From 4154eb78d24d4204a853667e3e8ae0ccef2cdee2 Mon Sep 17 00:00:00 2001 From: Tiago Silva Date: Mon, 2 Dec 2024 17:05:07 +0000 Subject: [PATCH] [v15] [buddy] feat(charts): Give the possibility to add labels on more resources (#49649) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat(charts): Give the possibility to add labels on more resources Currently it's possible to add labels on Jobs but not on Pods created by the Job. Let's allow it. Same problem on operator subchart for deployments and pod created by the deployment. * Fix doc indentation * fix typo --------- Co-authored-by: emmanuel.lagree Co-authored-by: Emmanuel Lagrée <36861662+elagree@users.noreply.github.com> --- .../zz_generated.teleport-operator.mdx | 20 ++++ .../helm-reference/teleport-cluster.mdx | 105 +++++++++++++++++- .../teleport-operator/.lint/labels.yaml | 10 ++ .../templates/deployment.yaml | 12 +- .../tests/deployment_test.yaml | 19 ++++ .../charts/teleport-operator/values.yaml | 9 ++ .../templates/auth/predeploy_job.yaml | 6 + .../templates/proxy/predeploy_job.yaml | 6 + .../tests/predeploy_test.yaml | 41 +++++++ examples/chart/teleport-cluster/values.yaml | 3 + 10 files changed, 228 insertions(+), 3 deletions(-) create mode 100644 examples/chart/teleport-cluster/charts/teleport-operator/.lint/labels.yaml diff --git a/docs/pages/includes/helm-reference/zz_generated.teleport-operator.mdx b/docs/pages/includes/helm-reference/zz_generated.teleport-operator.mdx index a371f03c0e77c..72af53e160f34 100644 --- a/docs/pages/includes/helm-reference/zz_generated.teleport-operator.mdx +++ b/docs/pages/includes/helm-reference/zz_generated.teleport-operator.mdx @@ -149,6 +149,26 @@ put on the `Pod` resources created by the chart. `annotations.serviceAccount` contains the Kubernetes annotations put on the `Deployment` resource created by the chart. +## `annotations` + +### `labels.deployment` + +| Type | Default | +|------|---------| +| `object` | `{}` | + +`labels.deployment` contains the Kubernetes labels +put on the `Deployment` resource created by the chart. + +### `labels.pod` + +| Type | Default | +|------|---------| +| `object` | `{}` | + +`labels.pod` contains the Kubernetes labels +put on the `Pod` resources created by the chart. + ## `serviceAccount` ### `serviceAccount.create` diff --git a/docs/pages/reference/helm-reference/teleport-cluster.mdx b/docs/pages/reference/helm-reference/teleport-cluster.mdx index 5c1caa908a96c..1af346bf07cc8 100644 --- a/docs/pages/reference/helm-reference/teleport-cluster.mdx +++ b/docs/pages/reference/helm-reference/teleport-cluster.mdx @@ -645,6 +645,63 @@ the same Kubernetes cluster or installing the CRDs on your own you should not ha ## `operator` +### `operator.annotations.deployment` + +| Type | Default value | +|----------|---------------| +| `object` | `{}` | + +[Kubernetes reference](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) + +Kubernetes annotations which should be applied to the `Deployment` created by the chart. + +`values.yaml` example: + + ```yaml + operator: + annotations: + deployment: + kubernetes.io/annotation: value + ``` + +### `operator.annotations.pod` + +| Type | Default value | +|----------|---------------| +| `object` | `{}` | + +[Kubernetes reference](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) + +Kubernetes annotations which should be applied to the `Pod` created by the chart. + +`values.yaml` example: + + ```yaml + operator: + annotations: + pod: + kubernetes.io/annotation: value + ``` + +### `operator.annotations.serviceAccount` + +| Type | Default value | +|----------|---------------| +| `object` | `{}` | + +[Kubernetes reference](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) + +Kubernetes annotations which should be applied to the `ServiceAccount` created by the chart. + +`values.yaml` example: + + ```yaml + operator: + annotations: + serviceAccount: + kubernetes.io/annotation: value + ``` + ### `operator.enabled` | Type | Default value | @@ -661,7 +718,7 @@ If you are deploying multiple releases of the Helm chart in the same cluster you ```yaml operator: - enabled: true + enabled: true ``` ### `operator.image` @@ -682,6 +739,44 @@ This setting requires [`operator.enabled`](#operatorenabled). image: my.docker.registry/teleport-operator-image-name ``` +### `operator.labels.deployment` + +| Type | Default value | +|----------|---------------| +| `object` | `{}` | + +[Kubernetes reference](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) + +Kubernetes labels which should be applied to the `Deployment` created by the chart. + +`values.yaml` example: + + ```yaml + operator: + labels: + deployment: + label: value + ``` + +### `operator.labels.pod` + +| Type | Default value | +|----------|---------------| +| `object` | `{}` | + +[Kubernetes reference](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) + +Kubernetes labels which should be applied to the `Pod` created by the chart. + +`values.yaml` example: + + ```yaml + operator: + labels: + pod: + label: value + ``` + ### `operator.resources` | Type | Default value | @@ -1779,6 +1874,14 @@ is true. `extraLabels.job` are labels to set on the Job run by the Helm hook. +### `extraLabels.jobPod` + +| Type | Default value | +|----------|---------------| +| `object` | `{}` | + +`extraLabels.jobPod` are labels to set on the Pods created by the Job run by the Helm hook. + ### `extraLabels.persistentVolumeClaim` | Type | Default value | diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/.lint/labels.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/.lint/labels.yaml new file mode 100644 index 0000000000000..15d33de282dfa --- /dev/null +++ b/examples/chart/teleport-cluster/charts/teleport-operator/.lint/labels.yaml @@ -0,0 +1,10 @@ +labels: + deployment: + kubernetes.io/deployment: "test-label" + kubernetes.io/deployment-different: 3 + pod: + kubernetes.io/pod: "test-label" + kubernetes.io/pod-different: 4 +teleportAddress: "example.teleport.sh:443" +token: "my-operator-bot" +teleportClusterName: "example.teleport.sh" diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/templates/deployment.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/templates/deployment.yaml index cd6d67643d81e..ae0395a1c6bd8 100644 --- a/examples/chart/teleport-cluster/charts/teleport-operator/templates/deployment.yaml +++ b/examples/chart/teleport-cluster/charts/teleport-operator/templates/deployment.yaml @@ -4,7 +4,11 @@ kind: Deployment metadata: name: {{ include "teleport-cluster.operator.fullname" . }} namespace: {{ .Release.Namespace }} - labels: {{- include "teleport-cluster.operator.labels" . | nindent 4 }} + labels: + {{- include "teleport-cluster.operator.labels" . | nindent 4 }} + {{- if .Values.labels.deployment }} + {{- toYaml .Values.labels.deployment | nindent 4 }} + {{- end }} {{- if .Values.annotations.deployment }} annotations: {{- toYaml .Values.annotations.deployment | nindent 4 }} {{- end }} @@ -22,7 +26,11 @@ spec: {{- if .Values.annotations.pod }} annotations: {{- toYaml .Values.annotations.pod | nindent 8 }} {{- end }} - labels: {{- include "teleport-cluster.operator.labels" . | nindent 8 }} + labels: + {{- include "teleport-cluster.operator.labels" . | nindent 8 }} + {{- if .Values.labels.pod }} + {{- toYaml .Values.labels.pod | nindent 8 }} + {{- end }} spec: {{- if .Values.nodeSelector }} nodeSelector: {{- toYaml .Values.nodeSelector | nindent 8 }} diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/tests/deployment_test.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/tests/deployment_test.yaml index 56f8f5163280c..ca261d8056be4 100644 --- a/examples/chart/teleport-cluster/charts/teleport-operator/tests/deployment_test.yaml +++ b/examples/chart/teleport-cluster/charts/teleport-operator/tests/deployment_test.yaml @@ -59,6 +59,25 @@ tests: path: metadata.annotations.kubernetes\.io/deployment-different value: 3 + - it: sets labels when specified + values: + - ../.lint/labels.yaml + asserts: + # Pod labels + - equal: + path: spec.template.metadata.labels.kubernetes\.io/pod + value: test-label + - equal: + path: spec.template.metadata.labels.kubernetes\.io/pod-different + value: 4 + # Deployment labels + - equal: + path: metadata.labels.kubernetes\.io/deployment + value: test-label + - equal: + path: metadata.labels.kubernetes\.io/deployment-different + value: 3 + - it: should mount tls.existingCASecretName and set environment when set in values values: - ../.lint/existing-tls-ca.yaml diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/values.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/values.yaml index f576b26ce68df..e79f4bb4b5222 100644 --- a/examples/chart/teleport-cluster/charts/teleport-operator/values.yaml +++ b/examples/chart/teleport-cluster/charts/teleport-operator/values.yaml @@ -89,6 +89,15 @@ annotations: # put on the `Deployment` resource created by the chart. serviceAccount: {} +# annotations -- +labels: + # labels.deployment(object) -- contains the Kubernetes labels + # put on the `Deployment` resource created by the chart. + deployment: {} + # labels.pod(object) -- contains the Kubernetes labels + # put on the `Pod` resources created by the chart. + pod: {} + # serviceAccount -- serviceAccount: # serviceAccount.create(bool) -- controls if the chart should create the Kubernetes diff --git a/examples/chart/teleport-cluster/templates/auth/predeploy_job.yaml b/examples/chart/teleport-cluster/templates/auth/predeploy_job.yaml index d5a38e93ead74..c557c718042c3 100644 --- a/examples/chart/teleport-cluster/templates/auth/predeploy_job.yaml +++ b/examples/chart/teleport-cluster/templates/auth/predeploy_job.yaml @@ -17,6 +17,12 @@ metadata: spec: backoffLimit: 1 template: + metadata: + labels: + {{- include "teleport-cluster.auth.labels" . | nindent 8 }} + {{- if $auth.extraLabels.jobPod }} + {{- toYaml $auth.extraLabels.jobPod | nindent 8 }} + {{- end }} spec: {{- if $auth.affinity }} affinity: {{- toYaml $auth.affinity | nindent 8 }} diff --git a/examples/chart/teleport-cluster/templates/proxy/predeploy_job.yaml b/examples/chart/teleport-cluster/templates/proxy/predeploy_job.yaml index 0f4ddb4f7fff4..4484d9cadc095 100644 --- a/examples/chart/teleport-cluster/templates/proxy/predeploy_job.yaml +++ b/examples/chart/teleport-cluster/templates/proxy/predeploy_job.yaml @@ -17,6 +17,12 @@ metadata: spec: backoffLimit: 1 template: + metadata: + labels: + {{- include "teleport-cluster.proxy.labels" . | nindent 8 }} + {{- if $proxy.extraLabels.jobPod }} + {{- toYaml $proxy.extraLabels.jobPod | nindent 8 }} + {{- end }} spec: {{- if $proxy.affinity }} affinity: {{- toYaml $proxy.affinity | nindent 8 }} diff --git a/examples/chart/teleport-cluster/tests/predeploy_test.yaml b/examples/chart/teleport-cluster/tests/predeploy_test.yaml index 3ab3ad799e99c..7481cae5217df 100644 --- a/examples/chart/teleport-cluster/tests/predeploy_test.yaml +++ b/examples/chart/teleport-cluster/tests/predeploy_test.yaml @@ -133,6 +133,26 @@ tests: path: metadata.labels.baz value: overridden + - it: should set extraLabels.jobPod on auth predeploy job when set in values + template: auth/predeploy_job.yaml + set: + clusterName: helm-lint + extraLabels: + jobPod: + foo: bar + baz: override-me + auth: + extraLabels: + jobPod: + baz: overridden + asserts: + - equal: + path: spec.template.metadata.labels.foo + value: bar + - equal: + path: spec.template.metadata.labels.baz + value: overridden + - it: should set extraLabels on auth predeploy config when set in values template: auth/predeploy_config.yaml set: @@ -152,6 +172,7 @@ tests: - equal: path: metadata.labels.baz value: overridden + - it: should set extraLabels on proxy predeploy job when set in values template: proxy/predeploy_job.yaml set: @@ -172,6 +193,26 @@ tests: path: metadata.labels.baz value: overridden + - it: should set extraLabels.jobPod on proxy predeploy job when set in values + template: proxy/predeploy_job.yaml + set: + clusterName: helm-lint + extraLabels: + jobPod: + foo: bar + baz: override-me + proxy: + extraLabels: + jobPod: + baz: overridden + asserts: + - equal: + path: spec.template.metadata.labels.foo + value: bar + - equal: + path: spec.template.metadata.labels.baz + value: overridden + - it: should set extraLabels on proxy predeploy config when set in values template: proxy/predeploy_config.yaml set: diff --git a/examples/chart/teleport-cluster/values.yaml b/examples/chart/teleport-cluster/values.yaml index 7304056fbb0e3..d961a86c7369d 100644 --- a/examples/chart/teleport-cluster/values.yaml +++ b/examples/chart/teleport-cluster/values.yaml @@ -654,6 +654,9 @@ extraLabels: ingress: {} # extraLabels.job(object) -- are labels to set on the Job run by the Helm hook. job: {} + # extraLabels.jobPod(object) -- are labels to set on the Pods created by the + # Job run by the Helm hook. + jobPod: {} # extraLabels.persistentVolumeClaim(object) -- are labels to set on the PersistentVolumeClaim. persistentVolumeClaim: {} # extraLabels.pod(object) -- are labels to set on the Pods created by the