[feature request] Allow specifying namespace of Barman ObjectStore CR #741
Description
Currently, the ObjectStore referenced in a Cluster has to be in the same namespace. It would be helpful to be able to specify a namespace where the ObjectStore should be fetched from.
This can have security implications and there should probably a mechanism to enable or disable the access from a different namespace. This could be a flag in the ObjectStore itself.
e.g.:
---
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
name: test-cluster
namespace: cluster-namespace
spec:
instances: 3
plugins:
- name: barman-cloud.cloudnative-pg.io
isWALArchiver: true
parameters:
barmanObjectName: s3-store
barmanObjectNamespace: cnpg-system # Add the namespace here
---
apiVersion: barmancloud.cnpg.io/v1
kind: ObjectStore
metadata:
name: s3-store
namespace: cnpg-system
spec:
configuration:
destinationPath: <destination>
endpointURL: <endpoint>
s3Credentials: <s3Credentials>
# Configure namespace access
allowAccessFromNamespace: true
# Maybe allow explicitly specifying the namespace(s):
allowAccessFromNamespaces:
- cluster-namespace