✅ Deploy Preview for capsule-documentation canceled.

We'll have to do some discussions around this. I am currently refactoring to a generic CEL based approach which would also solve this case. But thanks for the commit for now, I will get back to it

@oliverbaehler Any news on the discussion? Our usecase for this is that we want to implement pod security baseline and restricted policies on specific namespaces (https://kubernetes.io/docs/concepts/security/pod-security-standards/). Is there any way we can speedup this feature request?

@peterbosalliandercom yes i get your use-case and it does make sense. However we want to move away from such specific implementations and refactor into more generic solutions, since they are technical dept. Such that we could eg. deprecated the additionalMetadata for pod, services etc. as well. A generic approach to having patches for any kind of manifests on tenant basis with given selector options. That's what i would aim for.

I will have to create a poc on the weekend and see how difficult that is to implement. Based on these findings we will either merge this as is and keep the prospect, that it will be deprecated in the v1 api bump or i will port the same functionality to that generic feature.

Make sense?

Is there any way we can speedup this feature request?

Generally speaking, we're always happy to receive newer contributions: we have limited resources to allocate to the project, especially considering the efforts in reviewing code from non-maintainers.

Remember that Capsule is backed by two vendors (CLASTIX and PeakScale) which offer features prioritisations as well as other professional services, and addons.

I am currently refactoring to a generic CEL based approach which would also solve this case.

We should go toward CEL and drop support of custom handlers where it is possible: @maxgio92 started a PoC with VAP/CEL while working at CLASTIX.

Sorry i haven't had time yet. I am happy to accept this change in the current spec. @Deofex could you merge and resolve the conflicts on the crd?

Sorry i haven't had time yet. I am happy to accept this change in the current spec. @Deofex could you merge and resolve the conflicts on the crd?

Sorry for the delayed reply — GitHub has been flooding me with notifications but somehow skipping the important ones. I definitely need to look into that. As you already noticed (and reviewed), the conflicts are resolved.

@Deofex workflows approved. Lets see a green e2e :)

There's quite a bit of red there, unfortunately.

Classic “it works on my machine” 🙃:

Ran 115 of 129 Specs in 644.815 seconds  
SUCCESS! -- 115 Passed | 0 Failed | 0 Pending | 14 Skipped

I'll take a look, but if anyone has an idea of what’s causing the failures, I’d appreciate the input — I’m not seeing anything in my code that would explain them.

I also noticed the linter is failing on a Cyclomatic Complexity check. I’ll see if I can split up the syncNamespaceMetadata method.

Is the check commit a required check? If so, I’ll need to adjust my commit messages accordingly.

I refactored the syncNamespaceMetadata method.
I adjusted my commit messages.
The e2e test succeeds multiple times on my laptop. I can't find the cause why it failed in the pipeline.

Can someone review the refactored method and try the 2e2 test again in the pipeline?