diff --git a/pkg/controller/manager/manager_controller.go b/pkg/controller/manager/manager_controller.go index 679e8f0f4f..1a7ad5c287 100644 --- a/pkg/controller/manager/manager_controller.go +++ b/pkg/controller/manager/manager_controller.go @@ -34,6 +34,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/source" v3 "github.com/tigera/api/pkg/apis/projectcalico/v3" + operatorv1 "github.com/tigera/operator/api/v1" "github.com/tigera/operator/pkg/common" "github.com/tigera/operator/pkg/controller/certificatemanager" @@ -658,6 +659,7 @@ func (r *ReconcileManager) Reconcile(ctx context.Context, request reconcile.Requ Replicas: replicas, Compliance: complianceCR, ComplianceLicenseActive: complianceLicenseFeatureActive, + ComplianceNamespace: utils.NewNamespaceHelper(r.multiTenant, render.ComplianceNamespace, request.Namespace).InstallNamespace(), UsePSP: r.usePSP, Namespace: helper.InstallNamespace(), TruthNamespace: helper.TruthNamespace(), diff --git a/pkg/render/manager.go b/pkg/render/manager.go index f73306f74a..78a18be683 100644 --- a/pkg/render/manager.go +++ b/pkg/render/manager.go @@ -159,6 +159,7 @@ type ManagerConfiguration struct { Replicas *int32 Compliance *operatorv1.Compliance ComplianceLicenseActive bool + ComplianceNamespace string // Whether the cluster supports pod security policies. UsePSP bool @@ -498,7 +499,7 @@ func (c *managerComponent) voltronContainer() corev1.Container { env := []corev1.EnvVar{ {Name: "VOLTRON_PORT", Value: defaultVoltronPort}, - {Name: "VOLTRON_COMPLIANCE_ENDPOINT", Value: fmt.Sprintf("https://compliance.%s.svc.%s", c.cfg.Namespace, c.cfg.ClusterDomain)}, + {Name: "VOLTRON_COMPLIANCE_ENDPOINT", Value: fmt.Sprintf("https://compliance.%s.svc.%s", c.cfg.ComplianceNamespace, c.cfg.ClusterDomain)}, {Name: "VOLTRON_LOGLEVEL", Value: "Info"}, {Name: "VOLTRON_KIBANA_ENDPOINT", Value: rkibana.HTTPSEndpoint(c.SupportedOSType(), c.cfg.ClusterDomain)}, {Name: "VOLTRON_KIBANA_BASE_PATH", Value: fmt.Sprintf("/%s/", KibanaBasePath)},