Skip to content

feat: add multi-namespace support #124

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

feat: add multi-namespace support #124

wants to merge 3 commits into from

Conversation

kacpersaw
Copy link

Description

This PR adds multi-namespace support to coder-logstream-kube, allowing users to monitor pod events across multiple namespaces or all namespaces in a cluster. This replaces the previous single-namespace limitation.

Closes #5

Changes

  • Multi-namespace monitoring: The service can now watch multiple namespaces simultaneously or all namespaces when none are specified
  • Namespace filtering: Users can specify a comma-separated list of namespaces to monitor via the --namespaces flag or CODER_NAMESPACES environment variable

Kubernetes RBAC Updates

  • ClusterRole/ClusterRoleBinding: Upgraded from Role/RoleBinding to ClusterRole/ClusterRoleBinding to support cross-namespace access

Configuration Changes

  • Helm values: Updated values.yaml to use namespaces array instead of single namespace string
  • Environment variables: Changed from CODER_NAMESPACE to CODER_NAMESPACES (comma-separated)
  • Command line flags: Updated --namespace flag to --namespaces with comma-separated support

Example

# Command line
./coder-logstream-kube --namespaces "default,kube-system,my-app"

# Environment variable
export CODER_NAMESPACES="default,kube-system,my-app"
./coder-logstream-kube

# Helm
helm install coder-logstream-kube coder-logstream-kube/coder-logstream-kube \
    --set namespaces[0]=default \
    --set namespaces[1]=kube-system \
    --set namespaces[2]=my-app

Breaking Changes

  • Environment variable: CODER_NAMESPACE is replaced with CODER_NAMESPACES
  • Command line flag: --namespace is replaced with --namespaces
  • Helm values: namespace string is replaced with namespaces array

@kacpersaw kacpersaw marked this pull request as ready for review August 25, 2025 08:01
deansheather
deansheather reviewed Aug 25, 2025
View reviewed changes
helm/templates/service.yaml Outdated
@@ -1,5 +1,5 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
kind: ClusterRole
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If namespaces are specified, this should probably be a for loop to create the role and role binding in each namespace, rather than granting full cluster permissions

You should probably make the permissions block a reusable template though

helm/templates/service.yaml Outdated
Comment on lines 79 to 80
- name: CODER_NAMESPACES
value: {{ if .Values.namespaces }}{{ join "," .Values.namespaces }}{{ else }}{{ end }}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- name: CODER_NAMESPACES
value: {{ if .Values.namespaces }}{{ join "," .Values.namespaces }}{{ else }}{{ end }}
{{ if .Values.namespaces -}}
- name: CODER_NAMESPACES
value: "{{ join "," .Values.namespaces }}"
{{ end -}}

logger.go
@@ -96,21 +107,21 @@ type podEventLogger struct {
}

// init starts the informer factory and registers event handlers.
func (p *podEventLogger) init() error {
func (p *podEventLogger) initNamespace(namespace string) error {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should include a sentence in the method comment explaining the namespace parameter

@kacpersaw kacpersaw requested a review from deansheather August 25, 2025 10:49
deansheather
deansheather approved these changes Aug 25, 2025
View reviewed changes
helm/values.yaml
namespace: ""
# namespace -- List of namespaces to search for Pods within.
# If unspecified or empty it will watch all namespaces.
namespaces: []
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is breaking so make sure you inform customers in the release notes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@deansheather deansheather deansheather approved these changes

@ethanndickson ethanndickson Awaiting requested review from ethanndickson

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Don't limit CODER_NAMESPACE to a single namespace
2 participants
@kacpersaw @deansheather