fix: use minio operator namespace to assemble CA bundle

- adds minio operator namespace setting as cli argument, env var, and helm chart value
- plumbs minio operator namespace to getMinioTenantClientInfo
- uses minio operator namespace to fetch operator-ca-tls* and external CA secrets
- update README with information

Author: benfiola

README.md

@@ -23,7 +23,7 @@ Examples of these resources can be found [here](./manifests/example-resources.ya
 >
 > Read [this](https://github.com/benfiola/minio-operator-ext/issues/16#issuecomment-2401553200) if you are updating from version 1.X.X to version 2.X.X of the operator.
 
-Use [helm](https://helm.sh/) to install the operator:
+Use [helm](https://helm.sh/) to install the operator in the same namespace as the MinIO operator itself. If _minio-operator-ext_ is not deployed to the same namespace as the MinIO operator - you must provide the `minio-operator-namespace` setting as defined below in the 'Configuration' section.
 
 ```shell
 # add the minio-operator-ext helm chart repository
@@ -40,12 +40,15 @@ Documentation for these helm charts can be found [here](https://benfiola.github.
 
 The operator is hosted on docker hub and can be found at [docker.io/benfiola/minio-operator-ext](https://hub.docker.com/r/benfiola/minio-operator-ext).
 
+### Configuration
+
 The following arguments/environment variables configure the operator:
 
-| CLI             | Env                              | Default | Description                                                                      |
-| --------------- | -------------------------------- | ------- | -------------------------------------------------------------------------------- |
-| _--log-level_   | _MINIO_OPERATOR_EXT_LOG_LEVEL_   | `info`  | Logging verbosity for the operator                                               |
-| _--kube-config_ | _MINIO_OPERATOR_EXT_KUBE_CONFIG_ | `null`  | Optional path to a kubeconfig file. When omitted, uses in-cluster configuration. |
+| CLI                          | Env                                           | Helm Chart               | Default | Description                                                                      |
+| ---------------------------- | --------------------------------------------- | ------------------------ | ------- | -------------------------------------------------------------------------------- |
+| _--log-level_                | _MINIO_OPERATOR_EXT_LOG_LEVEL_                | _logLevel_               | `info`  | Logging verbosity for the operator                                               |
+| _--kube-config_              | _MINIO_OPERATOR_EXT_KUBE_CONFIG_              |                          | `null`  | Optional path to a kubeconfig file. When omitted, uses in-cluster configuration. |
+| _--minio-operator-namespace_ | _MINIO_OPERATOR_EXT_MINIO_OPERATOR_NAMESPACE_ | _minioOperatorNamespace_ | ``      | Namespace of MinIO operator. When omitted, uses _minio-operator-ext_ namespace.  |
 
 ### RBAC
 

charts/operator/templates/deployment.yaml

@@ -37,6 +37,15 @@ spec:
           imagePullPolicy: {{ .Values.image.pullPolicy }}
           args:
             - run
+          env:
+            {{- if .Values.logLevel }}
+            - name: MINIO_OPERATOR_EXT_LOG_LEVEL
+              value: "{{ .Values.logLevel }}"
+            {{- end }}
+            {{- if .Values.minioOperatorNamespace }}
+            - name: MINIO_OPERATOR_EXT_MINIO_OPERATOR_NAMESPACE
+              value: "{{ .Values.minioOperatorNamespace }}"
+            {{- end }}
           livenessProbe:
             {{- toYaml .Values.livenessProbe | nindent 12 }}
           readinessProbe:

charts/operator/values.yaml

@@ -99,3 +99,9 @@ tolerations: []
 
 # -- Specify which node's affinities operator workloads will prefer
 affinity: {}
+
+# -- Specify the operator's log level
+logLevel: ""
+
+# -- Specify the namespace of the MinIO Operator
+minioOperatorNamespace: ""

cmd/operator/operator.go

@@ -87,6 +87,12 @@ func main() {
 						EnvVars: []string{"MINIO_OPERATOR_EXT_KUBE_CONFIG"},
 						Value:   "",
 					},
+					&cli.StringFlag{
+						Name:    "minio-operator-namespace",
+						Usage:   "namespace of MinIO operator",
+						EnvVars: []string{"MINIO_OPERATOR_EXT_MINIO_OPERATOR_NAMESPACE"},
+						Value:   "",
+					},
 				},
 				Action: func(c *cli.Context) error {
 					l, ok := c.Context.Value(ContextLogger{}).(*slog.Logger)
@@ -95,8 +101,9 @@ func main() {
 					}
 
 					s, err := operator.New(&operator.Opts{
-						KubeConfig: c.String("kube-config"),
-						Logger:     l,
+						KubeConfig:             c.String("kube-config"),
+						Logger:                 l,
+						MinioOperatorNamespace: c.String("minio-operator-namespace"),
 					})
 					if err != nil {
 						return err

dev/dev.go.template

@@ -17,6 +17,7 @@ func runOperator() error {
 	o, err := operator.New(&operator.Opts{
 		Logger:     l,
 		KubeConfig: filepath.Join("..", ".dev", "kube-config.yaml"),
+		MinioOperatorNamespace: "default",
 	})
 	if err != nil {
 		return err

internal/operator/main.go

@@ -32,8 +32,9 @@ type Main struct {
 
 // Opts define the options used to create a new instance of [Main]
 type Opts struct {
-	Logger     *slog.Logger
-	KubeConfig string
+	Logger                 *slog.Logger
+	KubeConfig             string
+	MinioOperatorNamespace string
 }
 
 // Creates a new instance of [Main] with the provided [Opts].
@@ -45,8 +46,9 @@ func New(o *Opts) (*Main, error) {
 
 	klog.SetSlogLogger(l.With("name", "klog"))
 	op, err := NewOperator(&OperatorOpts{
-		Logger:     l.With("name", "operator"),
-		KubeConfig: o.KubeConfig,
+		Logger:                 l.With("name", "operator"),
+		KubeConfig:             o.KubeConfig,
+		MinioOperatorNamespace: o.MinioOperatorNamespace,
 	})
 	if err != nil {
 		return nil, err