From 9c96d6204c02ba9c9f2a5e09b1ae16086d1e29f2 Mon Sep 17 00:00:00 2001 From: "emmanuel.lagree" Date: Tue, 26 Nov 2024 11:16:53 +0100 Subject: [PATCH 1/3] feat(charts): Give the possibility to add labels on more resources Currently it's possible to add labels on Jobs but not on Pods created by the Job. Let's allow it. Same problem on operator subchart for deployments and pod created by the deployment. --- .../helm-reference/teleport-cluster.mdx | 103 ++++++++++++++++++ .../teleport-operator/.lint/labels.yaml | 7 ++ .../templates/deployment.yaml | 13 ++- .../tests/deployment_test.yaml | 19 ++++ .../charts/teleport-operator/values.yaml | 9 ++ .../templates/auth/predeploy_job.yaml | 6 + .../templates/proxy/predeploy_job.yaml | 6 + .../tests/predeploy_test.yaml | 41 +++++++ examples/chart/teleport-cluster/values.yaml | 3 + 9 files changed, 204 insertions(+), 3 deletions(-) create mode 100644 examples/chart/teleport-cluster/charts/teleport-operator/.lint/labels.yaml diff --git a/docs/pages/reference/helm-reference/teleport-cluster.mdx b/docs/pages/reference/helm-reference/teleport-cluster.mdx index aac3dccac9bab..5e3c114e5ab3e 100644 --- a/docs/pages/reference/helm-reference/teleport-cluster.mdx +++ b/docs/pages/reference/helm-reference/teleport-cluster.mdx @@ -655,6 +655,63 @@ the same Kubernetes cluster or installing the CRDs on your own you should not ha ## `operator` +### `operator.annotations.deployment` + +| Type | Default value | +|----------|---------------| +| `object` | `{}` | + +[Kubernetes reference](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) + +Kubernetes annotations which should be applied to the `Deployment` created by the chart. + +`values.yaml` example: + + ```yaml + operator: + annotations: + deployment: + kubernetes.io/annotation: value + ``` + +### `operator.annotations.pod` + +| Type | Default value | +|----------|---------------| +| `object` | `{}` | + +[Kubernetes reference](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) + +Kubernetes annotations which should be applied to the `Pod` created by the chart. + +`values.yaml` example: + + ```yaml + operator: + annotations: + pod: + kubernetes.io/annotation: value + ``` + +### `operator.annotations.serviceAccount` + +| Type | Default value | +|----------|---------------| +| `object` | `{}` | + +[Kubernetes reference](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) + +Kubernetes annotations which should be applied to the `ServiceAccount` created by the chart. + +`values.yaml` example: + + ```yaml + operator: + annotations: + serviceAccount: + kubernetes.io/annotation: value + ``` + ### `operator.enabled` | Type | Default value | @@ -692,6 +749,44 @@ This setting requires [`operator.enabled`](#operatorenabled). image: my.docker.registry/teleport-operator-image-name ``` +### `operator.labels.deployment` + +| Type | Default value | +|----------|---------------| +| `object` | `{}` | + +[Kubernetes reference](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) + +Kubernetes labels which should be applied to the `Deployment` created by the chart. + +`values.yaml` example: + + ```yaml + operator: + labels: + deployment: + label: value + ``` + +### `operator.labels.pod` + +| Type | Default value | +|----------|---------------| +| `object` | `{}` | + +[Kubernetes reference](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) + +Kubernetes labels which should be applied to the `Pod` created by the chart. + +`values.yaml` example: + + ```yaml + operator: + labels: + pod: + label: value + ``` + ### `operator.resources` | Type | Default value | @@ -1789,6 +1884,14 @@ is true. `extraLabels.job` are labels to set on the Job run by the Helm hook. +### `extraLabels.jobPod` + +| Type | Default value | +|----------|---------------| +| `object` | `{}` | + +`extraLabels.jobPod` are labels to set on the Pods created by the Job run by the Helm hook. + ### `extraLabels.persistentVolumeClaim` | Type | Default value | diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/.lint/labels.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/.lint/labels.yaml new file mode 100644 index 0000000000000..b9a12e51e84ea --- /dev/null +++ b/examples/chart/teleport-cluster/charts/teleport-operator/.lint/labels.yaml @@ -0,0 +1,7 @@ +labels: + deployment: + kubernetes.io/deployment: "test-label" + kubernetes.io/deployment-different: 3 + pod: + kubernetes.io/pod: "test-label" + kubernetes.io/pod-different: 4 diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/templates/deployment.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/templates/deployment.yaml index cd6d67643d81e..c7bebcda8315c 100644 --- a/examples/chart/teleport-cluster/charts/teleport-operator/templates/deployment.yaml +++ b/examples/chart/teleport-cluster/charts/teleport-operator/templates/deployment.yaml @@ -4,8 +4,11 @@ kind: Deployment metadata: name: {{ include "teleport-cluster.operator.fullname" . }} namespace: {{ .Release.Namespace }} - labels: {{- include "teleport-cluster.operator.labels" . | nindent 4 }} - {{- if .Values.annotations.deployment }} + labels: + {{- include "teleport-cluster.operator.labels" . | nindent 4 }} + {{- if .Values.labels.deployment }} + {{- toYaml .Values.labels.deployment | nindent 4 }} + {{- end }} annotations: {{- toYaml .Values.annotations.deployment | nindent 4 }} {{- end }} spec: @@ -22,7 +25,11 @@ spec: {{- if .Values.annotations.pod }} annotations: {{- toYaml .Values.annotations.pod | nindent 8 }} {{- end }} - labels: {{- include "teleport-cluster.operator.labels" . | nindent 8 }} + labels: + {{- include "teleport-cluster.operator.labels" . | nindent 8 }} + {{- if .Values.labels.pod }} + {{- toYaml .Values.labels.pod | nindent 8 }} + {{- end }} spec: {{- if .Values.nodeSelector }} nodeSelector: {{- toYaml .Values.nodeSelector | nindent 8 }} diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/tests/deployment_test.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/tests/deployment_test.yaml index 56f8f5163280c..6387c75c4101b 100644 --- a/examples/chart/teleport-cluster/charts/teleport-operator/tests/deployment_test.yaml +++ b/examples/chart/teleport-cluster/charts/teleport-operator/tests/deployment_test.yaml @@ -59,6 +59,25 @@ tests: path: metadata.annotations.kubernetes\.io/deployment-different value: 3 + - it: sets labels when specified + values: + - ../.lint/deployment.yaml + asserts: + # Pod labels + - equal: + path: spec.template.metadata.labels.kubernetes\.io/pod + value: test-label + - equal: + path: spec.template.metadata.labels.kubernetes\.io/pod-different + value: 4 + # Deployment labels + - equal: + path: metadata.labels.kubernetes\.io/deployment + value: test-label + - equal: + path: metadata.labels.kubernetes\.io/deployment-different + value: 3 + - it: should mount tls.existingCASecretName and set environment when set in values values: - ../.lint/existing-tls-ca.yaml diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/values.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/values.yaml index f576b26ce68df..e79f4bb4b5222 100644 --- a/examples/chart/teleport-cluster/charts/teleport-operator/values.yaml +++ b/examples/chart/teleport-cluster/charts/teleport-operator/values.yaml @@ -89,6 +89,15 @@ annotations: # put on the `Deployment` resource created by the chart. serviceAccount: {} +# annotations -- +labels: + # labels.deployment(object) -- contains the Kubernetes labels + # put on the `Deployment` resource created by the chart. + deployment: {} + # labels.pod(object) -- contains the Kubernetes labels + # put on the `Pod` resources created by the chart. + pod: {} + # serviceAccount -- serviceAccount: # serviceAccount.create(bool) -- controls if the chart should create the Kubernetes diff --git a/examples/chart/teleport-cluster/templates/auth/predeploy_job.yaml b/examples/chart/teleport-cluster/templates/auth/predeploy_job.yaml index d5a38e93ead74..c557c718042c3 100644 --- a/examples/chart/teleport-cluster/templates/auth/predeploy_job.yaml +++ b/examples/chart/teleport-cluster/templates/auth/predeploy_job.yaml @@ -17,6 +17,12 @@ metadata: spec: backoffLimit: 1 template: + metadata: + labels: + {{- include "teleport-cluster.auth.labels" . | nindent 8 }} + {{- if $auth.extraLabels.jobPod }} + {{- toYaml $auth.extraLabels.jobPod | nindent 8 }} + {{- end }} spec: {{- if $auth.affinity }} affinity: {{- toYaml $auth.affinity | nindent 8 }} diff --git a/examples/chart/teleport-cluster/templates/proxy/predeploy_job.yaml b/examples/chart/teleport-cluster/templates/proxy/predeploy_job.yaml index 0f4ddb4f7fff4..4484d9cadc095 100644 --- a/examples/chart/teleport-cluster/templates/proxy/predeploy_job.yaml +++ b/examples/chart/teleport-cluster/templates/proxy/predeploy_job.yaml @@ -17,6 +17,12 @@ metadata: spec: backoffLimit: 1 template: + metadata: + labels: + {{- include "teleport-cluster.proxy.labels" . | nindent 8 }} + {{- if $proxy.extraLabels.jobPod }} + {{- toYaml $proxy.extraLabels.jobPod | nindent 8 }} + {{- end }} spec: {{- if $proxy.affinity }} affinity: {{- toYaml $proxy.affinity | nindent 8 }} diff --git a/examples/chart/teleport-cluster/tests/predeploy_test.yaml b/examples/chart/teleport-cluster/tests/predeploy_test.yaml index 3ab3ad799e99c..c4892a65b43f2 100644 --- a/examples/chart/teleport-cluster/tests/predeploy_test.yaml +++ b/examples/chart/teleport-cluster/tests/predeploy_test.yaml @@ -133,6 +133,26 @@ tests: path: metadata.labels.baz value: overridden + - it: should set extraLabels.jobPod on auth predeploy job when set in values + template: auth/predeploy_job.yaml + set: + clusterName: helm-lint + extraLabels: + jobPod: + foo: bar + baz: override-me + auth: + extraLabels: + jobPod: + baz: overridden + asserts: + - equal: + path: spec.template.metadata.labels.foo + value: bar + - equal: + path: spec.template.metadata.labels.baz + value: overridden + - it: should set extraLabels on auth predeploy config when set in values template: auth/predeploy_config.yaml set: @@ -152,6 +172,7 @@ tests: - equal: path: metadata.labels.baz value: overridden + - it: should set extraLabels on proxy predeploy job when set in values template: proxy/predeploy_job.yaml set: @@ -172,6 +193,26 @@ tests: path: metadata.labels.baz value: overridden + - it: should set extraLabels.jobPod on proxy predeploy job when set in values + template: proxy/predeploy_job.yaml + set: + clusterName: helm-lint + extraLabels: + jobPod: + foo: bar + baz: override-me + auth: + extraLabels: + jobPod: + baz: overridden + asserts: + - equal: + path: spec.template.metadata.labels.foo + value: bar + - equal: + path: spec.template.metadata.labels.baz + value: overridden + - it: should set extraLabels on proxy predeploy config when set in values template: proxy/predeploy_config.yaml set: diff --git a/examples/chart/teleport-cluster/values.yaml b/examples/chart/teleport-cluster/values.yaml index eba1e7c370a08..69344fc594897 100644 --- a/examples/chart/teleport-cluster/values.yaml +++ b/examples/chart/teleport-cluster/values.yaml @@ -654,6 +654,9 @@ extraLabels: ingress: {} # extraLabels.job(object) -- are labels to set on the Job run by the Helm hook. job: {} + # extraLabels.jobPod(object) -- are labels to set on the Pods created by the + # Job run by the Helm hook. + jobPod: {} # extraLabels.persistentVolumeClaim(object) -- are labels to set on the PersistentVolumeClaim. persistentVolumeClaim: {} # extraLabels.pod(object) -- are labels to set on the Pods created by the From 26836d996b54910d20c8e4ae36ac6c5f48b01d82 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Emmanuel=20Lagr=C3=A9e?= <36861662+elagree@users.noreply.github.com> Date: Mon, 2 Dec 2024 11:26:27 +0100 Subject: [PATCH 2/3] Fix doc indentation --- .../helm-reference/teleport-cluster.mdx | 42 +++++++++---------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/docs/pages/reference/helm-reference/teleport-cluster.mdx b/docs/pages/reference/helm-reference/teleport-cluster.mdx index 5e3c114e5ab3e..b28c0c36540dd 100644 --- a/docs/pages/reference/helm-reference/teleport-cluster.mdx +++ b/docs/pages/reference/helm-reference/teleport-cluster.mdx @@ -668,10 +668,10 @@ Kubernetes annotations which should be applied to the `Deployment` created by th `values.yaml` example: ```yaml - operator: - annotations: - deployment: - kubernetes.io/annotation: value + operator: + annotations: + deployment: + kubernetes.io/annotation: value ``` ### `operator.annotations.pod` @@ -687,10 +687,10 @@ Kubernetes annotations which should be applied to the `Pod` created by the chart `values.yaml` example: ```yaml - operator: - annotations: - pod: - kubernetes.io/annotation: value + operator: + annotations: + pod: + kubernetes.io/annotation: value ``` ### `operator.annotations.serviceAccount` @@ -706,10 +706,10 @@ Kubernetes annotations which should be applied to the `ServiceAccount` created b `values.yaml` example: ```yaml - operator: - annotations: - serviceAccount: - kubernetes.io/annotation: value + operator: + annotations: + serviceAccount: + kubernetes.io/annotation: value ``` ### `operator.enabled` @@ -728,7 +728,7 @@ If you are deploying multiple releases of the Helm chart in the same cluster you ```yaml operator: - enabled: true + enabled: true ``` ### `operator.image` @@ -762,10 +762,10 @@ Kubernetes labels which should be applied to the `Deployment` created by the cha `values.yaml` example: ```yaml - operator: - labels: - deployment: - label: value + operator: + labels: + deployment: + label: value ``` ### `operator.labels.pod` @@ -781,10 +781,10 @@ Kubernetes labels which should be applied to the `Pod` created by the chart. `values.yaml` example: ```yaml - operator: - labels: - pod: - label: value + operator: + labels: + pod: + label: value ``` ### `operator.resources` From f85bef9f08a5a87cb9797347727ad5303ddd3282 Mon Sep 17 00:00:00 2001 From: Tiago Silva Date: Mon, 2 Dec 2024 15:28:19 +0000 Subject: [PATCH 3/3] fix typo --- .../zz_generated.teleport-operator.mdx | 20 +++++++++++++++++++ .../teleport-operator/.lint/labels.yaml | 3 +++ .../templates/deployment.yaml | 1 + .../tests/deployment_test.yaml | 2 +- .../tests/predeploy_test.yaml | 2 +- 5 files changed, 26 insertions(+), 2 deletions(-) diff --git a/docs/pages/includes/helm-reference/zz_generated.teleport-operator.mdx b/docs/pages/includes/helm-reference/zz_generated.teleport-operator.mdx index 8fce50395c01d..a1cda3b612cda 100644 --- a/docs/pages/includes/helm-reference/zz_generated.teleport-operator.mdx +++ b/docs/pages/includes/helm-reference/zz_generated.teleport-operator.mdx @@ -151,6 +151,26 @@ put on the `Pod` resources created by the chart. `annotations.serviceAccount` contains the Kubernetes annotations put on the `Deployment` resource created by the chart. +## `annotations` + +### `labels.deployment` + +| Type | Default | +|------|---------| +| `object` | `{}` | + +`labels.deployment` contains the Kubernetes labels +put on the `Deployment` resource created by the chart. + +### `labels.pod` + +| Type | Default | +|------|---------| +| `object` | `{}` | + +`labels.pod` contains the Kubernetes labels +put on the `Pod` resources created by the chart. + ## `serviceAccount` ### `serviceAccount.create` diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/.lint/labels.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/.lint/labels.yaml index b9a12e51e84ea..15d33de282dfa 100644 --- a/examples/chart/teleport-cluster/charts/teleport-operator/.lint/labels.yaml +++ b/examples/chart/teleport-cluster/charts/teleport-operator/.lint/labels.yaml @@ -5,3 +5,6 @@ labels: pod: kubernetes.io/pod: "test-label" kubernetes.io/pod-different: 4 +teleportAddress: "example.teleport.sh:443" +token: "my-operator-bot" +teleportClusterName: "example.teleport.sh" diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/templates/deployment.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/templates/deployment.yaml index c7bebcda8315c..ae0395a1c6bd8 100644 --- a/examples/chart/teleport-cluster/charts/teleport-operator/templates/deployment.yaml +++ b/examples/chart/teleport-cluster/charts/teleport-operator/templates/deployment.yaml @@ -9,6 +9,7 @@ metadata: {{- if .Values.labels.deployment }} {{- toYaml .Values.labels.deployment | nindent 4 }} {{- end }} + {{- if .Values.annotations.deployment }} annotations: {{- toYaml .Values.annotations.deployment | nindent 4 }} {{- end }} spec: diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/tests/deployment_test.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/tests/deployment_test.yaml index 6387c75c4101b..ca261d8056be4 100644 --- a/examples/chart/teleport-cluster/charts/teleport-operator/tests/deployment_test.yaml +++ b/examples/chart/teleport-cluster/charts/teleport-operator/tests/deployment_test.yaml @@ -61,7 +61,7 @@ tests: - it: sets labels when specified values: - - ../.lint/deployment.yaml + - ../.lint/labels.yaml asserts: # Pod labels - equal: diff --git a/examples/chart/teleport-cluster/tests/predeploy_test.yaml b/examples/chart/teleport-cluster/tests/predeploy_test.yaml index c4892a65b43f2..7481cae5217df 100644 --- a/examples/chart/teleport-cluster/tests/predeploy_test.yaml +++ b/examples/chart/teleport-cluster/tests/predeploy_test.yaml @@ -201,7 +201,7 @@ tests: jobPod: foo: bar baz: override-me - auth: + proxy: extraLabels: jobPod: baz: overridden