You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This becomes an issue if admission controller is deployed and has policies enforcing Namespaces to have some mandatory labels, for example: pod security standard labels, Istio version or ownership.
Admission controller enforces policy on request level - in this case namespaces creation, which Helmsman performs always without any labels.
A possible solution would be to create a namespace with all attributes in a single request with kubectl apply
The text was updated successfully, but these errors were encountered:
Creating a namespace with specified labels & annotations is split into multiple requests in helmsman:
https://github.com/Praqma/helmsman/blob/master/internal/app/kube_helpers.go#L27-L29
This becomes an issue if admission controller is deployed and has policies enforcing Namespaces to have some mandatory labels, for example: pod security standard labels, Istio version or ownership.
Admission controller enforces policy on request level - in this case namespaces creation, which Helmsman performs always without any labels.
A possible solution would be to create a namespace with all attributes in a single request with
kubectl applyThe text was updated successfully, but these errors were encountered: