Camila Macedo edited a comment on AEROGEAR-9089

Re: Change operator to watch specific namespaces and or labels Hi [~weil], bq. "the purpose of this change is to make sure the operator will only watch for the namespaces that we care about." *The impl in ks8 lib that will attend this definition properly, I mean without the need to use an alternative solution/workarround which could consequently cause impacts, issues and indeed a worst performance than "watch all", is NOT released in a version that we can use with OCP 3.11 and we are trying to check with its maintainers the possibility to release a new version just with it.*.  See [here|]https://github.com/kubernetes-sigs/controller-runtime/issues/413] and the mail raise in [groups|https://groups.google.com/forum/#!topic/kubebuilder/0qryHZYFEss]. Also, I send a private msg to the author of the solution who is a red hatter.   I have been trying to understand *WHY* is important for us to attend this definition? *Is it to achieve better performance or are you concerned about the security?* Note that *the reason for this definition* is very important for we are able to find the best and easier solution. For example, if the "reason/why" is to achieve a better performance than we need to be sure that any alternative solution will really bring it for the product and/or check the pros and cons of it at least. However, if the reason for it is security, could not we use other features to attend the same need, as for example, the OCP rules to ensure that the users will NOT able to use it out of the defined namespaces? Is it make sense?   *IMPORTANT*: *+I am an afraid that the solution applied in the [keycloak|https://github.com/integr8ly/keycloak-operator/blob/master/cmd/keycloak-operator/main.go#L66] can NOT be applied here+* and it no longer exists since the version [0.2.0|https://github.com/operator-framework/operator-sdk/tree/v0.2.0/pkg]. Note that [Keylock|https://github.com/integr8ly/keycloak-operator/blob/master/Gopkg.lock#L302] is using a very outdated version which is "0.0.7" (10 versions behind of the latest one) when the [mss-oper|https://github.com/aerogear/mobile-security-service-operator/blob/master/Gopkg.lock#L327] is using the latest one( "0.7.0" the latest one ) . c/c [~dffrench] [~peter.braun] [~chrisfoley] Add Comment

This message was sent by Atlassian Jira (v7.12.1#712002-sha1:609a505)