diff --git a/operator/src/main/java/io/strimzi/kafka/access/KafkaAccessOperator.java b/operator/src/main/java/io/strimzi/kafka/access/KafkaAccessOperator.java index 72a6030..20d5489 100644 --- a/operator/src/main/java/io/strimzi/kafka/access/KafkaAccessOperator.java +++ b/operator/src/main/java/io/strimzi/kafka/access/KafkaAccessOperator.java @@ -6,6 +6,9 @@ import io.javaoperatorsdk.operator.Operator; import io.strimzi.kafka.access.server.HealthServlet; +import java.util.Arrays; +import java.util.Set; +import java.util.stream.Collectors; import org.eclipse.jetty.server.Server; import org.eclipse.jetty.servlet.ServletHandler; import org.slf4j.Logger; @@ -28,7 +31,16 @@ public static void main(final String[] args) { LOGGER.info("Kafka Access operator starting"); final Operator operator = new Operator(overrider -> overrider .withUseSSAToPatchPrimaryResource(false)); - operator.register(new KafkaAccessReconciler(operator.getKubernetesClient())); + + String strimziNamespace = System.getenv("STRIMZI_NAMESPACE"); + Set namespaces = + strimziNamespace == null ? Set.of() : + Arrays.stream(strimziNamespace.split(",")) + .map(String::trim) + .collect(Collectors.toSet()); + + operator.register(new KafkaAccessReconciler(operator.getKubernetesClient()), + o -> o.settingNamespaces(namespaces)); operator.start(); Server server = new Server(HEALTH_CHECK_PORT); ServletHandler handler = new ServletHandler(); diff --git a/packaging/install/060-RoleBinding.yaml b/packaging/install/060-RoleBinding.yaml new file mode 100644 index 0000000..fd1f525 --- /dev/null +++ b/packaging/install/060-RoleBinding.yaml @@ -0,0 +1,15 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: strimzi-access-operator + namespace: myproject + labels: + app: strimzi-access-operator +subjects: + - kind: ServiceAccount + name: strimzi-access-operator + namespace: myproject +roleRef: + kind: ClusterRole + name: strimzi-access-operator + apiGroup: rbac.authorization.k8s.io \ No newline at end of file