Skip to content

Introduce namespaces for memberships. #132

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Gerrit91 merged 17 commits into from
Sep 16, 2025
Merged

Introduce namespaces for memberships. #132

Gerrit91 merged 17 commits into from
Sep 16, 2025

Conversation

@Gerrit91
Copy link
Contributor

@Gerrit91 Gerrit91 commented Sep 3, 2025

Description

Closes #130.

@metal-robot metal-robot bot added the area: control-plane Affects the metal-stack control-plane area. label Sep 3, 2025
@metal-robot metal-robot bot added this to Development Sep 3, 2025
@Gerrit91 Gerrit91 force-pushed the membership-namespaces branch from c02760b to 10a34a7 Compare September 3, 2025 08:26
@Gerrit91 Gerrit91 marked this pull request as ready for review September 3, 2025 09:38
@Gerrit91 Gerrit91 requested a review from a team as a code owner September 3, 2025 09:38
@Gerrit91 Gerrit91 added the triage This should be talked about in the next planning. label Sep 8, 2025
@Gerrit91
Copy link
Contributor Author

Gerrit91 commented Sep 8, 2025

I need to provide more tests for this.

majst01
majst01 reviewed Sep 10, 2025
View reviewed changes
majst01
majst01 reviewed Sep 10, 2025
View reviewed changes
@Gerrit91 Gerrit91 changed the title Introduces namespaces for memberships. Introduce namespaces for memberships. Sep 10, 2025
@Gerrit91 Gerrit91 removed the triage This should be talked about in the next planning. label Sep 11, 2025
majst01
majst01 reviewed Sep 11, 2025
View reviewed changes
@Gerrit91
Copy link
Contributor Author

Gerrit91 commented Sep 15, 2025

So, I tested this out in multiple places now.

First, there are some fresh unit tests for this functionality.

Second, I built the existing repositories that use memberships (metal-apiserver and metalstack.cloud api-server) with this pull request and ensured that all tests are passing.

Third, I started this PR in the mini-lab and run it along with the metal-apiserver + the metalstack.cloud api-server. I ensured project invitations are now namespaced and that both servers do not see each other's memberships. The projects and tenants can be seen in both APIs of course by design.

Here are some extracts:

# from the masterdata-db you can see the metal-apiserver project members are now namespaced:
 4089aad1-cd60-417e-8622-7e284405b44b | {"meta": {"id": "4089aad1-cd60-417e-8622-7e284405b44b", "kind": "TenantMember", "apiversion": "v1", "annotations": {"metal-stack.io/tenant-role": "TENANT_ROLE_OWNER"}, "created_time": {"nanos": 475180591, "seconds": 1757938497}}, "member_id": "CiQwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDISBWxvY2Fs@oidc", "namespace": "metal-stack.io", "tenant_id": "CiQwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDISBWxvY2Fs@oidc"}
 83434f48-d736-412c-b4ee-fe173b72da6f | {"meta": {"id": "83434f48-d736-412c-b4ee-fe173b72da6f", "kind": "TenantMember", "apiversion": "v1", "annotations": {"metal-stack.io/tenant-role": "TENANT_ROLE_OWNER"}, "created_time": {"nanos": 762803446, "seconds": 1757938649}}, "member_id": "CiQwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDESBWxvY2Fs@oidc", "namespace": "metal-stack.io", "tenant_id": "CiQwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDESBWxvY2Fs@oidc"}

❯ mv2 project ls
ID                                    TENANT                                                             NAME    DESCRIPTION  CREATION DATE            
c2959d8f-3eef-4f6f-99fb-93a15793121e  CiQwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDISBWxvY2Fs@oidc  gerrit  test         2025-09-15 12:15:17 UTC  
❯ mv2 project member ls --project c2959d8f-3eef-4f6f-99fb-93a15793121e
ID                                                                 ROLE                 INHERITED  SINCE           
CiQwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDISBWxvY2Fs@oidc  PROJECT_ROLE_OWNER   false      12 minutes ago  
CiQwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDESBWxvY2Fs@oidc  PROJECT_ROLE_VIEWER  false      9 minutes ago  
# and with the metalstack.cloud CLI:
❯ metal project ls
ID                                    TENANT                                                             NAME             DESCRIPTION                                        CREATION DATE            
c2959d8f-3eef-4f6f-99fb-93a15793121e  CiQwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDISBWxvY2Fs@oidc  gerrit           test                                               2025-09-15 12:15:17 UTC  
d295661b-a29e-46ff-88e3-d11159581176  Gerrit91@github                                                    Default Project  Default project of Gerrit91@github                 2025-09-15 10:25:32 UTC  
5b25fc45-e250-48cd-bfc2-969da311c78e  [email protected]@google                                     Default Project  Default project of [email protected]@google  2025-09-15 10:38:40 UTC
❯ metal project member ls --project c2959d8f-3eef-4f6f-99fb-93a15793121e 
ID               ROLE                 INHERITED  SINCE           
Gerrit91@github  PROJECT_ROLE_VIEWER  false      17 seconds ago

@Gerrit91 Gerrit91 added the minor Breaking change or new feature, causes the release drafter to create a new minor version label Sep 15, 2025
@Gerrit91 Gerrit91 merged commit b1e7da1 into master Sep 16, 2025
1 check passed
@Gerrit91 Gerrit91 deleted the membership-namespaces branch September 16, 2025 11:33
majst01 pushed a commit that referenced this pull request Oct 6, 2025
@Gerrit91
Merge main into connect (#134)
c95105e 
* Introduce namespaces for memberships. (#132)

* Merge main into connect branch.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@majst01 majst01 majst01 approved these changes

Assignees

No one assigned

Labels

area: control-plane Affects the metal-stack control-plane area. minor Breaking change or new feature, causes the release drafter to create a new minor version

Projects

Development
Archived in project

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Support Scoped Memberships

3 participants

@Gerrit91 @majst01