kube: standardize on a `local ns` convention
A convention is introduced to specify the kube.Namespace object in a deployment as a `local ns` instead of an `ns:` or a `namespace:` for these reasons:
- non-cluster admins cannot create new namespaces, and we've been moving in the direction of specifying objects that require cluster admin permissions to apply (policies, role bindings) in //cluster/kube/k0 instead of in the app jsonnet
- namespace admins CAN delete the namespace, making `kubecfg delete` unexpectedly dangerous (especially if a namespace contains more than just the contents of the file being applied - common with personal namespaces)
- `.Contain()` is a common operation, and it shows up in lines that are pretty long, so `ns.Contain()` is preferable to `app.ns.Contain()` or `service.namespace.Contain()`
Change-Id: Ie4ea825376dbf6faa175179054f3ee3de2253ae0
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1804
Reviewed-by: q3k <q3k@hackerspace.pl>
diff --git a/app/matrix/lib/matrix-ng.libsonnet b/app/matrix/lib/matrix-ng.libsonnet
index 18120f0..620a8d5 100644
--- a/app/matrix/lib/matrix-ng.libsonnet
+++ b/app/matrix/lib/matrix-ng.libsonnet
@@ -243,7 +243,7 @@
},
},
- namespace: kube.Namespace(cfg.namespace),
+ local ns = kube.Namespace(cfg.namespace),
postgres3: if cfg.postgres.enable then postgres {
local psql = self,
@@ -282,7 +282,7 @@
},
riot: riot {
- ns: app.namespace,
+ ns: ns,
cfg+: {
webDomain: cfg.webDomain,
serverName: cfg.serverName,
@@ -292,7 +292,7 @@
cas: if cfg.cas.enable && cfg.oidc.enable then error "cfg.cas.enable and cfg.oidc.enable options are exclusive"
else if cfg.cas.enable then cas {
- ns: app.namespace,
+ ns: ns,
cfg+: {
image: cfg.images.casProxy,
webDomain: cfg.webDomain,
@@ -301,7 +301,7 @@
},
wellKnown: if cfg.wellKnown then wellKnown {
- ns: app.namespace,
+ ns: ns,
cfg+: {
image: cfg.images.wellKnown,
webDomain: cfg.webDomain,
@@ -309,7 +309,7 @@
} else {},
mediaRepo: if cfg.mediaRepo.enable then mediaRepo {
- ns: app.namespace,
+ ns: ns,
cfg+: {
image: cfg.images.mediaRepo,
@@ -324,7 +324,7 @@
} else {},
coturn: if cfg.coturn.enable then coturn {
- ns: app.namespace,
+ ns: ns,
cfg+: {
storageClassName: cfg.storageClassName,
image: cfg.images.coturn,
@@ -335,7 +335,7 @@
} else null,
synapse: synapse {
- ns: app.namespace,
+ ns: ns,
postgres: if cfg.postgres.enable then app.postgres3 else {
# If not using on-cluster postgres, pass the config postgres object
# as the postgres object into the synapse lib. It's a bit ugly (we