A workspace allows you to group a set of resources from Kubernetes based on namespaces, Helm releases, or labels. With integrated RBAC, monitoring, workload management, and pipeline integrations, workspaces provide self-service capabilities to any team.
Once a cluster is connected, you can add a new workspace. In your organization, navigate to Workspaces and add a new workspace. There’s two steps you need to complete:
If you have a cluster with existing workloads, you can import these into a workspace. Select the namespaces, Helm releases, or labels, that you want to include in your workspace. They act as filters, so changes to resources inside these filters will be applied to your workspace automatically. You can also skip this step and start with a blank workspace. You can use the built-in tools to create namespaces, deploy Kubernetes manifests, or containers from a registry.
Add users, or select them from your organization. You can define their permissions based on pre-defined groups (Read more about RBAC).
That’s it, your workspace dashboard will be ready immediately. The members you invited will receive an email to join the workspace. You can now start monitoring resources on the cluster, troubleshoot issues, or use built-in pipeline tools to create new deployments.
Since workspaces are stored as Custom Resource Definitions (CRD) on your cluster, you can also define them via YAML manifests. This allows you to automate provisioning workspaces und users from pipelines, or during onboarding workflows of team members.The following CRDs are used for this workflow with APIVersion mogenius.com/v1alpha1:
apiVersion: mogenius.com/v1alpha1kind: Workspacemetadata: creationTimestamp: '2025-03-27T21:06:24Z' generation: 2 name: exampleworkspace namespace: mogenius resourceVersion: '4362774' uid: b400fefe-7678-4548-bd21-14c8e1781b73spec: resources: - id: gitea # Identifies the namespace that should be added to the workspace type: namespace - id: discourse namespace: discourse type: helm # Add type: helm if you want to add resources only from a specific Helm releasestatus: {}
Workspace users are managed on the cluster with the CRD User.
Copy
Ask AI
apiVersion: mogenius.com/v1alpha1kind: Usermetadata: creationTimestamp: '2025-02-10T08:42:11Z' generation: 1 name: user-12d19670-2b9d-5320-ae2e-cb728fc4f70b namespace: mogenius resourceVersion: '1296441' uid: a30ea67d-d3a8-4be6-8c5d-b8ab45ef57ccspec: email: email@example.com # An invitation email will be sent to the user to set up login credentials firstName: Linus lastName: Torvaldsstatus: {}
With a Grant you assign users to workspaces and define their permission within the workspace.
Copy
Ask AI
apiVersion: mogenius.com/v1alpha1kind: Grantmetadata: creationTimestamp: '2025-02-25T13:28:47Z' generation: 1 name: grant-0e98deb9-5872-4e3d-8417-19031aa1950e namespace: mogenius resourceVersion: '2929550' uid: 223c3854-6b5f-4583-89c1-76b4278df4c0spec: grantee: user-12d19670-2b9d-5320-ae2e-cb728fc4f70b # Retrieve this from the name of the User CRD role: viewer # Can be viewer, editor, or admin targetName: teamspace # The ID of the workspace where the user will be added targetType: workspacestatus: {}