From 366e7e5da2dc1cd2ef8ae40a38cde214973f9c1d Mon Sep 17 00:00:00 2001
From: dan mcweeney <mcweeney@adobe.com>
Date: Mon, 4 Nov 2019 13:27:41 -0500
Subject: [PATCH 1/5] Fixes #4711 - add a namespace configuration option to k8s
 container factory.

---
 .../kubernetes/KubernetesClient.scala            | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/core/invoker/src/main/scala/org/apache/openwhisk/core/containerpool/kubernetes/KubernetesClient.scala b/core/invoker/src/main/scala/org/apache/openwhisk/core/containerpool/kubernetes/KubernetesClient.scala
index 87a9a598498..e6407b5d35f 100644
--- a/core/invoker/src/main/scala/org/apache/openwhisk/core/containerpool/kubernetes/KubernetesClient.scala
+++ b/core/invoker/src/main/scala/org/apache/openwhisk/core/containerpool/kubernetes/KubernetesClient.scala
@@ -47,7 +47,7 @@ import spray.json._
 import scala.annotation.tailrec
 import scala.collection.mutable
 import scala.concurrent.duration._
-import scala.concurrent.{blocking, ExecutionContext, Future}
+import scala.concurrent.{ExecutionContext, Future, blocking}
 import scala.util.control.NonFatal
 import scala.util.{Failure, Success, Try}
 
@@ -76,6 +76,7 @@ case class KubernetesClientConfig(timeouts: KubernetesClientTimeoutConfig,
                                   invokerAgent: KubernetesInvokerAgentConfig,
                                   userPodNodeAffinity: KubernetesInvokerNodeAffinity,
                                   portForwardingEnabled: Boolean,
+                                  actionNamespace: Option[String] = None,
                                   podTemplate: Option[ConfigMapValue] = None)
 
 /**
@@ -93,10 +94,15 @@ class KubernetesClient(
     with ProcessRunner {
   implicit protected val ec = executionContext
   implicit protected val am = ActorMaterializer()
+  protected val configBuilder = new ConfigBuilder()
+    .withConnectionTimeout(config.timeouts.logs.toMillis.toInt)
+    .withRequestTimeout(config.timeouts.logs.toMillis.toInt)
+  config.actionNamespace match {
+    case Some(s) => configBuilder.withNamespace(s)
+    case _ =>
+  }
   implicit protected val kubeRestClient = new DefaultKubernetesClient(
-    new ConfigBuilder()
-      .withConnectionTimeout(config.timeouts.logs.toMillis.toInt)
-      .withRequestTimeout(config.timeouts.logs.toMillis.toInt)
+    configBuilder
       .build())
 
   private val podBuilder = new WhiskPodBuilder(kubeRestClient, config.userPodNodeAffinity, config.podTemplate)
@@ -441,7 +447,7 @@ protected[core] final case class TypedLogLine(time: Instant, stream: String, log
 
 protected[core] object TypedLogLine {
 
-  import KubernetesClient.{parseK8STimestamp, K8STimestampFormat}
+  import KubernetesClient.{K8STimestampFormat, parseK8STimestamp}
 
   def readInstant(json: JsValue): Instant = json match {
     case JsString(str) =>

From 38118365cbfddd13f46eab0920647202a74dec88 Mon Sep 17 00:00:00 2001
From: dan mcweeney <mcweeney@adobe.com>
Date: Mon, 4 Nov 2019 14:22:01 -0500
Subject: [PATCH 2/5] Fixes #4711 - add comment to conf file for k8s namespace
 setting

---
 core/invoker/src/main/resources/application.conf | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/core/invoker/src/main/resources/application.conf b/core/invoker/src/main/resources/application.conf
index b5187563c26..84a4543a2a3 100644
--- a/core/invoker/src/main/resources/application.conf
+++ b/core/invoker/src/main/resources/application.conf
@@ -77,7 +77,6 @@ whisk {
       key: "openwhisk-role"
       value: "invoker"
     }
-
     # Enables forwarding to remote port via a local random port. This mode is mostly useful
     # for development via Standalone mode
     port-forwarding-enabled = false
@@ -87,6 +86,10 @@ whisk {
     #  2. OR yaml formatted multi line string. See multi line config support https://github.com/lightbend/config/blob/master/HOCON.md#multi-line-strings
     #
     #pod-template =
+
+    # Set this optiona string to be the namespace that the invoker should target for adding pods. This allows the invoker to run in a namesapce it doesn't have API access to but add pods to another namespace. See also https://github.com/apache/openwhisk/issues/4711
+    # action-namespace = "ns-actions"
+
   }
 
   # Timeouts for runc commands. Set to "Inf" to disable timeout.

From abc9e40480ada2aa1e9d2f6dbfadda39a9b2c495 Mon Sep 17 00:00:00 2001
From: dan mcweeney <mcweeney@adobe.com>
Date: Mon, 4 Nov 2019 14:33:24 -0500
Subject: [PATCH 3/5] Fixes #4711 - add description of the default behavior of
 the KCF namespace settings when omitted

---
 core/invoker/src/main/resources/application.conf | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/core/invoker/src/main/resources/application.conf b/core/invoker/src/main/resources/application.conf
index 84a4543a2a3..0f59dd64b7d 100644
--- a/core/invoker/src/main/resources/application.conf
+++ b/core/invoker/src/main/resources/application.conf
@@ -87,7 +87,9 @@ whisk {
     #
     #pod-template =
 
-    # Set this optiona string to be the namespace that the invoker should target for adding pods. This allows the invoker to run in a namesapce it doesn't have API access to but add pods to another namespace. See also https://github.com/apache/openwhisk/issues/4711
+    # Set this optional string to be the namespace that the invoker should target for adding pods. This allows the invoker to run in a namesapce it doesn't have API access to but add pods to another namespace. See also https://github.com/apache/openwhisk/issues/4711
+    # When not set the underlying client may pickup the namesapce from the kubeconfig or via system property setting.
+    # See https://github.com/fabric8io/kubernetes-client#configuring-the-client for more information.
     # action-namespace = "ns-actions"
 
   }

From 6b91bf29ee4a4cf52b6d0e2704ac0498e7f8c459 Mon Sep 17 00:00:00 2001
From: dan mcweeney <mcweeney@adobe.com>
Date: Mon, 4 Nov 2019 15:50:58 -0500
Subject: [PATCH 4/5] ScalaFmt fixes

---
 .../core/containerpool/kubernetes/KubernetesClient.scala    | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/core/invoker/src/main/scala/org/apache/openwhisk/core/containerpool/kubernetes/KubernetesClient.scala b/core/invoker/src/main/scala/org/apache/openwhisk/core/containerpool/kubernetes/KubernetesClient.scala
index e6407b5d35f..22590614f79 100644
--- a/core/invoker/src/main/scala/org/apache/openwhisk/core/containerpool/kubernetes/KubernetesClient.scala
+++ b/core/invoker/src/main/scala/org/apache/openwhisk/core/containerpool/kubernetes/KubernetesClient.scala
@@ -47,7 +47,7 @@ import spray.json._
 import scala.annotation.tailrec
 import scala.collection.mutable
 import scala.concurrent.duration._
-import scala.concurrent.{ExecutionContext, Future, blocking}
+import scala.concurrent.{blocking, ExecutionContext, Future}
 import scala.util.control.NonFatal
 import scala.util.{Failure, Success, Try}
 
@@ -99,7 +99,7 @@ class KubernetesClient(
     .withRequestTimeout(config.timeouts.logs.toMillis.toInt)
   config.actionNamespace match {
     case Some(s) => configBuilder.withNamespace(s)
-    case _ =>
+    case _       =>
   }
   implicit protected val kubeRestClient = new DefaultKubernetesClient(
     configBuilder
@@ -447,7 +447,7 @@ protected[core] final case class TypedLogLine(time: Instant, stream: String, log
 
 protected[core] object TypedLogLine {
 
-  import KubernetesClient.{K8STimestampFormat, parseK8STimestamp}
+  import KubernetesClient.{parseK8STimestamp, K8STimestampFormat}
 
   def readInstant(json: JsValue): Instant = json match {
     case JsString(str) =>

From edf4a94f20db2c491020b622f71f4fa9a44c2d10 Mon Sep 17 00:00:00 2001
From: dan mcweeney <mcweeney@adobe.com>
Date: Tue, 5 Nov 2019 10:23:54 -0500
Subject: [PATCH 5/5] #4711 - make getting the builder be more idiomatic

---
 .../kubernetes/KubernetesClient.scala             | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

diff --git a/core/invoker/src/main/scala/org/apache/openwhisk/core/containerpool/kubernetes/KubernetesClient.scala b/core/invoker/src/main/scala/org/apache/openwhisk/core/containerpool/kubernetes/KubernetesClient.scala
index 22590614f79..cae0062184a 100644
--- a/core/invoker/src/main/scala/org/apache/openwhisk/core/containerpool/kubernetes/KubernetesClient.scala
+++ b/core/invoker/src/main/scala/org/apache/openwhisk/core/containerpool/kubernetes/KubernetesClient.scala
@@ -94,16 +94,13 @@ class KubernetesClient(
     with ProcessRunner {
   implicit protected val ec = executionContext
   implicit protected val am = ActorMaterializer()
-  protected val configBuilder = new ConfigBuilder()
-    .withConnectionTimeout(config.timeouts.logs.toMillis.toInt)
-    .withRequestTimeout(config.timeouts.logs.toMillis.toInt)
-  config.actionNamespace match {
-    case Some(s) => configBuilder.withNamespace(s)
-    case _       =>
+  implicit protected val kubeRestClient = {
+    val configBuilder = new ConfigBuilder()
+      .withConnectionTimeout(config.timeouts.logs.toMillis.toInt)
+      .withRequestTimeout(config.timeouts.logs.toMillis.toInt)
+    config.actionNamespace.foreach(configBuilder.withNamespace)
+    new DefaultKubernetesClient(configBuilder.build())
   }
-  implicit protected val kubeRestClient = new DefaultKubernetesClient(
-    configBuilder
-      .build())
 
   private val podBuilder = new WhiskPodBuilder(kubeRestClient, config.userPodNodeAffinity, config.podTemplate)