https://issues.redhat.com/browse/ACM-16183 #7361
Conversation
| @@ -92,6 +97,8 @@ spec: | |||
| - `disable-cert-rotation` | |||
| - `client-cert-name` | |||
| - `tls-min-version` | |||
| <5> Use the `config` section to exclude namespaces from certain processes for all constraints on your hub cluster. | |||
| <6> The supported values for the `disableDefaultMatches` parameter are `true` and `false`. When you set the parameter to `true` the namespaces are not added to `excludedNamespaces` in the `config` custom resource of the Gatekeeper operator. | |||
There was a problem hiding this comment.
DisableDefaultMatches is a boolean parameter that disables appending the default exempt namespaces provided by the Gatekeeper Operator, typically related to OpenShift or Kubernetes system namespaces (e.g., openshift-node, openshift-dns). By default, this parameter is set to false, allowing the default namespaces (like openshift-*) to be appended.
There was a problem hiding this comment.
@yiraeChristineKim thanks for this! Is it important to mention what type of namespaces are expected? Are OpenShift or Kubernetes system namespaces the only supported values, or can users input different system namespaces?
There was a problem hiding this comment.
"hypershift", "hive", "rhacs-operator", "open-cluster-*", "openshift-*"
This is the list of namespaces we added by default. Mentioning this can help reduce user confusion.
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: dockerymick, jc-berger, yiraeChristineKim The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
New changes are detected. LGTM label has been removed. |
No description provided.