Skip to content
This repository has been archived by the owner on Oct 27, 2022. It is now read-only.

open-cluster-management-io/governance-policy-spec-sync

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

122 Commits
.github/workflows
.github/workflows
 
 
CHANGELOG
CHANGELOG
 
 
build
build
 
 
controllers
controllers
 
 
deploy
deploy
 
 
hack
hack
 
 
test
test
 
 
tool
tool
 
 
version
version
 
 
.copyrightignore
.copyrightignore
 
 
.dockerignore
.dockerignore
 
 
.gitignore
.gitignore
 
 
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
 
 
COMPONENT_NAME
COMPONENT_NAME
 
 
COMPONENT_VERSION
COMPONENT_VERSION
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
DCO
DCO
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
Makefile.prow
Makefile.prow
 
 
OWNERS
OWNERS
 
 
PROJECT
PROJECT
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 
main_test.go
main_test.go
 
 
sonar-project.properties
sonar-project.properties
 
 
tools.go
tools.go
 
 

Repository files navigation

Governance Policy Spec Sync KinD testsLicense

Deprecation Notice

The standalone version of the controller has been removed in versions newer than v0.8.x. This controller is now part of governance-policy-framework-addon.

Description

The governance policy spec sync is a controller that runs on managed clusters, updating local Policy specs to match Policies in the cluster's namespace on the hub cluster. This controller is a part of the governance-policy-framework.

The operator watches for changes to Policies in the cluster's namespace on the hub cluster to trigger a reconcile. Every reconcile creates/updates/deletes replicated policies on the managed cluster to match the spec from the hub cluster.

Geting started

Go to the Contributing guide to learn how to get involved.

Check the Security guide if you need to report a security issue.

Build and deploy locally

You will need kind installed.

make kind-bootstrap-cluster-dev
make build-images
make kind-deploy-controller-dev

Running tests

make test-dependencies
make test

make e2e-dependencies
make e2e-test

Clean up

make kind-delete-cluster

deploy/operator.yaml

The deploy/operator.yaml file is generated via Kustomize. The deploy/rbac directory of Kustomize files is managed by the operator-sdk and Kubebuilder using markers. After updating the markers or any of the Kustomize files, you may regenerate deploy/operator.yaml by running make generate-operator-yaml.

The secret-sync controller requires access to get, create, update, and delete Secret objects in the managed cluster namespace. Since the managed cluster namespace is not known at build time, the configuration in deploy/operator.yaml grants this access cluster wide. In a production environment, limit this to just the managed cluster namespace.

References

  • The governance-policy-spec-sync is part of the open-cluster-management community. For more information, visit: open-cluster-management.io.

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

2 stars

Watchers

3 watching

Forks

8 forks
Report repository

Releases 4

v0.8.0 Latest
Jul 22, 2022
+ 3 releases

Packages

 
 
 

Contributors 11

Languages