From f397fcb71b75393fae9a3f2f0ba34845b9470969 Mon Sep 17 00:00:00 2001
From: Rob Scott <rob.scott87@gmail.com>
Date: Fri, 30 Nov 2018 11:10:35 -0500
Subject: [PATCH] small bits of documentation and code cleanup

---
 docs/index.md                          | 22 ++++++++++++++++++++++
 pkg/controller/namespace/controller.go |  3 ++-
 version/version.go                     |  1 +
 3 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/docs/index.md b/docs/index.md
index d76fb3b9..e2f1cec3 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -86,6 +86,28 @@ kubectl apply -f deploy/
 
 Once RBAC Manager is installed in your cluster, you'll be able to deploy RBAC Definitions to your cluster. There are examples of these custom resources above as well as in the examples directory of this repository.
 
+## Dynamic Namespaces and Labels
+RBAC Definitions can now include `namespaceSelectors` in place of `namespace` attributes when specifying Role Binding configuration. This can be incredibly helpful when working with dynamically provisioned namespaces.
+
+```yaml
+apiVersion: rbacmanager.reactiveops.io/v1beta1
+kind: RBACDefinition
+metadata:
+  name: dev-access
+rbacBindings:
+  - name: dev-team
+    subjects:
+      - kind: Group
+        name: dev-team
+    roleBindings:
+      - clusterRole: edit
+        namespaceSelector:
+          matchLabels:
+            team: dev
+```
+
+In the example above, Role Bindings would automatically get created for each Namespace with a `team=dev` label.
+
 ## Further Reading
 
 ### RBAC Definitions
diff --git a/pkg/controller/namespace/controller.go b/pkg/controller/namespace/controller.go
index 28d24376..696e15e3 100644
--- a/pkg/controller/namespace/controller.go
+++ b/pkg/controller/namespace/controller.go
@@ -100,6 +100,7 @@ func (r *ReconcileNamespace) Reconcile(request reconcile.Request) (reconcile.Res
 
 func reconcileNamespace(config *rest.Config, namespace *v1.Namespace) error {
 	var err error
+	var rbacDefList rbacmanagerv1beta1.RBACDefinitionList
 	rdr := rbacdefinition.Reconciler{}
 
 	// Full Kubernetes ClientSet is required because RBAC types don't
@@ -110,7 +111,7 @@ func reconcileNamespace(config *rest.Config, namespace *v1.Namespace) error {
 		return err
 	}
 
-	rbacDefList, err := getRbacDefinitions(config)
+	rbacDefList, err = getRbacDefinitions(config)
 
 	for _, rbacDef := range rbacDefList.Items {
 		err = rdr.ReconcileNamespaceChange(&rbacDef, namespace)
diff --git a/version/version.go b/version/version.go
index 696a4795..f43662ce 100644
--- a/version/version.go
+++ b/version/version.go
@@ -15,5 +15,6 @@
 package version
 
 var (
+	// Version represents the current version of RBAC Manager
 	Version = "0.5.0"
 )