medik8s · Shai1-Levi · Jan 13, 2025 · Jan 14, 2025 · Jan 15, 2025 · Jan 16, 2025
diff --git a/bundle/manifests/node-maintenance-controller-manager-metrics-service_v1_service.yaml b/bundle/manifests/node-maintenance-controller-manager-metrics-service_v1_service.yaml
@@ -0,0 +1,21 @@
+apiVersion: v1
+kind: Service
+metadata:
+  creationTimestamp: null
+  labels:
+    app.kubernetes.io/component: controller-manager
+    app.kubernetes.io/name: node-maintenance-operator
+    node-maintenance-operator: ""
+  name: node-maintenance-controller-manager-metrics-service
+spec:
+  ports:
+  - name: https
+    port: 8443
+    protocol: TCP
+    targetPort: https
+  selector:
+    app.kubernetes.io/component: controller-manager
+    app.kubernetes.io/name: node-maintenance-operator
+    node-maintenance-operator: ""
+status:
+  loadBalancer: {}
diff --git a/....authorization.k8s.io_v1_clusterrole.yaml → ....authorization.k8s.io_v1_clusterrole.yaml b/....authorization.k8s.io_v1_clusterrole.yaml → ....authorization.k8s.io_v1_clusterrole.yaml
@@ -3,8 +3,9 @@ kind: ClusterRole
 metadata:
   creationTimestamp: null
   labels:
+    app.kubernetes.io/name: node-maintenance-operator
     node-maintenance-operator: ""
-  name: node-maintenance-operator-metrics-reader
+  name: node-maintenance-metrics-reader
 rules:
 - nonResourceURLs:
   - /metrics

diff --git a/...le/manifests/node-maintenance-operator-controller-manager-metrics-service_v1_service.yaml b/...le/manifests/node-maintenance-operator-controller-manager-metrics-service_v1_service.yaml
diff --git a/bundle/manifests/node-maintenance-operator.clusterserviceversion.yaml b/bundle/manifests/node-maintenance-operator.clusterserviceversion.yaml
@@ -202,25 +202,29 @@ spec:
           - subjectaccessreviews
           verbs:
           - create
-        serviceAccountName: node-maintenance-operator-controller-manager
+        serviceAccountName: node-maintenance-controller-manager
       deployments:
       - label:
-          control-plane: controller-manager
+          app.kubernetes.io/component: controller-manager
+          app.kubernetes.io/name: node-maintenance-operator
           node-maintenance-operator: ""
-        name: node-maintenance-operator-controller-manager
+        name: node-maintenance-controller-manager
         spec:
           replicas: 1
           selector:
             matchLabels:
-              control-plane: controller-manager
+              app.kubernetes.io/component: controller-manager
+              app.kubernetes.io/name: node-maintenance-operator
               node-maintenance-operator: ""
           strategy: {}
           template:
             metadata:
               annotations:
                 kubectl.kubernetes.io/default-container: manager
               labels:
-                control-plane: controller-manager
+                app.kubernetes.io/component: controller-manager
+                app.kubernetes.io/name: node-maintenance-operator
+                kubectl.kubernetes.io/default-container: manager
                 node-maintenance-operator: ""
             spec:
               affinity:
@@ -287,7 +291,7 @@ spec:
               priorityClassName: system-cluster-critical
               securityContext:
                 runAsNonRoot: true
-              serviceAccountName: node-maintenance-operator-controller-manager
+              serviceAccountName: node-maintenance-controller-manager
               terminationGracePeriodSeconds: 10
               tolerations:
               - effect: NoSchedule
@@ -335,7 +339,7 @@ spec:
           verbs:
           - create
           - patch
-        serviceAccountName: node-maintenance-operator-controller-manager
+        serviceAccountName: node-maintenance-controller-manager
     strategy: deployment
   installModes:
   - supported: false
@@ -369,7 +373,7 @@ spec:
   - admissionReviewVersions:
     - v1
     containerPort: 443
-    deploymentName: node-maintenance-operator-controller-manager
+    deploymentName: node-maintenance-controller-manager
     failurePolicy: Fail
     generateName: vnodemaintenance.kb.io
     rules:

diff --git a/...-operator-webhook-service_v1_service.yaml → ...intenance-webhook-service_v1_service.yaml b/...-operator-webhook-service_v1_service.yaml → ...intenance-webhook-service_v1_service.yaml
@@ -3,15 +3,17 @@ kind: Service
 metadata:
   creationTimestamp: null
   labels:
+    app.kubernetes.io/name: node-maintenance-operator
     node-maintenance-operator: ""
-  name: node-maintenance-operator-webhook-service
+  name: node-maintenance-webhook-service
 spec:
   ports:
   - port: 443
     protocol: TCP
     targetPort: 9443
   selector:
-    control-plane: controller-manager
+    app.kubernetes.io/component: controller-manager
+    app.kubernetes.io/name: node-maintenance-operator
     node-maintenance-operator: ""
 status:
   loadBalancer: {}
diff --git a/bundle/manifests/nodemaintenance.medik8s.io_nodemaintenances.yaml b/bundle/manifests/nodemaintenance.medik8s.io_nodemaintenances.yaml
@@ -5,6 +5,7 @@ metadata:
     controller-gen.kubebuilder.io/version: v0.14.0
   creationTimestamp: null
   labels:
+    app.kubernetes.io/name: node-maintenance-operator
     node-maintenance-operator: ""
   name: nodemaintenances.nodemaintenance.medik8s.io
 spec:

diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml
@@ -6,11 +6,13 @@ namespace: node-maintenance-operator-system
 # "wordpress" becomes "alices-wordpress".
 # Note that it should also match with the prefix (text before '-') of the namespace
 # field above.
-namePrefix: node-maintenance-operator-
+namePrefix: node-maintenance-
 
 # Labels to add to all resources and selectors.
+# Workaround: rename the deployment (by modifying namePrefix above)
 commonLabels:
   node-maintenance-operator: ""
+  app.kubernetes.io/name: node-maintenance-operator
 
 bases:
 - ../crd

diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml
@@ -2,7 +2,7 @@ apiVersion: v1
 kind: Namespace
 metadata:
   labels:
-    control-plane: controller-manager
+    app.kubernetes.io/component: controller-manager
   name: system
 ---
 apiVersion: apps/v1
@@ -11,18 +11,19 @@ metadata:
   name: controller-manager
   namespace: system
   labels:
-    control-plane: controller-manager
+    app.kubernetes.io/component: controller-manager
 spec:
   selector:
     matchLabels:
-      control-plane: controller-manager
+      app.kubernetes.io/component: controller-manager
   replicas: 1
   template:
     metadata:
       annotations:
         kubectl.kubernetes.io/default-container: manager
       labels:
-        control-plane: controller-manager
+        app.kubernetes.io/component: controller-manager
+        kubectl.kubernetes.io/default-container: manager
     spec:
       affinity:
         nodeAffinity:

diff --git a/config/prometheus/monitor.yaml b/config/prometheus/monitor.yaml
@@ -4,7 +4,7 @@ apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
   labels:
-    control-plane: controller-manager
+    app.kubernetes.io/component: controller-manager
   name: controller-manager-metrics-monitor
   namespace: system
 spec:
@@ -17,4 +17,4 @@ spec:
         insecureSkipVerify: true
   selector:
     matchLabels:
-      control-plane: controller-manager
+      app.kubernetes.io/component: controller-manager
diff --git a/config/rbac/auth_proxy_service.yaml b/config/rbac/auth_proxy_service.yaml
@@ -2,7 +2,7 @@ apiVersion: v1
 kind: Service
 metadata:
   labels:
-    control-plane: controller-manager
+    app.kubernetes.io/component: controller-manager
   name: controller-manager-metrics-service
   namespace: system
 spec:
@@ -12,4 +12,4 @@ spec:
     protocol: TCP
     targetPort: https
   selector:
-    control-plane: controller-manager
+    app.kubernetes.io/component: controller-manager
diff --git a/config/webhook/service.yaml b/config/webhook/service.yaml
@@ -10,4 +10,4 @@ spec:
       protocol: TCP
       targetPort: 9443
   selector:
-    control-plane: controller-manager
+    app.kubernetes.io/component: controller-manager
diff --git a/test/e2e/node_maintenance_test.go b/test/e2e/node_maintenance_test.go
@@ -179,6 +179,9 @@ var _ = Describe("Starting Maintenance", func() {
 			// it should be caused by the test deployment's termination graceperiod > drain timeout
 			Expect(getOperatorLogs()).To(ContainSubstring(nodemaintenance.FixedDurationReconcileLog))
 
+			//validate that operator controller pod have app.kubernetes.io/name label
+			Expect(validateOperatorCustomLabels()).To(BeTrue(), "operator custom label validation failed")
+
 			By("node should be unschedulable and tainted node")
 			node := &corev1.Node{}
 			err = Client.Get(context.TODO(), types.NamespacedName{Namespace: "", Name: maintenanceNodeName}, node)
@@ -419,6 +422,31 @@ func getOperatorPod() *corev1.Pod {
 	return &pods.Items[0]
 }
 
+func validateOperatorCustomLabels() bool {
+
+	podOperator := getOperatorPod()
+	podName := podOperator.ObjectMeta.Name
+
+	// Get the Pod
+	pod, err := KubeClient.CoreV1().Pods(operatorNsName).Get(context.TODO(), podName, metav1.GetOptions{})
+	//pod, err := KubeClient.CoreV1().Pods(operatorNsName).List(context.Background(), metav1.ListOptions{LabelSelector: "app.kubernetes.io/name="})
+
+	ExpectWithOffset(1, err).ToNot(HaveOccurred(), fmt.Sprintf("Failed to get pod '%s'", podName))
+
+	// Labels to check for
+	requiredKeys := []string{"app.kubernetes.io/name",
+		"app.kubernetes.io/component",
+		"kubectl.kubernetes.io/default-container"}
+
+	// Check if each label is present
+	for _, key := range requiredKeys {
+		_, exists := pod.Labels[key]
+		ExpectWithOffset(1, exists).Should(BeTrue(), fmt.Sprintf("Missing required label '%s' in pod '%s'", key, podName))
+	}
+
+	return true
+}
+
 func isTainted(node *corev1.Node) bool {
 	medik8sDrainTaint := corev1.Taint{
 		Key:    "medik8s.io/drain",