Skip to content

Add managed-by labels to roxie-created namespaces#58

Merged
AlexVulaj merged 2 commits into
mainfrom
add-managed-by-labels
Mar 9, 2026
Merged

Add managed-by labels to roxie-created namespaces#58
AlexVulaj merged 2 commits into
mainfrom
add-managed-by-labels

Conversation

@AlexVulaj
Copy link
Copy Markdown
Contributor

@AlexVulaj AlexVulaj commented Feb 19, 2026

What

Labels all roxie-created namespaces with app.kubernetes.io/managed-by: roxie.

Why

This is phase 1 of improving teardown UX. Currently, users must remember which flags they used during deployment and specify the same flags during teardown. Without them, teardown silently skips with "Namespace doesn't exist.

Adding these labels enables future auto-detection of roxie-managed namespaces during teardown, so users won't need to remember/specify flags.

Changes

  • Labels are added to both new and pre-existing namespaces (using --overwrite)
  • Uses Kubernetes-recommended label convention (app.kubernetes.io/managed-by)

Testing

Dual-namespace mode (default):

make
./roxie deploy
kubectl get namespace -l app.kubernetes.io/managed-by=roxie
# Verified: acs-central and acs-sensor both labeled
./roxie teardown

Single-namespace mode:

./roxie deploy --single-namespace
kubectl get namespace -l app.kubernetes.io/managed-by=roxie
# Verified: stackrox namespace labeled
./roxie teardown --single-namespace

@AlexVulaj AlexVulaj force-pushed the add-managed-by-labels branch from c718a98 to 28c188a Compare February 19, 2026 22:36
mclasmeier
mclasmeier reviewed Mar 3, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@mclasmeier mclasmeier left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think adding managed-by labels is generally a good practice, so let's do that. It is not 100% clear to me how exactly this will help us with teardown-flow selection, but lets see.

I do have one suggestion though, which will allow us to implement a different feature later:

How about we not label existing namespaces, but only those which are really created by roxie? This would, as a follow-up, allow us to implement a safety check later (#19): Before modifying any resources in a namespace (I am specifically having the standard namespace stackrox with a teardown scenario in mind here), check if this label exists and if it does not, terminate with an error instead of happily modifying the cluster.

This could serve as a safety measure where we prevent accidental modifications of the wrong cluster.

@AlexVulaj
Copy link
Copy Markdown
Contributor Author

AlexVulaj commented Mar 4, 2026

@mclasmeier I like that approach - only label what we actually create. That'll make the teardown logic obvious (label = delete namespace, no label = delete resources only) and sets us up for the safety check later.

I'll update this PR to only add labels on namespace creation - appreciate the guidance!

@AlexVulaj AlexVulaj force-pushed the add-managed-by-labels branch from c7bd67c to a9efa98 Compare March 4, 2026 21:07
mclasmeier
mclasmeier reviewed Mar 5, 2026
View reviewed changes
Comment thread tests/e2e/e2e_test.go
mclasmeier
mclasmeier approved these changes Mar 5, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@mclasmeier mclasmeier left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you!

@AlexVulaj AlexVulaj merged commit 45d254c into main Mar 9, 2026
3 checks passed
@AlexVulaj AlexVulaj deleted the add-managed-by-labels branch March 9, 2026 15:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mclasmeier mclasmeier mclasmeier approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@AlexVulaj @mclasmeier