From 693886cd08a0cb242523720f031c0787c9fb5086 Mon Sep 17 00:00:00 2001 From: Nicolas Lamirault Date: Fri, 8 Aug 2025 18:59:41 +0200 Subject: [PATCH] feat: Kubernetes recommended labels Signed-off-by: Nicolas Lamirault --- helm/templates/_helpers.tpl | 24 +++++++++++++++++++ helm/templates/caches-role-binding.yaml | 14 ++--------- helm/templates/caches-role.yaml | 16 +++---------- helm/templates/cluster-role-binding.yaml | 16 +++---------- helm/templates/cluster-role-controller.yaml | 16 +++---------- helm/templates/deployment.yaml | 17 ++++--------- .../leader-election-role-binding.yaml | 8 +------ helm/templates/leader-election-role.yaml | 7 +----- helm/templates/metrics-service.yaml | 12 ++-------- helm/templates/role-reader.yaml | 7 +----- helm/templates/role-writer.yaml | 7 +----- helm/templates/service-account.yaml | 7 +----- helm/values.yaml | 15 ++++++++---- 13 files changed, 56 insertions(+), 110 deletions(-) diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl index 16f0fe5..2fc7bf9 100644 --- a/helm/templates/_helpers.tpl +++ b/helm/templates/_helpers.tpl @@ -26,6 +26,30 @@ If release name contains chart name it will be used as a full name. {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} +{{/* +Common labels +*/}} +{{- define "ack-s3-controller.labels" -}} +helm.sh/chart: {{ include "ack-s3-controller.chart.name-version" $ }} +{{ include "ack-s3-controller.selectorLabels" $ }} +app.kubernetes.io/component: s3-controller +app.kubernetes.io/managed-by: Helm +app.kubernetes.io/part-of: ack-s3-controller +app.kubernetes.io/version: {{ $.Chart.AppVersion | quote }} +k8s-app: {{ include "ack-s3-controller.app.name" $ }} +{{- if .Values.additionalLabels }} +{{ toYaml $.Values.additionalLabels $ }} +{{- end }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ack-s3-controller.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ack-s3-controller.app.name" . }} +app.kubernetes.io/instance: {{ $.Release.Name }} +{{- end }} + {{/* The name of the service account to use */}} {{- define "ack-s3-controller.service-account.name" -}} {{ default "default" .Values.serviceAccount.name }} diff --git a/helm/templates/caches-role-binding.yaml b/helm/templates/caches-role-binding.yaml index f7968f9..e69b9e3 100644 --- a/helm/templates/caches-role-binding.yaml +++ b/helm/templates/caches-role-binding.yaml @@ -3,12 +3,7 @@ kind: ClusterRoleBinding metadata: name: {{ include "ack-s3-controller.app.fullname" . }}-namespace-caches labels: - app.kubernetes.io/name: {{ include "ack-s3-controller.app.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} - k8s-app: {{ include "ack-s3-controller.app.name" . }} - helm.sh/chart: {{ include "ack-s3-controller.chart.name-version" . }} + {{- include "ack-s3-controller.labels" . | nindent 4 }} roleRef: kind: ClusterRole apiGroup: rbac.authorization.k8s.io @@ -24,12 +19,7 @@ metadata: name: {{ include "ack-s3-controller.app.fullname" . }}-configmaps-cache namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: {{ include "ack-s3-controller.app.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} - k8s-app: {{ include "ack-s3-controller.app.name" . }} - helm.sh/chart: {{ include "ack-s3-controller.chart.name-version" . }} + {{- include "ack-s3-controller.labels" . | nindent 4 }} roleRef: kind: Role apiGroup: rbac.authorization.k8s.io diff --git a/helm/templates/caches-role.yaml b/helm/templates/caches-role.yaml index d0e9339..1a28efc 100644 --- a/helm/templates/caches-role.yaml +++ b/helm/templates/caches-role.yaml @@ -3,12 +3,7 @@ kind: ClusterRole metadata: name: {{ include "ack-s3-controller.app.fullname" . }}-namespaces-cache labels: - app.kubernetes.io/name: {{ include "ack-s3-controller.app.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} - k8s-app: {{ include "ack-s3-controller.app.name" . }} - helm.sh/chart: {{ include "ack-s3-controller.chart.name-version" . }} + {{- include "ack-s3-controller.labels" . | nindent 4 }} rules: - apiGroups: - "" @@ -25,12 +20,7 @@ metadata: name: {{ include "ack-s3-controller.app.fullname" . }}-configmaps-cache namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: {{ include "ack-s3-controller.app.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} - k8s-app: {{ include "ack-s3-controller.app.name" . }} - helm.sh/chart: {{ include "ack-s3-controller.chart.name-version" . }} + {{- include "ack-s3-controller.labels" . | nindent 4 }} rules: - apiGroups: - "" @@ -39,4 +29,4 @@ rules: verbs: - get - list - - watch \ No newline at end of file + - watch diff --git a/helm/templates/cluster-role-binding.yaml b/helm/templates/cluster-role-binding.yaml index 9df2783..036d13d 100644 --- a/helm/templates/cluster-role-binding.yaml +++ b/helm/templates/cluster-role-binding.yaml @@ -4,12 +4,7 @@ kind: ClusterRoleBinding metadata: name: {{ include "ack-s3-controller.app.fullname" . }}-rolebinding labels: - app.kubernetes.io/name: {{ include "ack-s3-controller.app.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} - k8s-app: {{ include "ack-s3-controller.app.name" . }} - helm.sh/chart: {{ include "ack-s3-controller.chart.name-version" . }} + {{- include "ack-s3-controller.labels" $ | nindent 4 }} roleRef: kind: ClusterRole apiGroup: rbac.authorization.k8s.io @@ -34,12 +29,7 @@ metadata: name: {{ $fullname }}-{{ . }} namespace: {{ . }} labels: - app.kubernetes.io/name: {{ $fullname }} - app.kubernetes.io/instance: {{ $.Release.Name }} - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/version: {{ $appVersion }} - k8s-app: {{ $fullname }} - helm.sh/chart: {{ $chartVersion }} + {{- include "ack-s3-controller.labels" $ | nindent 4 }} roleRef: kind: Role apiGroup: rbac.authorization.k8s.io @@ -49,4 +39,4 @@ subjects: name: {{ $serviceAccountName }} namespace: {{ $releaseNamespace }} {{ end }} -{{ end }} \ No newline at end of file +{{ end }} diff --git a/helm/templates/cluster-role-controller.yaml b/helm/templates/cluster-role-controller.yaml index 7b941a0..89303c6 100644 --- a/helm/templates/cluster-role-controller.yaml +++ b/helm/templates/cluster-role-controller.yaml @@ -9,12 +9,7 @@ kind: ClusterRole metadata: name: {{ include "ack-s3-controller.app.fullname" . }} labels: - app.kubernetes.io/name: {{ include "ack-s3-controller.app.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} - k8s-app: {{ include "ack-s3-controller.app.name" . }} - helm.sh/chart: {{ include "ack-s3-controller.chart.name-version" . }} + {{- include "ack-s3-controller.labels" $ | nindent 4 }} {{- range $key, $value := $labels }} {{ $key }}: {{ $value | quote }} {{- end }} @@ -30,15 +25,10 @@ metadata: name: {{ $fullname }}-{{ . }} namespace: {{ . }} labels: - app.kubernetes.io/name: {{ $fullname }} - app.kubernetes.io/instance: {{ $.Release.Name }} - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/version: {{ $appVersion }} - k8s-app: {{ $fullname }} - helm.sh/chart: {{ $chartVersion }} + {{- include "ack-s3-controller.labels" $ | nindent 4 }} {{- range $key, $value := $labels }} {{ $key }}: {{ $value | quote }} {{- end }} {{ $rbacRules }} {{ end }} -{{ end }} \ No newline at end of file +{{ end }} diff --git a/helm/templates/deployment.yaml b/helm/templates/deployment.yaml index 6847669..629db20 100644 --- a/helm/templates/deployment.yaml +++ b/helm/templates/deployment.yaml @@ -4,18 +4,12 @@ metadata: name: {{ include "ack-s3-controller.app.fullname" . }} namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: {{ include "ack-s3-controller.app.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} - k8s-app: {{ include "ack-s3-controller.app.name" . }} - helm.sh/chart: {{ include "ack-s3-controller.chart.name-version" . }} + {{- include "ack-s3-controller.labels" . | nindent 4 }} spec: replicas: {{ .Values.deployment.replicas }} selector: matchLabels: - app.kubernetes.io/name: {{ include "ack-s3-controller.app.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} + {{- include "ack-s3-controller.selectorLabels" . | nindent 6 }} template: metadata: {{- if .Values.deployment.annotations }} @@ -25,10 +19,7 @@ spec: {{- end }} {{- end }} labels: - app.kubernetes.io/name: {{ include "ack-s3-controller.app.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: Helm - k8s-app: {{ include "ack-s3-controller.app.name" . }} + {{- include "ack-s3-controller.labels" . | nindent 8 }} {{- range $key, $value := .Values.deployment.labels }} {{ $key }}: {{ $value | quote }} {{- end }} @@ -148,7 +139,7 @@ spec: {{- if .Values.deployment.extraEnvVars -}} {{ toYaml .Values.deployment.extraEnvVars | nindent 8 }} {{- end }} - {{- if or .Values.aws.credentials.secretName .Values.deployment.extraVolumeMounts }} + {{- if or .Values.aws.credentials.secretName .Values.deployment.extraVolumeMounts }} volumeMounts: {{- if .Values.aws.credentials.secretName }} - name: {{ .Values.aws.credentials.secretName }} diff --git a/helm/templates/leader-election-role-binding.yaml b/helm/templates/leader-election-role-binding.yaml index c4916e1..1dcaffa 100644 --- a/helm/templates/leader-election-role-binding.yaml +++ b/helm/templates/leader-election-role-binding.yaml @@ -9,13 +9,7 @@ metadata: namespace: {{ .Release.Namespace }} {{ end }} labels: - app.kubernetes.io/name: {{ include "ack-s3-controller.app.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} - k8s-app: {{ include "ack-s3-controller.app.name" . }} - helm.sh/chart: {{ include "ack-s3-controller.chart.name-version" . }} -roleRef: + {{- include "ack-s3-controller.labels" $ | nindent 4 }} apiGroup: rbac.authorization.k8s.io kind: Role name: {{ include "ack-s3-controller.app.fullname" . }}-leaderelection diff --git a/helm/templates/leader-election-role.yaml b/helm/templates/leader-election-role.yaml index e668a0e..b2bf3e3 100644 --- a/helm/templates/leader-election-role.yaml +++ b/helm/templates/leader-election-role.yaml @@ -9,12 +9,7 @@ metadata: namespace: {{ .Release.Namespace }} {{ end }} labels: - app.kubernetes.io/name: {{ include "ack-s3-controller.app.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} - k8s-app: {{ include "ack-s3-controller.app.name" . }} - helm.sh/chart: {{ include "ack-s3-controller.chart.name-version" . }} + {{- include "ack-s3-controller.labels" $ | nindent 4 }} rules: - apiGroups: - coordination.k8s.io diff --git a/helm/templates/metrics-service.yaml b/helm/templates/metrics-service.yaml index 388e770..8dc2db5 100644 --- a/helm/templates/metrics-service.yaml +++ b/helm/templates/metrics-service.yaml @@ -5,18 +5,10 @@ metadata: name: {{ .Chart.Name | trimSuffix "-chart" | trunc 44 }}-controller-metrics namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: {{ include "ack-s3-controller.app.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} - k8s-app: {{ include "ack-s3-controller.app.name" . }} - helm.sh/chart: {{ include "ack-s3-controller.chart.name-version" . }} + {{- include "ack-s3-controller.labels" $ | nindent 4 }} spec: selector: - app.kubernetes.io/name: {{ include "ack-s3-controller.app.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: Helm - k8s-app: {{ include "ack-s3-controller.app.name" . }} + {{- include "ack-s3-controller.selectorLabels" $ | nindent 4 }} {{- range $key, $value := .Values.deployment.labels }} {{ $key }}: {{ $value | quote }} {{- end }} diff --git a/helm/templates/role-reader.yaml b/helm/templates/role-reader.yaml index 8378978..19ebbc2 100644 --- a/helm/templates/role-reader.yaml +++ b/helm/templates/role-reader.yaml @@ -6,12 +6,7 @@ metadata: name: {{ include "ack-s3-controller.app.fullname" . }}-reader namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: {{ include "ack-s3-controller.app.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} - k8s-app: {{ include "ack-s3-controller.app.name" . }} - helm.sh/chart: {{ include "ack-s3-controller.chart.name-version" . }} + {{- include "ack-s3-controller.labels" $ | nindent 4 }} rules: - apiGroups: - s3.services.k8s.aws diff --git a/helm/templates/role-writer.yaml b/helm/templates/role-writer.yaml index aa7026a..ac7fe1a 100644 --- a/helm/templates/role-writer.yaml +++ b/helm/templates/role-writer.yaml @@ -6,12 +6,7 @@ metadata: name: {{ include "ack-s3-controller.app.fullname" . }}-writer namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: {{ include "ack-s3-controller.app.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} - k8s-app: {{ include "ack-s3-controller.app.name" . }} - helm.sh/chart: {{ include "ack-s3-controller.chart.name-version" . }} + {{- include "ack-s3-controller.labels" $ | nindent 4 }} rules: - apiGroups: - s3.services.k8s.aws diff --git a/helm/templates/service-account.yaml b/helm/templates/service-account.yaml index 983eb9a..98ac8ca 100644 --- a/helm/templates/service-account.yaml +++ b/helm/templates/service-account.yaml @@ -3,12 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: labels: - app.kubernetes.io/name: {{ include "ack-s3-controller.app.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} - k8s-app: {{ include "ack-s3-controller.app.name" . }} - helm.sh/chart: {{ include "ack-s3-controller.chart.name-version" . }} + {{- include "ack-s3-controller.labels" $ | nindent 4 }} name: {{ include "ack-s3-controller.service-account.name" . }} namespace: {{ .Release.Namespace }} annotations: diff --git a/helm/values.yaml b/helm/values.yaml index ba89388..2eb9b34 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -11,6 +11,11 @@ image: nameOverride: "" fullnameOverride: "" +# Common labels to add to all resources. +additionalLabels: {} +# app: my-app + + deployment: annotations: {} labels: {} @@ -114,7 +119,7 @@ installScope: cluster watchNamespace: "" # Set the value of labelsSelectors to be used by the controller to filter the resources to watch. -# You can set multiple labelsSelectors by providing a comma separated list of a=b arguments. e.g "label1=value1,label2=value2" +# You can set multiple labelsSelectors by providing a comma separated list of a=b arguments. e.g "label1=value1,label2=value2" watchSelectors: "" resourceTags: @@ -140,7 +145,7 @@ reconcile: # An object representing the reconcile max concurrent syncs configuration for each specific # resource. resourceMaxConcurrentSyncs: {} - + # Set the value of resources to specify which resource kinds to reconcile. # If empty, all resources will be reconciled. # If specified, only the listed resource kinds will be reconciled. @@ -175,7 +180,7 @@ featureGates: ServiceLevelCARM: false # Enables the Team level granularity for CARM. See https://github.com/aws-controllers-k8s/community/issues/2031 TeamLevelCARM: false - # Enable ReadOnlyResources feature/annotation. + # Enable ReadOnlyResources feature/annotation. ReadOnlyResources: false - # Enable ResourceAdoption feature/annotation. - ResourceAdoption: false \ No newline at end of file + # Enable ResourceAdoption feature/annotation. + ResourceAdoption: false