feature: get namespace name from release command

Signed-off-by: Alessandro Affinito <affinito.ale@gmail.com>

Makefile

@@ -175,13 +175,13 @@ $(BUILD_DIR)/kubernetes-split-yaml: $(BUILD_DIR)
 
 .PHONY: deployments
 deployments: $(BUILD_DIR)/kustomize manifests generate ## Generate the deployment files with kustomize
-	$(BUILD_DIR)/kustomize build --reorder=none deploy/overlays/cluster -o deploy/operator.yaml
-	$(BUILD_DIR)/kustomize build --reorder=none deploy/overlays/namespaced -o deploy/namespace-operator.yaml
-	$(BUILD_DIR)/kustomize build --reorder=none deploy/overlays/openshift-dev -o deploy/openshift-dev.yaml
-	$(BUILD_DIR)/kustomize build --reorder=none deploy/overlays/openshift-downstream -o deploy/openshift-downstream.yaml
-	$(BUILD_DIR)/kustomize build --reorder=none deploy/overlays/helm -o deploy/helm/templates/static-resources.yaml
-	$(BUILD_DIR)/kustomize build --reorder=none deploy/base-crds -o deploy/helm/crds/crds.yaml
-	$(BUILD_DIR)/kustomize build --reorder=legacy deploy/overlays/webhook -o deploy/webhook-operator.yaml
+	$(BUILD_DIR)/kustomize build deploy/overlays/cluster -o deploy/operator.yaml
+	$(BUILD_DIR)/kustomize build deploy/overlays/namespaced -o deploy/namespace-operator.yaml
+	$(BUILD_DIR)/kustomize build deploy/overlays/openshift-dev -o deploy/openshift-dev.yaml
+	$(BUILD_DIR)/kustomize build deploy/overlays/openshift-downstream -o deploy/openshift-downstream.yaml
+	$(BUILD_DIR)/kustomize build deploy/overlays/helm -o deploy/helm/templates/static-resources.yaml
+	$(BUILD_DIR)/kustomize build deploy/base-crds -o deploy/helm/crds/crds.yaml
+	$(BUILD_DIR)/kustomize build deploy/overlays/webhook -o deploy/webhook-operator.yaml
 
 .PHONY: image
 image: ## Build the container image

deploy/base-crds/kustomization.yaml

@@ -1,18 +1,21 @@
----
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 
-commonLabels:
-  app: security-profiles-operator
+sortOptions:
+  order: fifo
 
 resources:
-  - crds/profilebinding.yaml
-  - crds/profilerecording.yaml
-  - crds/seccompprofile.yaml
-  - crds/securityprofilenodestatus.yaml
-  - crds/securityprofilesoperatordaemon.yaml
-  - crds/selinuxpolicy.yaml
-  - crds/apparmorprofile.yaml
+- crds/profilebinding.yaml
+- crds/profilerecording.yaml
+- crds/seccompprofile.yaml
+- crds/securityprofilenodestatus.yaml
+- crds/securityprofilesoperatordaemon.yaml
+- crds/selinuxpolicy.yaml
+- crds/apparmorprofile.yaml
 
 generatorOptions:
   disableNameSuffixHash: true
+labels:
+- includeSelectors: true
+  pairs:
+    app: security-profiles-operator

deploy/base/kustomization.yaml

@@ -1,24 +1,25 @@
----
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 
-commonLabels:
-  app: security-profiles-operator
 
 resources:
-  - ns.yaml
-  - service_account.yaml
-  - role.yaml
-  - role_binding.yaml
-  - mutatingwebhookconfig.yaml
-  - metrics_client.yaml
+- ns.yaml
+- service_account.yaml
+- role.yaml
+- role_binding.yaml
+- mutatingwebhookconfig.yaml
+- metrics_client.yaml
 
 configMapGenerator:
-  - name: security-profiles-operator-profile
-    files:
-      - profiles/security-profiles-operator.json
-      - profiles/selinuxd.cil
-      - profiles/selinuxrecording.cil
+- files:
+  - profiles/security-profiles-operator.json
+  - profiles/selinuxd.cil
+  - profiles/selinuxrecording.cil
+  name: security-profiles-operator-profile
 
 generatorOptions:
   disableNameSuffixHash: true
+labels:
+- includeSelectors: true
+  pairs:
+    app: security-profiles-operator

deploy/helm/templates/config.yaml

@@ -4,7 +4,7 @@ metadata:
   labels:
     app: security-profiles-operator
   name: spod
-  namespace: security-profiles-operator
+  namespace: {{ .Release.Namespace }}
 spec:
   enableSelinux: {{ .Values.enableSelinux }}
   enableLogEnricher: {{ .Values.enableLogEnricher }}

deploy/helm/templates/deployment.yaml

@@ -5,7 +5,7 @@ metadata:
     app: security-profiles-operator
     {{- include "security-profiles-operator.labels" . | nindent 4 }}
   name: security-profiles-operator
-  namespace: security-profiles-operator
+  namespace: {{ .Release.Namespace }}
 spec:
   {{- if not .Values.autoscaling.enabled }}
   replicas: {{ .Values.replicaCount }}

deploy/helm/templates/static-resources.yaml

@@ -7,31 +7,31 @@ metadata:
     pod-security.kubernetes.io/audit: privileged
     pod-security.kubernetes.io/enforce: privileged
     pod-security.kubernetes.io/warn: privileged
-  name: security-profiles-operator
+  name: '{{ .Release.Namespace }}'
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
   labels:
     app: security-profiles-operator
   name: security-profiles-operator
-  namespace: security-profiles-operator
+  namespace: '{{ .Release.Namespace }}'
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
   labels:
     app: security-profiles-operator
   name: spod
-  namespace: security-profiles-operator
+  namespace: '{{ .Release.Namespace }}'
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
   labels:
     app: security-profiles-operator
   name: spo-webhook
-  namespace: security-profiles-operator
+  namespace: '{{ .Release.Namespace }}'
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
@@ -294,7 +294,7 @@ metadata:
   labels:
     app: security-profiles-operator
   name: security-profiles-operator
-  namespace: security-profiles-operator
+  namespace: '{{ .Release.Namespace }}'
 rules:
 - apiGroups:
   - coordination.k8s.io
@@ -508,7 +508,7 @@ metadata:
   labels:
     app: security-profiles-operator
   name: spod
-  namespace: security-profiles-operator
+  namespace: '{{ .Release.Namespace }}'
 rules:
 - apiGroups:
   - security.openshift.io
@@ -619,7 +619,7 @@ metadata:
   labels:
     app: security-profiles-operator
   name: spo-webhook
-  namespace: security-profiles-operator
+  namespace: '{{ .Release.Namespace }}'
 rules:
 - apiGroups:
   - coordination.k8s.io
@@ -650,93 +650,95 @@ metadata:
   labels:
     app: security-profiles-operator
   name: security-profiles-operator
-  namespace: security-profiles-operator
+  namespace: '{{ .Release.Namespace }}'
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
   name: security-profiles-operator
 subjects:
 - kind: ServiceAccount
   name: security-profiles-operator
-  namespace: security-profiles-operator
+  namespace: '{{ .Release.Namespace }}'
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
   labels:
     app: security-profiles-operator
   name: security-profiles-operator
-  namespace: security-profiles-operator
+  namespace: '{{ .Release.Namespace }}'
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
   name: security-profiles-operator
 subjects:
 - kind: ServiceAccount
   name: security-profiles-operator
+  namespace: '{{ .Release.Namespace }}'
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   labels:
     app: security-profiles-operator
   name: spod
-  namespace: security-profiles-operator
+  namespace: '{{ .Release.Namespace }}'
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
   name: spod
 subjects:
 - kind: ServiceAccount
   name: spod
-  namespace: security-profiles-operator
+  namespace: '{{ .Release.Namespace }}'
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
   labels:
     app: security-profiles-operator
   name: spod
-  namespace: security-profiles-operator
+  namespace: '{{ .Release.Namespace }}'
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
   name: spod
 subjects:
 - kind: ServiceAccount
   name: spod
-  namespace: security-profiles-operator
+  namespace: '{{ .Release.Namespace }}'
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   labels:
     app: security-profiles-operator
   name: spo-webhook
-  namespace: security-profiles-operator
+  namespace: '{{ .Release.Namespace }}'
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
   name: spo-webhook
 subjects:
 - kind: ServiceAccount
   name: spo-webhook
-  namespace: security-profiles-operator
+  namespace: '{{ .Release.Namespace }}'
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
   labels:
     app: security-profiles-operator
   name: spo-webhook
-  namespace: security-profiles-operator
+  namespace: '{{ .Release.Namespace }}'
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
   name: spo-webhook
 subjects:
 - kind: ServiceAccount
   name: spo-webhook
+  namespace: '{{ .Release.Namespace }}'
 ---
 apiVersion: admissionregistration.k8s.io/v1
 kind: MutatingWebhookConfiguration
@@ -764,14 +766,15 @@ metadata:
   labels:
     app: security-profiles-operator
   name: spo-metrics-client
+  namespace: '{{ .Release.Namespace }}'
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
   name: spo-metrics-client
 subjects:
 - kind: ServiceAccount
   name: default
-  namespace: security-profiles-operator
+  namespace: '{{ .Release.Namespace }}'
 ---
 apiVersion: v1
 kind: Secret
@@ -781,7 +784,7 @@ metadata:
   labels:
     app: security-profiles-operator
   name: metrics-token
-  namespace: security-profiles-operator
+  namespace: '{{ .Release.Namespace }}'
 type: kubernetes.io/service-account-token
 ---
 apiVersion: v1
@@ -926,4 +929,3 @@ metadata:
   labels:
     app: security-profiles-operator
   name: security-profiles-operator-profile
-  namespace: security-profiles-operator

deploy/kustomize-deployment/kustomization.yaml

@@ -1,17 +1,18 @@
----
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 
 images:
-  - name: security-profiles-operator
-    newName: gcr.io/k8s-staging-sp-operator/security-profiles-operator
-    newTag: latest
+- name: security-profiles-operator
+  newName: gcr.io/k8s-staging-sp-operator/security-profiles-operator
+  newTag: latest
     # For images to be released:
     # newName: registry.k8s.io/security-profiles-operator/security-profiles-operator
     # newTag: v0.6.1
 
-commonLabels:
-  app: security-profiles-operator
 
 resources:
-  - manager_deployment.yaml
+- manager_deployment.yaml
+labels:
+- includeSelectors: true
+  pairs:
+    app: security-profiles-operator

deploy/namespace-operator.yaml

@@ -2944,7 +2944,7 @@ metadata:
   labels:
     app: security-profiles-operator
   name: security-profiles-operator-profile
-  namespace: security-profiles-operator
+  namespace: '{{ .Release.Namespace }}'
 ---
 apiVersion: apps/v1
 kind: Deployment