quarkiverse · Jamstah · Jul 10, 2023
@@ -1,11 +1,15 @@
 package io.quarkiverse.operatorsdk.deployment;
 
+import static io.javaoperatorsdk.operator.api.reconciler.Constants.DEFAULT_NAMESPACES_SET;
+import static io.javaoperatorsdk.operator.api.reconciler.Constants.WATCH_CURRENT_NAMESPACE_SET;
 import static io.quarkiverse.operatorsdk.deployment.AddClusterRolesDecorator.getClusterRoleName;
 
 import java.util.ArrayList;
 import java.util.Collection;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Optional;
+import java.util.Set;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.ConcurrentMap;
 
@@ -54,8 +58,15 @@ private List<HasMetadata> bindingsFor(QuarkusControllerConfiguration<?> controll
             String serviceAccountName) {
         final var controllerName = controllerConfiguration.getName();
 
-        // retrieve which namespaces should be used to generate either from annotation or from the build time configuration
-        final var desiredWatchedNamespaces = controllerConfiguration.getNamespaces();
+        // retrieve which namespaces should be used to generate:
+        // - If namespaces were set in the controller configuration, use those because the manifests need to match the build time configuration
+        // - If namespaces weren't set in the configuration, use the manifest configuration
+        // - If the manifest configuration wasn't set, use the java operator SDK default
+        final var desiredWatchedNamespaces = controllerConfiguration.isWereNamespacesSet()
+                ? new HashSet<String>(controllerConfiguration.getNamespaces())
+                : operatorConfiguration.manifest.generateWithWatchedNamespaces.isPresent()
+                        ? new HashSet<String>(operatorConfiguration.manifest.generateWithWatchedNamespaces.get())
+                        : DEFAULT_NAMESPACES_SET;
 
         // if we validate the CRDs, also create a binding for the CRD validating role
         List<HasMetadata> itemsToAdd;
@@ -71,10 +82,10 @@ private List<HasMetadata> bindingsFor(QuarkusControllerConfiguration<?> controll
         }
 
         final var roleBindingName = controllerName + "-role-binding";
-        if (controllerConfiguration.watchCurrentNamespace()) {
+        if (currentNamespaceWatched(desiredWatchedNamespaces)) {
             // create a RoleBinding that will be applied in the current namespace if watching only the current NS
             itemsToAdd.add(createRoleBinding(roleBindingName, controllerName, serviceAccountName, null));
-        } else if (controllerConfiguration.watchAllNamespaces()) {
+        } else if (allNamespacesWatched(desiredWatchedNamespaces)) {
             itemsToAdd.add(createClusterRoleBinding(serviceAccountName, controllerName,
                     controllerName + "-cluster-role-binding", "watch all namespaces",
                     getClusterRoleName(controllerName)));
@@ -128,4 +139,12 @@ private static void outputWarningIfNeeded(String controllerName, String crBindin
                     controllerName, crBindingName);
         }
     }
+
+    static boolean allNamespacesWatched(Set<String> namespaces) {
+        return DEFAULT_NAMESPACES_SET.equals(namespaces);
+    }
+
+    static boolean currentNamespaceWatched(Set<String> namespaces) {
+        return WATCH_CURRENT_NAMESPACE_SET.equals(namespaces);
+    }
 }
@@ -23,6 +23,12 @@ public class BuildTimeOperatorConfiguration {
     @ConfigItem
     public CRDConfiguration crd;
 
+    /**
+     * The optional manifest-related configuration options
+     */
+    @ConfigItem
+    public ManifestConfiguration manifest;
+
     /**
      * Whether controllers should only process events if the associated resource generation has
      * increased since last reconciliation, otherwise will process all events. Sets the default value

@@ -0,0 +1,18 @@
+package io.quarkiverse.operatorsdk.runtime;
+
+import java.util.List;
+import java.util.Optional;
+
+import io.quarkus.runtime.annotations.ConfigGroup;
+import io.quarkus.runtime.annotations.ConfigItem;
+
+@ConfigGroup
+public class ManifestConfiguration {
+
+    /**
+     * The namespaces that the generated manifests should watch.
+     */
+    @ConfigItem
+    public Optional<List<String>> generateWithWatchedNamespaces;
+
+}
@@ -122,6 +122,22 @@ endif::add-copy-button-to-env-var[]
 |`false`
 
 
+a|icon:lock[title=Fixed at build time] [[quarkus-operator-sdk_quarkus.operator-sdk.manifest.generate-with-watched-namespaces]]`link:#quarkus-operator-sdk_quarkus.operator-sdk.manifest.generate-with-watched-namespaces[quarkus.operator-sdk.manifest.generate-with-watched-namespaces]`
+
+[.description]
+--
+The namespaces that the generated manifests should watch
+
+ifdef::add-copy-button-to-env-var[]
+Environment variable: env_var_with_copy_button:+++QUARKUS_OPERATOR_SDK_MANIFEST_GENERATE_WITH_WATCHED_NAMESPACES+++[]
+endif::add-copy-button-to-env-var[]
+ifndef::add-copy-button-to-env-var[]
+Environment variable: `+++QUARKUS_OPERATOR_SDK_MANIFEST_GENERATE_WITH_WATCHED_NAMESPACES+++`
+endif::add-copy-button-to-env-var[]
+--|list of string 
+|
+
+
 a|icon:lock[title=Fixed at build time] [[quarkus-operator-sdk_quarkus.operator-sdk.generation-aware]]`link:#quarkus-operator-sdk_quarkus.operator-sdk.generation-aware[quarkus.operator-sdk.generation-aware]`
 
 [.description]