From 78fabc0ce81da0c48e3e2a5b3a14ca8073044f1e Mon Sep 17 00:00:00 2001 From: Tiago Silva Date: Mon, 2 Dec 2024 16:07:48 +0000 Subject: [PATCH] [buddy] feat(charts): Give the possibility to add labels on more resources (#49624) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat(charts): Give the possibility to add labels on more resources Currently it's possible to add labels on Jobs but not on Pods created by the Job. Let's allow it. Same problem on operator subchart for deployments and pod created by the deployment. * Fix doc indentation * fix typo --------- Signed-off-by: Tiago Silva Co-authored-by: emmanuel.lagree Co-authored-by: Emmanuel Lagrée <36861662+elagree@users.noreply.github.com> --- .../zz_generated.teleport-operator.mdx | 20 ++++ .../helm-reference/teleport-cluster.mdx | 105 +++++++++++++++++- .../teleport-operator/.lint/labels.yaml | 10 ++ .../templates/deployment.yaml | 12 +- .../tests/deployment_test.yaml | 19 ++++ .../charts/teleport-operator/values.yaml | 9 ++ .../templates/auth/predeploy_job.yaml | 6 + .../templates/proxy/predeploy_job.yaml | 6 + .../tests/predeploy_test.yaml | 41 +++++++ examples/chart/teleport-cluster/values.yaml | 3 + 10 files changed, 228 insertions(+), 3 deletions(-) create mode 100644 examples/chart/teleport-cluster/charts/teleport-operator/.lint/labels.yaml diff --git a/docs/pages/includes/helm-reference/zz_generated.teleport-operator.mdx b/docs/pages/includes/helm-reference/zz_generated.teleport-operator.mdx index 8fce50395c01d..a1cda3b612cda 100644 --- a/docs/pages/includes/helm-reference/zz_generated.teleport-operator.mdx +++ b/docs/pages/includes/helm-reference/zz_generated.teleport-operator.mdx @@ -151,6 +151,26 @@ put on the `Pod` resources created by the chart. `annotations.serviceAccount` contains the Kubernetes annotations put on the `Deployment` resource created by the chart. +## `annotations` + +### `labels.deployment` + +| Type | Default | +|------|---------| +| `object` | `{}` | + +`labels.deployment` contains the Kubernetes labels +put on the `Deployment` resource created by the chart. + +### `labels.pod` + +| Type | Default | +|------|---------| +| `object` | `{}` | + +`labels.pod` contains the Kubernetes labels +put on the `Pod` resources created by the chart. + ## `serviceAccount` ### `serviceAccount.create` diff --git a/docs/pages/reference/helm-reference/teleport-cluster.mdx b/docs/pages/reference/helm-reference/teleport-cluster.mdx index aac3dccac9bab..b28c0c36540dd 100644 --- a/docs/pages/reference/helm-reference/teleport-cluster.mdx +++ b/docs/pages/reference/helm-reference/teleport-cluster.mdx @@ -655,6 +655,63 @@ the same Kubernetes cluster or installing the CRDs on your own you should not ha ## `operator` +### `operator.annotations.deployment` + +| Type | Default value | +|----------|---------------| +| `object` | `{}` | + +[Kubernetes reference](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) + +Kubernetes annotations which should be applied to the `Deployment` created by the chart. + +`values.yaml` example: + + ```yaml + operator: + annotations: + deployment: + kubernetes.io/annotation: value + ``` + +### `operator.annotations.pod` + +| Type | Default value | +|----------|---------------| +| `object` | `{}` | + +[Kubernetes reference](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) + +Kubernetes annotations which should be applied to the `Pod` created by the chart. + +`values.yaml` example: + + ```yaml + operator: + annotations: + pod: + kubernetes.io/annotation: value + ``` + +### `operator.annotations.serviceAccount` + +| Type | Default value | +|----------|---------------| +| `object` | `{}` | + +[Kubernetes reference](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) + +Kubernetes annotations which should be applied to the `ServiceAccount` created by the chart. + +`values.yaml` example: + + ```yaml + operator: + annotations: + serviceAccount: + kubernetes.io/annotation: value + ``` + ### `operator.enabled` | Type | Default value | @@ -671,7 +728,7 @@ If you are deploying multiple releases of the Helm chart in the same cluster you ```yaml operator: - enabled: true + enabled: true ``` ### `operator.image` @@ -692,6 +749,44 @@ This setting requires [`operator.enabled`](#operatorenabled). image: my.docker.registry/teleport-operator-image-name ``` +### `operator.labels.deployment` + +| Type | Default value | +|----------|---------------| +| `object` | `{}` | + +[Kubernetes reference](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) + +Kubernetes labels which should be applied to the `Deployment` created by the chart. + +`values.yaml` example: + + ```yaml + operator: + labels: + deployment: + label: value + ``` + +### `operator.labels.pod` + +| Type | Default value | +|----------|---------------| +| `object` | `{}` | + +[Kubernetes reference](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) + +Kubernetes labels which should be applied to the `Pod` created by the chart. + +`values.yaml` example: + + ```yaml + operator: + labels: + pod: + label: value + ``` + ### `operator.resources` | Type | Default value | @@ -1789,6 +1884,14 @@ is true. `extraLabels.job` are labels to set on the Job run by the Helm hook. +### `extraLabels.jobPod` + +| Type | Default value | +|----------|---------------| +| `object` | `{}` | + +`extraLabels.jobPod` are labels to set on the Pods created by the Job run by the Helm hook. + ### `extraLabels.persistentVolumeClaim` | Type | Default value | diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/.lint/labels.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/.lint/labels.yaml new file mode 100644 index 0000000000000..15d33de282dfa --- /dev/null +++ b/examples/chart/teleport-cluster/charts/teleport-operator/.lint/labels.yaml @@ -0,0 +1,10 @@ +labels: + deployment: + kubernetes.io/deployment: "test-label" + kubernetes.io/deployment-different: 3 + pod: + kubernetes.io/pod: "test-label" + kubernetes.io/pod-different: 4 +teleportAddress: "example.teleport.sh:443" +token: "my-operator-bot" +teleportClusterName: "example.teleport.sh" diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/templates/deployment.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/templates/deployment.yaml index cd6d67643d81e..ae0395a1c6bd8 100644 --- a/examples/chart/teleport-cluster/charts/teleport-operator/templates/deployment.yaml +++ b/examples/chart/teleport-cluster/charts/teleport-operator/templates/deployment.yaml @@ -4,7 +4,11 @@ kind: Deployment metadata: name: {{ include "teleport-cluster.operator.fullname" . }} namespace: {{ .Release.Namespace }} - labels: {{- include "teleport-cluster.operator.labels" . | nindent 4 }} + labels: + {{- include "teleport-cluster.operator.labels" . | nindent 4 }} + {{- if .Values.labels.deployment }} + {{- toYaml .Values.labels.deployment | nindent 4 }} + {{- end }} {{- if .Values.annotations.deployment }} annotations: {{- toYaml .Values.annotations.deployment | nindent 4 }} {{- end }} @@ -22,7 +26,11 @@ spec: {{- if .Values.annotations.pod }} annotations: {{- toYaml .Values.annotations.pod | nindent 8 }} {{- end }} - labels: {{- include "teleport-cluster.operator.labels" . | nindent 8 }} + labels: + {{- include "teleport-cluster.operator.labels" . | nindent 8 }} + {{- if .Values.labels.pod }} + {{- toYaml .Values.labels.pod | nindent 8 }} + {{- end }} spec: {{- if .Values.nodeSelector }} nodeSelector: {{- toYaml .Values.nodeSelector | nindent 8 }} diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/tests/deployment_test.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/tests/deployment_test.yaml index 56f8f5163280c..ca261d8056be4 100644 --- a/examples/chart/teleport-cluster/charts/teleport-operator/tests/deployment_test.yaml +++ b/examples/chart/teleport-cluster/charts/teleport-operator/tests/deployment_test.yaml @@ -59,6 +59,25 @@ tests: path: metadata.annotations.kubernetes\.io/deployment-different value: 3 + - it: sets labels when specified + values: + - ../.lint/labels.yaml + asserts: + # Pod labels + - equal: + path: spec.template.metadata.labels.kubernetes\.io/pod + value: test-label + - equal: + path: spec.template.metadata.labels.kubernetes\.io/pod-different + value: 4 + # Deployment labels + - equal: + path: metadata.labels.kubernetes\.io/deployment + value: test-label + - equal: + path: metadata.labels.kubernetes\.io/deployment-different + value: 3 + - it: should mount tls.existingCASecretName and set environment when set in values values: - ../.lint/existing-tls-ca.yaml diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/values.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/values.yaml index f576b26ce68df..e79f4bb4b5222 100644 --- a/examples/chart/teleport-cluster/charts/teleport-operator/values.yaml +++ b/examples/chart/teleport-cluster/charts/teleport-operator/values.yaml @@ -89,6 +89,15 @@ annotations: # put on the `Deployment` resource created by the chart. serviceAccount: {} +# annotations -- +labels: + # labels.deployment(object) -- contains the Kubernetes labels + # put on the `Deployment` resource created by the chart. + deployment: {} + # labels.pod(object) -- contains the Kubernetes labels + # put on the `Pod` resources created by the chart. + pod: {} + # serviceAccount -- serviceAccount: # serviceAccount.create(bool) -- controls if the chart should create the Kubernetes diff --git a/examples/chart/teleport-cluster/templates/auth/predeploy_job.yaml b/examples/chart/teleport-cluster/templates/auth/predeploy_job.yaml index d5a38e93ead74..c557c718042c3 100644 --- a/examples/chart/teleport-cluster/templates/auth/predeploy_job.yaml +++ b/examples/chart/teleport-cluster/templates/auth/predeploy_job.yaml @@ -17,6 +17,12 @@ metadata: spec: backoffLimit: 1 template: + metadata: + labels: + {{- include "teleport-cluster.auth.labels" . | nindent 8 }} + {{- if $auth.extraLabels.jobPod }} + {{- toYaml $auth.extraLabels.jobPod | nindent 8 }} + {{- end }} spec: {{- if $auth.affinity }} affinity: {{- toYaml $auth.affinity | nindent 8 }} diff --git a/examples/chart/teleport-cluster/templates/proxy/predeploy_job.yaml b/examples/chart/teleport-cluster/templates/proxy/predeploy_job.yaml index 0f4ddb4f7fff4..4484d9cadc095 100644 --- a/examples/chart/teleport-cluster/templates/proxy/predeploy_job.yaml +++ b/examples/chart/teleport-cluster/templates/proxy/predeploy_job.yaml @@ -17,6 +17,12 @@ metadata: spec: backoffLimit: 1 template: + metadata: + labels: + {{- include "teleport-cluster.proxy.labels" . | nindent 8 }} + {{- if $proxy.extraLabels.jobPod }} + {{- toYaml $proxy.extraLabels.jobPod | nindent 8 }} + {{- end }} spec: {{- if $proxy.affinity }} affinity: {{- toYaml $proxy.affinity | nindent 8 }} diff --git a/examples/chart/teleport-cluster/tests/predeploy_test.yaml b/examples/chart/teleport-cluster/tests/predeploy_test.yaml index 3ab3ad799e99c..7481cae5217df 100644 --- a/examples/chart/teleport-cluster/tests/predeploy_test.yaml +++ b/examples/chart/teleport-cluster/tests/predeploy_test.yaml @@ -133,6 +133,26 @@ tests: path: metadata.labels.baz value: overridden + - it: should set extraLabels.jobPod on auth predeploy job when set in values + template: auth/predeploy_job.yaml + set: + clusterName: helm-lint + extraLabels: + jobPod: + foo: bar + baz: override-me + auth: + extraLabels: + jobPod: + baz: overridden + asserts: + - equal: + path: spec.template.metadata.labels.foo + value: bar + - equal: + path: spec.template.metadata.labels.baz + value: overridden + - it: should set extraLabels on auth predeploy config when set in values template: auth/predeploy_config.yaml set: @@ -152,6 +172,7 @@ tests: - equal: path: metadata.labels.baz value: overridden + - it: should set extraLabels on proxy predeploy job when set in values template: proxy/predeploy_job.yaml set: @@ -172,6 +193,26 @@ tests: path: metadata.labels.baz value: overridden + - it: should set extraLabels.jobPod on proxy predeploy job when set in values + template: proxy/predeploy_job.yaml + set: + clusterName: helm-lint + extraLabels: + jobPod: + foo: bar + baz: override-me + proxy: + extraLabels: + jobPod: + baz: overridden + asserts: + - equal: + path: spec.template.metadata.labels.foo + value: bar + - equal: + path: spec.template.metadata.labels.baz + value: overridden + - it: should set extraLabels on proxy predeploy config when set in values template: proxy/predeploy_config.yaml set: diff --git a/examples/chart/teleport-cluster/values.yaml b/examples/chart/teleport-cluster/values.yaml index eba1e7c370a08..69344fc594897 100644 --- a/examples/chart/teleport-cluster/values.yaml +++ b/examples/chart/teleport-cluster/values.yaml @@ -654,6 +654,9 @@ extraLabels: ingress: {} # extraLabels.job(object) -- are labels to set on the Job run by the Helm hook. job: {} + # extraLabels.jobPod(object) -- are labels to set on the Pods created by the + # Job run by the Helm hook. + jobPod: {} # extraLabels.persistentVolumeClaim(object) -- are labels to set on the PersistentVolumeClaim. persistentVolumeClaim: {} # extraLabels.pod(object) -- are labels to set on the Pods created by the