From 4baa3ae707f5a7901a176d07a89846b313407d09 Mon Sep 17 00:00:00 2001
From: Willem <wrolleman@nationtech.io>
Date: Wed, 2 Jul 2025 14:06:08 -0400
Subject: [PATCH] feat: added default resource limit and request to k8s tenant

---
 harmony/src/domain/topology/tenant/k8s.rs | 43 ++++++++++++++++++++++-
 1 file changed, 42 insertions(+), 1 deletion(-)

diff --git a/harmony/src/domain/topology/tenant/k8s.rs b/harmony/src/domain/topology/tenant/k8s.rs
index 705b0c4..3f94caa 100644
--- a/harmony/src/domain/topology/tenant/k8s.rs
+++ b/harmony/src/domain/topology/tenant/k8s.rs
@@ -8,7 +8,7 @@ use async_trait::async_trait;
 use derive_new::new;
 use k8s_openapi::{
     api::{
-        core::v1::{Namespace, ResourceQuota},
+        core::v1::{LimitRange, Namespace, ResourceQuota},
         networking::v1::{
             NetworkPolicy, NetworkPolicyEgressRule, NetworkPolicyIngressRule, NetworkPolicyPort,
         },
@@ -132,6 +132,43 @@ impl K8sTenantManager {
         })
     }
 
+    fn build_limit_range(&self, config: &TenantConfig) -> Result<LimitRange, ExecutorError> {
+        let limit_range = json!({
+          "apiVersion": "v1",
+          "kind": "LimitRange",
+          "metadata": {
+            "name": format!("{}-defaults", config.name),
+            "labels": {
+              "harmony.nationtech.io/tenant.id": config.id.to_string(),
+              "harmony.nationtech.io/tenant.name": config.name,
+            },
+            "namespace": self.get_namespace_name(config),
+          },
+          "spec": {
+            "limits": [
+              {
+                "type": "Container", 
+                "default": {
+                  "cpu": "500m",
+                  "memory": "500Mi"
+                },
+                "defaultRequest": {
+                  "cpu": "100m",
+                  "memory": "100Mi"
+                },
+              }
+            ]
+          }
+        });
+
+        serde_json::from_value(limit_range).map_err(|e| {
+            ExecutorError::ConfigurationError(format!(
+                "Could not build TenantManager LimitRange. {}",
+                e
+            ))
+        })
+    }
+
     fn build_network_policy(&self, config: &TenantConfig) -> Result<NetworkPolicy, ExecutorError> {
         let network_policy = json!({
           "apiVersion": "networking.k8s.io/v1",
@@ -328,6 +365,7 @@ impl TenantManager for K8sTenantManager {
         let namespace = self.build_namespace(config)?;
         let resource_quota = self.build_resource_quota(config)?;
         let network_policy = self.build_network_policy(config)?;
+        let resource_limit_range = self.build_limit_range(config)?;
 
         self.ensure_constraints(&namespace)?;
 
@@ -337,6 +375,9 @@ impl TenantManager for K8sTenantManager {
         debug!("Creating resource_quota for tenant {}", config.name);
         self.apply_resource(resource_quota, config).await?;
 
+        debug!("Creating limit_range for tenant {}", config.name);
+        self.apply_resource(resource_limit_range, config).await?;
+
         debug!("Creating network_policy for tenant {}", config.name);
         self.apply_resource(network_policy, config).await?;