From cff3f8442ea5fff63f028593beed30a23e834c43 Mon Sep 17 00:00:00 2001 From: Joel Smith Date: Mon, 18 Sep 2023 17:57:27 -0600 Subject: [PATCH] Use installed namespace if WATCH_NAMESPACE not set Signed-off-by: Joel Smith --- main.go | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/main.go b/main.go index 2785b3f6d..757d55dad 100644 --- a/main.go +++ b/main.go @@ -21,6 +21,7 @@ import ( "fmt" "os" "runtime" + "strings" // Import all Kubernetes client auth plugins (e.g. Azure, GCP, OIDC, etc.) // to ensure that exec-entrypoint and run can make use of them. @@ -46,6 +47,10 @@ var ( setupLog = ctrl.Log.WithName("setup") ) +const ( + serviceAccountNamespaceFile = "/var/run/secrets/kubernetes.io/serviceaccount/namespace" +) + func init() { utilruntime.Must(clientgoscheme.AddToScheme(scheme)) @@ -134,12 +139,20 @@ func main() { } // getWatchNamespace returns the namespace the operator should be watching for changes -// it tries to read this information from env variable `WATCH_NAMESPACE` -// if not set, namespace `keda` is used +// It tries to read this information from env variable `WATCH_NAMESPACE`. If not set +// or empty, it attempts to determine which namespace it is running in via the +// automounted service account data. If unavailable, namespace `keda` is used func getWatchNamespace() string { - ns, found := os.LookupEnv("WATCH_NAMESPACE") - if !found { - return "keda" + var ns string + var found bool + if ns, found = os.LookupEnv("WATCH_NAMESPACE"); found && len(ns) > 0 { + setupLog.Info(fmt.Sprintf("Using watch namespace '%s' from environment variable WATCH_NAMESPACE", ns)) + } else if nsBytes, err := os.ReadFile(serviceAccountNamespaceFile); err == nil { + ns = strings.TrimSpace(string(nsBytes)) + setupLog.Info(fmt.Sprintf("Using watch namespace '%s' from service account namespace specified in %s", ns, serviceAccountNamespaceFile)) + } else { + ns = "keda" + setupLog.Info(fmt.Sprintf("Using default watch namespace '%s'", ns)) } return ns }