Skip to content

Discover EKS: allow custom labels for Kube Server#49420

Merged
marcoandredinis merged 1 commit intomasterfrom
marco/discover_eks_extra_labels
Dec 11, 2024
Merged

Discover EKS: allow custom labels for Kube Server#49420
marcoandredinis merged 1 commit intomasterfrom
marco/discover_eks_extra_labels

Conversation

@marcoandredinis
Copy link
Copy Markdown
Contributor

@marcoandredinis marcoandredinis commented Nov 25, 2024
edited
Loading

This PR allows the UI to send extra labels for setting up the EKS cluster.

Related #46976

Demo

$ curl 'https://lenix.marcoandredinis.com/v1/webapi/sites/lenix.marcoandredinis.com/integrations/aws-oidc/teleportdev/enrolleksclusters' \
--data-raw '{"region":"eu-west-2","enableAppDiscovery":true,"clusterNames":["MarcoEKSCustomLabels01"], "extraLabels":[{"name":"marco-label-key", "value":"marco-label-value"}]}'
image

@marcoandredinis marcoandredinis added discover Issues related to Teleport Discover no-changelog Indicates that a PR does not require a changelog entry backport/branch/v16 backport/branch/v17 labels Nov 25, 2024
@marcoandredinis marcoandredinis mentioned this pull request Nov 25, 2024
Closed
4 tasks
@marcoandredinis marcoandredinis marked this pull request as ready for review November 25, 2024 18:38
@marcoandredinis marcoandredinis force-pushed the marco/discover_eks_extra_labels branch 4 times, most recently from f2be289 to 55a8e42 Compare December 2, 2024 11:00
@marcoandredinis
Copy link
Copy Markdown
Contributor Author

marcoandredinis commented Dec 3, 2024

@doggydogworld @timothyb89 Can you please take a look when you get a chance?

r0mant
r0mant approved these changes Dec 5, 2024
View reviewed changes
Copy link
Copy Markdown
Collaborator

@r0mant r0mant left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm with a question/suggestion

Comment thread lib/integrations/awsoidc/eks_enroll_clusters.go
Comment on lines +705 to +706
maps.Copy(labels, extraLabels)
maps.Copy(labels, kubeCluster.GetStaticLabels())
Copy link
Copy Markdown
Collaborator

@r0mant r0mant Dec 5, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I assume "extraLabels" are basically user-provided labels and "static labels" are labels from EKS tags, correct? In that case, should user-defined labels take precedence, i.e. should we swap the order of these two copies?

Copy link
Copy Markdown
Contributor Author

@marcoandredinis marcoandredinis Dec 6, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I assume "extraLabels" are basically user-provided labels and "static labels" are labels from EKS tags, correct?

Yes 👍

In that case, should user-defined labels take precedence, i.e. should we swap the order of these two copies?

My assumption was that we want static/cloud labels to always be applied after the custom ones, preventing any override of values such as the AWS Account ID/Region.

I looked into how Teleport Server + ServerInfo labels and it seems that its order is:

  • Cloud Labels
  • ServerInfo Labels
  • Static Labels

    teleport/lib/srv/regular/sshserver.go

    Lines 1026 to 1040 in 4846ef4

    func (s *Server) getStaticLabels() map[string]string {
    labels := make(map[string]string, len(s.labels))
    if s.cloudLabels != nil {
    maps.Copy(labels, s.cloudLabels.Get())
    }
    // Let labels sent over ics override labels from instance metadata.
    if s.inventoryHandle != nil {
    maps.Copy(labels, s.inventoryHandle.GetUpstreamLabels(proto.LabelUpdateKind_SSHServerCloudLabels))
    }
    // Let static labels override any other labels.
    maps.Copy(labels, s.labels)
    return labels
    }

Static labels end up being the last to be applied.

Having said that, I'm ok changing the order 👍

@marcoandredinis marcoandredinis force-pushed the marco/discover_eks_extra_labels branch 3 times, most recently from 379aa3f to 9178e6c Compare December 10, 2024 11:36
doggydogworld
doggydogworld reviewed Dec 10, 2024
View reviewed changes
Comment thread lib/integrations/awsoidc/eks_enroll_clusters_test.go
"priority": "yes",
"region": "us-east-1",
}
resourceID := uuid.NewString()
Copy link
Copy Markdown
Contributor

@doggydogworld doggydogworld Dec 10, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it necessary to use UUID generation for testing?

Copy link
Copy Markdown
Contributor Author

@marcoandredinis marcoandredinis Dec 11, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can use whatever value here 👍
Is it bad to use it? I was trying to use a real value here instead of a static one.

doggydogworld
doggydogworld reviewed Dec 10, 2024
View reviewed changes
Comment thread lib/web/integrations_awsoidc.go
return nil, trace.Wrap(err)
}

extraLabels := make(map[string]string, len(req.ExtraLabels))
Copy link
Copy Markdown
Contributor

@doggydogworld doggydogworld Dec 10, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can't we use maps.Clone instead? Since maps.Copy is used I think it might make it more consistent.

Copy link
Copy Markdown
Contributor Author

@marcoandredinis marcoandredinis Dec 11, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

req.ExtraLabels format is not a map.
It's a []ui.Label where ui.Label is a struct with Name, Value.

So, I don't think we can use maps.Clone here

doggydogworld
doggydogworld approved these changes Dec 10, 2024
View reviewed changes
Copy link
Copy Markdown
Contributor

@doggydogworld doggydogworld left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just some nits otherwise lgtm.

@marcoandredinis
Discover EKS: allow custom labels for Kube Server
1c601d1 
This PR allows the UI to send extra labels for setting up the EKS
cluster.
@marcoandredinis marcoandredinis force-pushed the marco/discover_eks_extra_labels branch from 9178e6c to 1c601d1 Compare December 11, 2024 09:46
@marcoandredinis marcoandredinis added this pull request to the merge queue Dec 11, 2024
Merged via the queue into master with commit 0e1f1bc Dec 11, 2024
@marcoandredinis marcoandredinis deleted the marco/discover_eks_extra_labels branch December 11, 2024 10:25
@public-teleport-github-review-bot
Copy link
Copy Markdown

public-teleport-github-review-bot Bot commented Dec 11, 2024

@marcoandredinis See the table below for backport results.

Branch Result
branch/v16 Failed
branch/v17 Create PR

marcoandredinis added a commit that referenced this pull request Dec 11, 2024
@marcoandredinis
Discover EKS: allow custom labels for Kube Server (#49420)
dbf3063 
This PR allows the UI to send extra labels for setting up the EKS
cluster.
@marcoandredinis marcoandredinis mentioned this pull request Dec 11, 2024
Merged
marcoandredinis added a commit that referenced this pull request Dec 11, 2024
@marcoandredinis
Discover EKS: allow custom labels for Kube Server (#49420)
ead6f81 
This PR allows the UI to send extra labels for setting up the EKS
cluster.
@marcoandredinis marcoandredinis mentioned this pull request Dec 11, 2024
Merged
marcoandredinis added a commit that referenced this pull request Dec 17, 2024
@marcoandredinis
Discover EKS: allow custom labels for Kube Server (#49420)
1363d60 
This PR allows the UI to send extra labels for setting up the EKS
cluster.
github-merge-queue Bot pushed a commit that referenced this pull request Dec 17, 2024
@marcoandredinis
Discover EKS: allow custom labels for Kube Server (#49420) (#50050)
f1628e7 
This PR allows the UI to send extra labels for setting up the EKS
cluster.
@kimlisa kimlisa mentioned this pull request Dec 20, 2024
Merged
carloscastrojumo pushed a commit to carloscastrojumo/teleport that referenced this pull request Feb 19, 2025
@marcoandredinis @carloscastrojumo
Discover EKS: allow custom labels for Kube Server (gravitational#49420)
f652bfd 
This PR allows the UI to send extra labels for setting up the EKS
cluster.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@r0mant r0mant r0mant approved these changes

@doggydogworld doggydogworld doggydogworld approved these changes

Assignees

No one assigned

Labels

backport/branch/v17 discover Issues related to Teleport Discover no-changelog Indicates that a PR does not require a changelog entry size/sm

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@marcoandredinis @r0mant @doggydogworld