..5a589ae 100644 --- a/helm/crds/sns.services.k8s.aws_platformapplications.yaml +++ b/helm/crds/sns.services.k8s.aws_platformapplications.yaml @@ -61,6 +61,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object eventEndpointDeleted: @@ -78,6 +80,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object eventEndpointUpdated: @@ -95,6 +99,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object failureFeedbackRoleARN: @@ -112,6 +118,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object name: @@ -145,6 +153,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object successFeedbackSampleRate: diff --git a/helm/crds/sns.services.k8s.aws_platformendpoints.yaml b/helm/crds/sns.services.k8s.aws_platformendpoints.yaml index fe0ece6..09e3c99 100644 --- a/helm/crds/sns.services.k8s.aws_platformendpoints.yaml +++ b/helm/crds/sns.services.k8s.aws_platformendpoints.yaml @@ -40,9 +40,6 @@ spec: description: PlatformEndpointSpec defines the desired state of PlatformEndpoint. properties: customUserData: - description: |- - Arbitrary user data to associate with the endpoint. Amazon SNS does not use - this data. The data must be in UTF-8 format and less than 2KB. type: string enabled: type: string @@ -52,13 +49,6 @@ spec: create a an endpoint. type: string token: - description: |- - Unique identifier created by the notification service for an app on a device. - The specific name for Token will vary, depending on which notification service - is being used. For example, when using APNS as the notification service, - you need the device token. Alternatively, when using GCM (Firebase Cloud - Messaging) or ADM, the device token equivalent is called the registration - ID. type: string required: - platformApplicationARN diff --git a/helm/crds/sns.services.k8s.aws_subscriptions.yaml b/helm/crds/sns.services.k8s.aws_subscriptions.yaml index 4aae003..38dd9ad 100644 --- a/helm/crds/sns.services.k8s.aws_subscriptions.yaml +++ b/helm/crds/sns.services.k8s.aws_subscriptions.yaml @@ -140,6 +140,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object required: diff --git a/helm/crds/sns.services.k8s.aws_topics.yaml b/helm/crds/sns.services.k8s.aws_topics.yaml index 6cea46a..3db2bda 100644 --- a/helm/crds/sns.services.k8s.aws_topics.yaml +++ b/helm/crds/sns.services.k8s.aws_topics.yaml @@ -80,6 +80,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object name: @@ -109,6 +111,8 @@ spec: properties: name: type: string + namespace: + type: string type: object type: object signatureVersion: diff --git a/helm/templates/NOTES.txt b/helm/templates/NOTES.txt index f3aa4bd..654bb23 100644 --- a/helm/templates/NOTES.txt +++ b/helm/templates/NOTES.txt @@ -1,5 +1,5 @@ {{ .Chart.Name }} has been installed. -This chart deploys "public.ecr.aws/aws-controllers-k8s/sns-controller:1.0.11". +This chart deploys "public.ecr.aws/aws-controllers-k8s/sns-controller:1.0.12". Check its status by running: kubectl --namespace {{ .Release.Namespace }} get pods -l "app.kubernetes.io/instance={{ .Release.Name }}" diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl index c36f465..0e20b57 100644 --- a/helm/templates/_helpers.tpl +++ b/helm/templates/_helpers.tpl @@ -239,4 +239,13 @@ rules: - get - patch - update -{{- end }} \ No newline at end of file +{{- end }} + +{{/* Convert k/v map to string like: "key1=value1,key2=value2,..." */}} +{{- define "ack-sns-controller.feature-gates" -}} +{{- $list := list -}} +{{- range $k, $v := .Values.featureGates -}} +{{- $list = append $list (printf "%s=%s" $k ( $v | toString)) -}} +{{- end -}} +{{ join "," $list }} +{{- end -}} diff --git a/helm/templates/deployment.yaml b/helm/templates/deployment.yaml index e2aabe0..b0acb84 100644 --- a/helm/templates/deployment.yaml +++ b/helm/templates/deployment.yaml @@ -79,6 +79,10 @@ spec: {{- range $key, $value := .Values.reconcile.resourceMaxConcurrentSyncs }} - --reconcile-resource-max-concurrent-syncs - "$(RECONCILE_RESOURCE_MAX_CONCURRENT_SYNCS_{{ $key | upper }})" +{{- end }} +{{- if .Values.featureGates}} + - --feature-gates + - "$(FEATURE_GATES)" {{- end }} image: {{ .Values.image.repository }}:{{ .Values.image.tag }} imagePullPolicy: {{ .Values.image.pullPolicy }} @@ -122,6 +126,10 @@ spec: {{- range $key, $value := .Values.reconcile.resourceMaxConcurrentSyncs }} - name: RECONCILE_RESOURCE_MAX_CONCURRENT_SYNCS_{{ $key | upper }} value: {{ $key }}={{ $value }} +{{- end }} +{{- if .Values.featureGates}} + - name: FEATURE_GATES + value: {{ include "ack-sns-controller.feature-gates" . }} {{- end }} {{- if .Values.aws.credentials.secretName }} - name: AWS_SHARED_CREDENTIALS_FILE diff --git a/helm/values.schema.json b/helm/values.schema.json index 742163e..7ccb485 100644 --- a/helm/values.schema.json +++ b/helm/values.schema.json @@ -268,6 +268,13 @@ "type": "object" } }, + "featureGates": { + "description": "Feature gates settings", + "type": "object", + "additionalProperties": { + "type": "boolean" + } + }, "required": [ "image", "deployment", diff --git a/helm/values.yaml b/helm/values.yaml index cc0bb76..7d72397 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -4,7 +4,7 @@ image: repository: public.ecr.aws/aws-controllers-k8s/sns-controller - tag: 1.0.11 + tag: 1.0.12 pullPolicy: IfNotPresent pullSecrets: [] @@ -153,3 +153,10 @@ leaderElection: # will attempt to use the namespace of the service account mounted to the Controller # pod. namespace: "" + +# Configuration for feature gates. These are optional controller features that +# can be individually enabled ("true") or disabled ("false") by adding key/value +# pairs below. +featureGates: {} + # featureGate1: true + # featureGate2: false diff --git a/pkg/resource/platform_application/references.go b/pkg/resource/platform_application/references.go index b404363..2dd3fb2 100644 --- a/pkg/resource/platform_application/references.go +++ b/pkg/resource/platform_application/references.go @@ -79,36 +79,35 @@ func (rm *resourceManager) ResolveReferences( apiReader client.Reader, res acktypes.AWSResource, ) (acktypes.AWSResource, bool, error) { - namespace := res.MetaObject().GetNamespace() ko := rm.concreteResource(res).ko resourceHasReferences := false err := validateReferenceFields(ko) - if fieldHasReferences, err := rm.resolveReferenceForEventEndpointCreated(ctx, apiReader, namespace, ko); err != nil { + if fieldHasReferences, err := rm.resolveReferenceForEventEndpointCreated(ctx, apiReader, ko); err != nil { return &resource{ko}, (resourceHasReferences || fieldHasReferences), err } else { resourceHasReferences = resourceHasReferences || fieldHasReferences } - if fieldHasReferences, err := rm.resolveReferenceForEventEndpointDeleted(ctx, apiReader, namespace, ko); err != nil { + if fieldHasReferences, err := rm.resolveReferenceForEventEndpointDeleted(ctx, apiReader, ko); err != nil { return &resource{ko}, (resourceHasReferences || fieldHasReferences), err } else { resourceHasReferences = resourceHasReferences || fieldHasReferences } - if fieldHasReferences, err := rm.resolveReferenceForEventEndpointUpdated(ctx, apiReader, namespace, ko); err != nil { + if fieldHasReferences, err := rm.resolveReferenceForEventEndpointUpdated(ctx, apiReader, ko); err != nil { return &resource{ko}, (resourceHasReferences || fieldHasReferences), err } else { resourceHasReferences = resourceHasReferences || fieldHasReferences } - if fieldHasReferences, err := rm.resolveReferenceForFailureFeedbackRoleARN(ctx, apiReader, namespace, ko); err != nil { + if fieldHasReferences, err := rm.resolveReferenceForFailureFeedbackRoleARN(ctx, apiReader, ko); err != nil { return &resource{ko}, (resourceHasReferences || fieldHasReferences), err } else { resourceHasReferences = resourceHasReferences || fieldHasReferences } - if fieldHasReferences, err := rm.resolveReferenceForSuccessFeedbackRoleARN(ctx, apiReader, namespace, ko); err != nil { + if fieldHasReferences, err := rm.resolveReferenceForSuccessFeedbackRoleARN(ctx, apiReader, ko); err != nil { return &resource{ko}, (resourceHasReferences || fieldHasReferences), err } else { resourceHasReferences = resourceHasReferences || fieldHasReferences @@ -150,7 +149,6 @@ func validateReferenceFields(ko *svcapitypes.PlatformApplication) error { func (rm *resourceManager) resolveReferenceForEventEndpointCreated( ctx context.Context, apiReader client.Reader, - namespace string, ko *svcapitypes.PlatformApplication, ) (hasReferences bool, err error) { if ko.Spec.EventEndpointCreatedRef != nil && ko.Spec.EventEndpointCreatedRef.From != nil { @@ -159,6 +157,10 @@ func (rm *resourceManager) resolveReferenceForEventEndpointCreated( if arr.Name == nil || *arr.Name == "" { return hasReferences, fmt.Errorf("provided resource reference is nil or empty: EventEndpointCreatedRef") } + namespace := ko.ObjectMeta.GetNamespace() + if arr.Namespace != nil && *arr.Namespace != "" { + namespace = *arr.Namespace + } obj := &svcapitypes.Topic{} if err := getReferencedResourceState_Topic(ctx, apiReader, obj, *arr.Name, namespace); err != nil { return hasReferences, err @@ -227,7 +229,6 @@ func getReferencedResourceState_Topic( func (rm *resourceManager) resolveReferenceForEventEndpointDeleted( ctx context.Context, apiReader client.Reader, - namespace string, ko *svcapitypes.PlatformApplication, ) (hasReferences bool, err error) { if ko.Spec.EventEndpointDeletedRef != nil && ko.Spec.EventEndpointDeletedRef.From != nil { @@ -236,6 +237,10 @@ func (rm *resourceManager) resolveReferenceForEventEndpointDeleted( if arr.Name == nil || *arr.Name == "" { return hasReferences, fmt.Errorf("provided resource reference is nil or empty: EventEndpointDeletedRef") } + namespace := ko.ObjectMeta.GetNamespace() + if arr.Namespace != nil && *arr.Namespace != "" { + namespace = *arr.Namespace + } obj := &svcapitypes.Topic{} if err := getReferencedResourceState_Topic(ctx, apiReader, obj, *arr.Name, namespace); err != nil { return hasReferences, err @@ -253,7 +258,6 @@ func (rm *resourceManager) resolveReferenceForEventEndpointDeleted( func (rm *resourceManager) resolveReferenceForEventEndpointUpdated( ctx context.Context, apiReader client.Reader, - namespace string, ko *svcapitypes.PlatformApplication, ) (hasReferences bool, err error) { if ko.Spec.EventEndpointUpdatedRef != nil && ko.Spec.EventEndpointUpdatedRef.From != nil { @@ -262,6 +266,10 @@ func (rm *resourceManager) resolveReferenceForEventEndpointUpdated( if arr.Name == nil || *arr.Name == "" { return hasReferences, fmt.Errorf("provided resource reference is nil or empty: EventEndpointUpdatedRef") } + namespace := ko.ObjectMeta.GetNamespace() + if arr.Namespace != nil && *arr.Namespace != "" { + namespace = *arr.Namespace + } obj := &svcapitypes.Topic{} if err := getReferencedResourceState_Topic(ctx, apiReader, obj, *arr.Name, namespace); err != nil { return hasReferences, err @@ -279,7 +287,6 @@ func (rm *resourceManager) resolveReferenceForEventEndpointUpdated( func (rm *resourceManager) resolveReferenceForFailureFeedbackRoleARN( ctx context.Context, apiReader client.Reader, - namespace string, ko *svcapitypes.PlatformApplication, ) (hasReferences bool, err error) { if ko.Spec.FailureFeedbackRoleRef != nil && ko.Spec.FailureFeedbackRoleRef.From != nil { @@ -288,6 +295,10 @@ func (rm *resourceManager) resolveReferenceForFailureFeedbackRoleARN( if arr.Name == nil || *arr.Name == "" { return hasReferences, fmt.Errorf("provided resource reference is nil or empty: FailureFeedbackRoleRef") } + namespace := ko.ObjectMeta.GetNamespace() + if arr.Namespace != nil && *arr.Namespace != "" { + namespace = *arr.Namespace + } obj := &iamapitypes.Role{} if err := getReferencedResourceState_Role(ctx, apiReader, obj, *arr.Name, namespace); err != nil { return hasReferences, err @@ -356,7 +367,6 @@ func getReferencedResourceState_Role( func (rm *resourceManager) resolveReferenceForSuccessFeedbackRoleARN( ctx context.Context, apiReader client.Reader, - namespace string, ko *svcapitypes.PlatformApplication, ) (hasReferences bool, err error) { if ko.Spec.SuccessFeedbackRoleRef != nil && ko.Spec.SuccessFeedbackRoleRef.From != nil { @@ -365,6 +375,10 @@ func (rm *resourceManager) resolveReferenceForSuccessFeedbackRoleARN( if arr.Name == nil || *arr.Name == "" { return hasReferences, fmt.Errorf("provided resource reference is nil or empty: SuccessFeedbackRoleRef") } + namespace := ko.ObjectMeta.GetNamespace() + if arr.Namespace != nil && *arr.Namespace != "" { + namespace = *arr.Namespace + } obj := &iamapitypes.Role{} if err := getReferencedResourceState_Role(ctx, apiReader, obj, *arr.Name, namespace); err != nil { return hasReferences, err diff --git a/pkg/resource/subscription/references.go b/pkg/resource/subscription/references.go index 6737eaa..79404d9 100644 --- a/pkg/resource/subscription/references.go +++ b/pkg/resource/subscription/references.go @@ -56,12 +56,11 @@ func (rm *resourceManager) ResolveReferences( apiReader client.Reader, res acktypes.AWSResource, ) (acktypes.AWSResource, bool, error) { - namespace := res.MetaObject().GetNamespace() ko := rm.concreteResource(res).ko resourceHasReferences := false err := validateReferenceFields(ko) - if fieldHasReferences, err := rm.resolveReferenceForTopicARN(ctx, apiReader, namespace, ko); err != nil { + if fieldHasReferences, err := rm.resolveReferenceForTopicARN(ctx, apiReader, ko); err != nil { return &resource{ko}, (resourceHasReferences || fieldHasReferences), err } else { resourceHasReferences = resourceHasReferences || fieldHasReferences @@ -90,7 +89,6 @@ func validateReferenceFields(ko *svcapitypes.Subscription) error { func (rm *resourceManager) resolveReferenceForTopicARN( ctx context.Context, apiReader client.Reader, - namespace string, ko *svcapitypes.Subscription, ) (hasReferences bool, err error) { if ko.Spec.TopicRef != nil && ko.Spec.TopicRef.From != nil { @@ -99,6 +97,10 @@ func (rm *resourceManager) resolveReferenceForTopicARN( if arr.Name == nil || *arr.Name == "" { return hasReferences, fmt.Errorf("provided resource reference is nil or empty: TopicRef") } + namespace := ko.ObjectMeta.GetNamespace() + if arr.Namespace != nil && *arr.Namespace != "" { + namespace = *arr.Namespace + } obj := &svcapitypes.Topic{} if err := getReferencedResourceState_Topic(ctx, apiReader, obj, *arr.Name, namespace); err != nil { return hasReferences, err diff --git a/pkg/resource/topic/references.go b/pkg/resource/topic/references.go index 0041435..8b992a7 100644 --- a/pkg/resource/topic/references.go +++ b/pkg/resource/topic/references.go @@ -68,18 +68,17 @@ func (rm *resourceManager) ResolveReferences( apiReader client.Reader, res acktypes.AWSResource, ) (acktypes.AWSResource, bool, error) { - namespace := res.MetaObject().GetNamespace() ko := rm.concreteResource(res).ko resourceHasReferences := false err := validateReferenceFields(ko) - if fieldHasReferences, err := rm.resolveReferenceForKMSMasterKeyID(ctx, apiReader, namespace, ko); err != nil { + if fieldHasReferences, err := rm.resolveReferenceForKMSMasterKeyID(ctx, apiReader, ko); err != nil { return &resource{ko}, (resourceHasReferences || fieldHasReferences), err } else { resourceHasReferences = resourceHasReferences || fieldHasReferences } - if fieldHasReferences, err := rm.resolveReferenceForPolicy(ctx, apiReader, namespace, ko); err != nil { + if fieldHasReferences, err := rm.resolveReferenceForPolicy(ctx, apiReader, ko); err != nil { return &resource{ko}, (resourceHasReferences || fieldHasReferences), err } else { resourceHasReferences = resourceHasReferences || fieldHasReferences @@ -109,7 +108,6 @@ func validateReferenceFields(ko *svcapitypes.Topic) error { func (rm *resourceManager) resolveReferenceForKMSMasterKeyID( ctx context.Context, apiReader client.Reader, - namespace string, ko *svcapitypes.Topic, ) (hasReferences bool, err error) { if ko.Spec.KMSMasterKeyRef != nil && ko.Spec.KMSMasterKeyRef.From != nil { @@ -118,6 +116,10 @@ func (rm *resourceManager) resolveReferenceForKMSMasterKeyID( if arr.Name == nil || *arr.Name == "" { return hasReferences, fmt.Errorf("provided resource reference is nil or empty: KMSMasterKeyRef") } + namespace := ko.ObjectMeta.GetNamespace() + if arr.Namespace != nil && *arr.Namespace != "" { + namespace = *arr.Namespace + } obj := &kmsapitypes.Key{} if err := getReferencedResourceState_Key(ctx, apiReader, obj, *arr.Name, namespace); err != nil { return hasReferences, err @@ -186,7 +188,6 @@ func getReferencedResourceState_Key( func (rm *resourceManager) resolveReferenceForPolicy( ctx context.Context, apiReader client.Reader, - namespace string, ko *svcapitypes.Topic, ) (hasReferences bool, err error) { if ko.Spec.PolicyRef != nil && ko.Spec.PolicyRef.From != nil { @@ -195,6 +196,10 @@ func (rm *resourceManager) resolveReferenceForPolicy( if arr.Name == nil || *arr.Name == "" { return hasReferences, fmt.Errorf("provided resource reference is nil or empty: PolicyRef") } + namespace := ko.ObjectMeta.GetNamespace() + if arr.Namespace != nil && *arr.Namespace != "" { + namespace = *arr.Namespace + } obj := &iamapitypes.Policy{} if err := getReferencedResourceState_Policy(ctx, apiReader, obj, *arr.Name, namespace); err != nil { return hasReferences, err