From 64902017d2d074ff2d5b749a67b6983872c159d9 Mon Sep 17 00:00:00 2001 From: "emmanuel.lagree" Date: Tue, 26 Nov 2024 11:16:53 +0100 Subject: [PATCH 1/3] feat(charts): Give the possibility to add labels on more resources Currently it's possible to add labels on Jobs but not on Pods created by the Job. Let's allow it. Same problem on operator subchart for deployments and pod created by the deployment. --- .../helm-reference/teleport-cluster.mdx | 103 ++++++++++++++++++ .../teleport-operator/.lint/labels.yaml | 7 ++ .../templates/deployment.yaml | 13 ++- .../tests/deployment_test.yaml | 19 ++++ .../charts/teleport-operator/values.yaml | 9 ++ .../templates/auth/predeploy_job.yaml | 6 + .../templates/proxy/predeploy_job.yaml | 6 + .../tests/predeploy_test.yaml | 41 +++++++ examples/chart/teleport-cluster/values.yaml | 3 + 9 files changed, 204 insertions(+), 3 deletions(-) create mode 100644 examples/chart/teleport-cluster/charts/teleport-operator/.lint/labels.yaml diff --git a/docs/pages/reference/helm-reference/teleport-cluster.mdx b/docs/pages/reference/helm-reference/teleport-cluster.mdx index 5c1caa908a96c..a1d022c8aacd5 100644 --- a/docs/pages/reference/helm-reference/teleport-cluster.mdx +++ b/docs/pages/reference/helm-reference/teleport-cluster.mdx @@ -645,6 +645,63 @@ the same Kubernetes cluster or installing the CRDs on your own you should not ha ## `operator` +### `operator.annotations.deployment` + +| Type | Default value | +|----------|---------------| +| `object` | `{}` | + +[Kubernetes reference](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) + +Kubernetes annotations which should be applied to the `Deployment` created by the chart. + +`values.yaml` example: + + ```yaml + operator: + annotations: + deployment: + kubernetes.io/annotation: value + ``` + +### `operator.annotations.pod` + +| Type | Default value | +|----------|---------------| +| `object` | `{}` | + +[Kubernetes reference](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) + +Kubernetes annotations which should be applied to the `Pod` created by the chart. + +`values.yaml` example: + + ```yaml + operator: + annotations: + pod: + kubernetes.io/annotation: value + ``` + +### `operator.annotations.serviceAccount` + +| Type | Default value | +|----------|---------------| +| `object` | `{}` | + +[Kubernetes reference](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) + +Kubernetes annotations which should be applied to the `ServiceAccount` created by the chart. + +`values.yaml` example: + + ```yaml + operator: + annotations: + serviceAccount: + kubernetes.io/annotation: value + ``` + ### `operator.enabled` | Type | Default value | @@ -682,6 +739,44 @@ This setting requires [`operator.enabled`](#operatorenabled). image: my.docker.registry/teleport-operator-image-name ``` +### `operator.labels.deployment` + +| Type | Default value | +|----------|---------------| +| `object` | `{}` | + +[Kubernetes reference](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) + +Kubernetes labels which should be applied to the `Deployment` created by the chart. + +`values.yaml` example: + + ```yaml + operator: + labels: + deployment: + label: value + ``` + +### `operator.labels.pod` + +| Type | Default value | +|----------|---------------| +| `object` | `{}` | + +[Kubernetes reference](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) + +Kubernetes labels which should be applied to the `Pod` created by the chart. + +`values.yaml` example: + + ```yaml + operator: + labels: + pod: + label: value + ``` + ### `operator.resources` | Type | Default value | @@ -1779,6 +1874,14 @@ is true. `extraLabels.job` are labels to set on the Job run by the Helm hook. +### `extraLabels.jobPod` + +| Type | Default value | +|----------|---------------| +| `object` | `{}` | + +`extraLabels.jobPod` are labels to set on the Pods created by the Job run by the Helm hook. + ### `extraLabels.persistentVolumeClaim` | Type | Default value | diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/.lint/labels.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/.lint/labels.yaml new file mode 100644 index 0000000000000..b9a12e51e84ea --- /dev/null +++ b/examples/chart/teleport-cluster/charts/teleport-operator/.lint/labels.yaml @@ -0,0 +1,7 @@ +labels: + deployment: + kubernetes.io/deployment: "test-label" + kubernetes.io/deployment-different: 3 + pod: + kubernetes.io/pod: "test-label" + kubernetes.io/pod-different: 4 diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/templates/deployment.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/templates/deployment.yaml index cd6d67643d81e..c7bebcda8315c 100644 --- a/examples/chart/teleport-cluster/charts/teleport-operator/templates/deployment.yaml +++ b/examples/chart/teleport-cluster/charts/teleport-operator/templates/deployment.yaml @@ -4,8 +4,11 @@ kind: Deployment metadata: name: {{ include "teleport-cluster.operator.fullname" . }} namespace: {{ .Release.Namespace }} - labels: {{- include "teleport-cluster.operator.labels" . | nindent 4 }} - {{- if .Values.annotations.deployment }} + labels: + {{- include "teleport-cluster.operator.labels" . | nindent 4 }} + {{- if .Values.labels.deployment }} + {{- toYaml .Values.labels.deployment | nindent 4 }} + {{- end }} annotations: {{- toYaml .Values.annotations.deployment | nindent 4 }} {{- end }} spec: @@ -22,7 +25,11 @@ spec: {{- if .Values.annotations.pod }} annotations: {{- toYaml .Values.annotations.pod | nindent 8 }} {{- end }} - labels: {{- include "teleport-cluster.operator.labels" . | nindent 8 }} + labels: + {{- include "teleport-cluster.operator.labels" . | nindent 8 }} + {{- if .Values.labels.pod }} + {{- toYaml .Values.labels.pod | nindent 8 }} + {{- end }} spec: {{- if .Values.nodeSelector }} nodeSelector: {{- toYaml .Values.nodeSelector | nindent 8 }} diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/tests/deployment_test.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/tests/deployment_test.yaml index 56f8f5163280c..6387c75c4101b 100644 --- a/examples/chart/teleport-cluster/charts/teleport-operator/tests/deployment_test.yaml +++ b/examples/chart/teleport-cluster/charts/teleport-operator/tests/deployment_test.yaml @@ -59,6 +59,25 @@ tests: path: metadata.annotations.kubernetes\.io/deployment-different value: 3 + - it: sets labels when specified + values: + - ../.lint/deployment.yaml + asserts: + # Pod labels + - equal: + path: spec.template.metadata.labels.kubernetes\.io/pod + value: test-label + - equal: + path: spec.template.metadata.labels.kubernetes\.io/pod-different + value: 4 + # Deployment labels + - equal: + path: metadata.labels.kubernetes\.io/deployment + value: test-label + - equal: + path: metadata.labels.kubernetes\.io/deployment-different + value: 3 + - it: should mount tls.existingCASecretName and set environment when set in values values: - ../.lint/existing-tls-ca.yaml diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/values.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/values.yaml index f576b26ce68df..e79f4bb4b5222 100644 --- a/examples/chart/teleport-cluster/charts/teleport-operator/values.yaml +++ b/examples/chart/teleport-cluster/charts/teleport-operator/values.yaml @@ -89,6 +89,15 @@ annotations: # put on the `Deployment` resource created by the chart. serviceAccount: {} +# annotations -- +labels: + # labels.deployment(object) -- contains the Kubernetes labels + # put on the `Deployment` resource created by the chart. + deployment: {} + # labels.pod(object) -- contains the Kubernetes labels + # put on the `Pod` resources created by the chart. + pod: {} + # serviceAccount -- serviceAccount: # serviceAccount.create(bool) -- controls if the chart should create the Kubernetes diff --git a/examples/chart/teleport-cluster/templates/auth/predeploy_job.yaml b/examples/chart/teleport-cluster/templates/auth/predeploy_job.yaml index d5a38e93ead74..c557c718042c3 100644 --- a/examples/chart/teleport-cluster/templates/auth/predeploy_job.yaml +++ b/examples/chart/teleport-cluster/templates/auth/predeploy_job.yaml @@ -17,6 +17,12 @@ metadata: spec: backoffLimit: 1 template: + metadata: + labels: + {{- include "teleport-cluster.auth.labels" . | nindent 8 }} + {{- if $auth.extraLabels.jobPod }} + {{- toYaml $auth.extraLabels.jobPod | nindent 8 }} + {{- end }} spec: {{- if $auth.affinity }} affinity: {{- toYaml $auth.affinity | nindent 8 }} diff --git a/examples/chart/teleport-cluster/templates/proxy/predeploy_job.yaml b/examples/chart/teleport-cluster/templates/proxy/predeploy_job.yaml index 0f4ddb4f7fff4..4484d9cadc095 100644 --- a/examples/chart/teleport-cluster/templates/proxy/predeploy_job.yaml +++ b/examples/chart/teleport-cluster/templates/proxy/predeploy_job.yaml @@ -17,6 +17,12 @@ metadata: spec: backoffLimit: 1 template: + metadata: + labels: + {{- include "teleport-cluster.proxy.labels" . | nindent 8 }} + {{- if $proxy.extraLabels.jobPod }} + {{- toYaml $proxy.extraLabels.jobPod | nindent 8 }} + {{- end }} spec: {{- if $proxy.affinity }} affinity: {{- toYaml $proxy.affinity | nindent 8 }} diff --git a/examples/chart/teleport-cluster/tests/predeploy_test.yaml b/examples/chart/teleport-cluster/tests/predeploy_test.yaml index 3ab3ad799e99c..c4892a65b43f2 100644 --- a/examples/chart/teleport-cluster/tests/predeploy_test.yaml +++ b/examples/chart/teleport-cluster/tests/predeploy_test.yaml @@ -133,6 +133,26 @@ tests: path: metadata.labels.baz value: overridden + - it: should set extraLabels.jobPod on auth predeploy job when set in values + template: auth/predeploy_job.yaml + set: + clusterName: helm-lint + extraLabels: + jobPod: + foo: bar + baz: override-me + auth: + extraLabels: + jobPod: + baz: overridden + asserts: + - equal: + path: spec.template.metadata.labels.foo + value: bar + - equal: + path: spec.template.metadata.labels.baz + value: overridden + - it: should set extraLabels on auth predeploy config when set in values template: auth/predeploy_config.yaml set: @@ -152,6 +172,7 @@ tests: - equal: path: metadata.labels.baz value: overridden + - it: should set extraLabels on proxy predeploy job when set in values template: proxy/predeploy_job.yaml set: @@ -172,6 +193,26 @@ tests: path: metadata.labels.baz value: overridden + - it: should set extraLabels.jobPod on proxy predeploy job when set in values + template: proxy/predeploy_job.yaml + set: + clusterName: helm-lint + extraLabels: + jobPod: + foo: bar + baz: override-me + auth: + extraLabels: + jobPod: + baz: overridden + asserts: + - equal: + path: spec.template.metadata.labels.foo + value: bar + - equal: + path: spec.template.metadata.labels.baz + value: overridden + - it: should set extraLabels on proxy predeploy config when set in values template: proxy/predeploy_config.yaml set: diff --git a/examples/chart/teleport-cluster/values.yaml b/examples/chart/teleport-cluster/values.yaml index 7304056fbb0e3..d961a86c7369d 100644 --- a/examples/chart/teleport-cluster/values.yaml +++ b/examples/chart/teleport-cluster/values.yaml @@ -654,6 +654,9 @@ extraLabels: ingress: {} # extraLabels.job(object) -- are labels to set on the Job run by the Helm hook. job: {} + # extraLabels.jobPod(object) -- are labels to set on the Pods created by the + # Job run by the Helm hook. + jobPod: {} # extraLabels.persistentVolumeClaim(object) -- are labels to set on the PersistentVolumeClaim. persistentVolumeClaim: {} # extraLabels.pod(object) -- are labels to set on the Pods created by the From 28695367d10a9f05258014fbb9b0adb7e9246b3e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Emmanuel=20Lagr=C3=A9e?= <36861662+elagree@users.noreply.github.com> Date: Mon, 2 Dec 2024 11:26:27 +0100 Subject: [PATCH 2/3] Fix doc indentation --- .../helm-reference/teleport-cluster.mdx | 42 +++++++++---------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/docs/pages/reference/helm-reference/teleport-cluster.mdx b/docs/pages/reference/helm-reference/teleport-cluster.mdx index a1d022c8aacd5..1af346bf07cc8 100644 --- a/docs/pages/reference/helm-reference/teleport-cluster.mdx +++ b/docs/pages/reference/helm-reference/teleport-cluster.mdx @@ -658,10 +658,10 @@ Kubernetes annotations which should be applied to the `Deployment` created by th `values.yaml` example: ```yaml - operator: - annotations: - deployment: - kubernetes.io/annotation: value + operator: + annotations: + deployment: + kubernetes.io/annotation: value ``` ### `operator.annotations.pod` @@ -677,10 +677,10 @@ Kubernetes annotations which should be applied to the `Pod` created by the chart `values.yaml` example: ```yaml - operator: - annotations: - pod: - kubernetes.io/annotation: value + operator: + annotations: + pod: + kubernetes.io/annotation: value ``` ### `operator.annotations.serviceAccount` @@ -696,10 +696,10 @@ Kubernetes annotations which should be applied to the `ServiceAccount` created b `values.yaml` example: ```yaml - operator: - annotations: - serviceAccount: - kubernetes.io/annotation: value + operator: + annotations: + serviceAccount: + kubernetes.io/annotation: value ``` ### `operator.enabled` @@ -718,7 +718,7 @@ If you are deploying multiple releases of the Helm chart in the same cluster you ```yaml operator: - enabled: true + enabled: true ``` ### `operator.image` @@ -752,10 +752,10 @@ Kubernetes labels which should be applied to the `Deployment` created by the cha `values.yaml` example: ```yaml - operator: - labels: - deployment: - label: value + operator: + labels: + deployment: + label: value ``` ### `operator.labels.pod` @@ -771,10 +771,10 @@ Kubernetes labels which should be applied to the `Pod` created by the chart. `values.yaml` example: ```yaml - operator: - labels: - pod: - label: value + operator: + labels: + pod: + label: value ``` ### `operator.resources` From db32f88e706268d26eb6995be740cbf26c0d69d3 Mon Sep 17 00:00:00 2001 From: Tiago Silva Date: Mon, 2 Dec 2024 15:28:19 +0000 Subject: [PATCH 3/3] fix typo --- .../zz_generated.teleport-operator.mdx | 20 +++++++++++++++++++ .../teleport-operator/.lint/labels.yaml | 3 +++ .../templates/deployment.yaml | 1 + .../tests/deployment_test.yaml | 2 +- .../tests/predeploy_test.yaml | 2 +- 5 files changed, 26 insertions(+), 2 deletions(-) diff --git a/docs/pages/includes/helm-reference/zz_generated.teleport-operator.mdx b/docs/pages/includes/helm-reference/zz_generated.teleport-operator.mdx index a371f03c0e77c..72af53e160f34 100644 --- a/docs/pages/includes/helm-reference/zz_generated.teleport-operator.mdx +++ b/docs/pages/includes/helm-reference/zz_generated.teleport-operator.mdx @@ -149,6 +149,26 @@ put on the `Pod` resources created by the chart. `annotations.serviceAccount` contains the Kubernetes annotations put on the `Deployment` resource created by the chart. +## `annotations` + +### `labels.deployment` + +| Type | Default | +|------|---------| +| `object` | `{}` | + +`labels.deployment` contains the Kubernetes labels +put on the `Deployment` resource created by the chart. + +### `labels.pod` + +| Type | Default | +|------|---------| +| `object` | `{}` | + +`labels.pod` contains the Kubernetes labels +put on the `Pod` resources created by the chart. + ## `serviceAccount` ### `serviceAccount.create` diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/.lint/labels.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/.lint/labels.yaml index b9a12e51e84ea..15d33de282dfa 100644 --- a/examples/chart/teleport-cluster/charts/teleport-operator/.lint/labels.yaml +++ b/examples/chart/teleport-cluster/charts/teleport-operator/.lint/labels.yaml @@ -5,3 +5,6 @@ labels: pod: kubernetes.io/pod: "test-label" kubernetes.io/pod-different: 4 +teleportAddress: "example.teleport.sh:443" +token: "my-operator-bot" +teleportClusterName: "example.teleport.sh" diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/templates/deployment.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/templates/deployment.yaml index c7bebcda8315c..ae0395a1c6bd8 100644 --- a/examples/chart/teleport-cluster/charts/teleport-operator/templates/deployment.yaml +++ b/examples/chart/teleport-cluster/charts/teleport-operator/templates/deployment.yaml @@ -9,6 +9,7 @@ metadata: {{- if .Values.labels.deployment }} {{- toYaml .Values.labels.deployment | nindent 4 }} {{- end }} + {{- if .Values.annotations.deployment }} annotations: {{- toYaml .Values.annotations.deployment | nindent 4 }} {{- end }} spec: diff --git a/examples/chart/teleport-cluster/charts/teleport-operator/tests/deployment_test.yaml b/examples/chart/teleport-cluster/charts/teleport-operator/tests/deployment_test.yaml index 6387c75c4101b..ca261d8056be4 100644 --- a/examples/chart/teleport-cluster/charts/teleport-operator/tests/deployment_test.yaml +++ b/examples/chart/teleport-cluster/charts/teleport-operator/tests/deployment_test.yaml @@ -61,7 +61,7 @@ tests: - it: sets labels when specified values: - - ../.lint/deployment.yaml + - ../.lint/labels.yaml asserts: # Pod labels - equal: diff --git a/examples/chart/teleport-cluster/tests/predeploy_test.yaml b/examples/chart/teleport-cluster/tests/predeploy_test.yaml index c4892a65b43f2..7481cae5217df 100644 --- a/examples/chart/teleport-cluster/tests/predeploy_test.yaml +++ b/examples/chart/teleport-cluster/tests/predeploy_test.yaml @@ -201,7 +201,7 @@ tests: jobPod: foo: bar baz: override-me - auth: + proxy: extraLabels: jobPod: baz: overridden