Scope
Defines a set of settings that are accessible by a specific group of users.
A Scope is used to control access to settings in the HobbyFarm UI. For example, a setting that is only accessible by administrators would be assigned to the admin-ui scope.
Kubernetes Commands
The following commands are useful for managing Scope resources in Kubernetes.
## Get a list of all Scopes
kubectl get scopes -n hobbyfarm-system
## Create a Scope from a YAML manifest
kubectl apply -f {scopeManifest} -n hobbyfarm-system
## Edit a Scope
kubectl edit scope {scopeName} -n hobbyfarm-system
## Backup a Scope to a YAML manifest
kubectl get scope {scopeName} -n hobbyfarm-system -o yaml > {scopeManifest}
## Delete a Scope
kubectl delete scope {scopeName} -n hobbyfarm-system
Example Scope Manifests
The following shows an example of a Scope manifest in Kubernetes.
## Public Scope
apiVersion: hobbyfarm.io/v1
displayName: Public
kind: Scope
metadata:
name: public
namespace: hobbyfarm-system
---
## User UI Scope
apiVersion: hobbyfarm.io/v1
displayName: User UI
kind: Scope
metadata:
name: user-ui
namespace: hobbyfarm-system
---
## Admin UI Scope
apiVersion: hobbyfarm.io/v1
displayName: Admin UI
kind: Scope
metadata:
name: admin-ui
namespace: hobbyfarm-system
---
## Gargarntua Scope
apiVersion: hobbyfarm.io/v1
displayName: Admin UI
kind: Scope
metadata:
name: gargantua
namespace: hobbyfarm-system
Default Scopes
The following scopes are available in HobbyFarm by default:
| Scope | Description | Examples |
|---|---|---|
| public | Settings which are publicly accessible. | Disabling of User Registration. |
| user-ui | Settings which are accessible in the user-ui. | N/A |
| admin-ui | Settings which are accessible in the admin-ui. | MOTD in the admin-ui. |
| gargantua | Settings which are used by the Gargantua backend. | ScheduledEvent Retention Time. |
NOTE: All settings are accessible by administrators, regardless of the assigned Scope, based on RBAC rules.
Use with Settings Resource
A Scope works in conjunction with the hobbyfarm.io/setting-scope label on a Setting resource. The label defines which scope a setting belongs to. For example, a setting that is assigned to the admin-ui scope would have the label hobbyfarm.io/setting-scope: admin-ui.
- Scopes can also be created by operators or any HobbyFarm compatible application. For example, an AWS Provisioning Operator could generate an
awsscope. - A Scope is applied to a Setting via a label using the key
hobbyfarm.io/setting-scopewith the value of the scope name. For example:hobbyfarm.io/setting-scope: publichobbyfarm.io/setting-scope: user-uihobbyfarm.io/setting-scope: admin-uihobbyfarm.io/setting-scope: gargantua