K8SPG-487: add global annotations and labels for cr.yaml

deploy/cr.yaml

@@ -7,6 +7,11 @@ metadata:
 #  - percona.com/delete-ssl
 spec:
   crVersion: 2.6.0
+#  metadata:
+#    annotations:
+#      test-annotation: value
+#    labels:
+#      test-label: value
 #  secrets:
 #    customRootCATLSSecret:
 #      name: cluster1-ca-cert

e2e-tests/tests/init-deploy/01-create-cluster.yaml

@@ -8,4 +8,7 @@ commands:
 
       source ../../functions
 
-      get_cr | kubectl -n "${NAMESPACE}" apply -f -
+      get_cr \
+        | yq '.spec.metadata.labels.test-label = "test"' \
+        | yq '.spec.metadata.annotations.test-annotation = "test"' \
+        | kubectl -n "${NAMESPACE}" apply -f -

e2e-tests/tests/init-deploy/05-assert.yaml

@@ -0,0 +1,231 @@
+apiVersion: kuttl.dev/v1beta1
+kind: TestAssert
+timeout: 300
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  annotations:
+    test-annotation: test
+  labels:
+    app.kubernetes.io/instance: init-deploy
+    app.kubernetes.io/managed-by: percona-postgresql-operator
+    app.kubernetes.io/name: percona-postgresql
+    app.kubernetes.io/part-of: percona-postgresql
+    pgv2.percona.com/version: 2.6.0
+    postgres-operator.crunchydata.com/cluster: init-deploy
+    postgres-operator.crunchydata.com/pgbackrest: ""
+    postgres-operator.crunchydata.com/pgbackrest-config: ""
+    test-label: test
+  name: init-deploy-pgbackrest
+type: Opaque
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  annotations:
+    test-annotation: test
+  labels:
+    app.kubernetes.io/instance: init-deploy
+    app.kubernetes.io/managed-by: percona-postgresql-operator
+    app.kubernetes.io/name: percona-postgresql
+    app.kubernetes.io/part-of: percona-postgresql
+    postgres-operator.crunchydata.com/cluster: init-deploy
+    postgres-operator.crunchydata.com/cluster-certificate: replication-client-tls
+    test-label: test
+  name: init-deploy-replication-cert
+type: Opaque
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  annotations:
+    test-annotation: test
+  labels:
+    app.kubernetes.io/instance: init-deploy
+    app.kubernetes.io/managed-by: percona-postgresql-operator
+    app.kubernetes.io/name: percona-postgresql
+    app.kubernetes.io/part-of: percona-postgresql
+    postgres-operator.crunchydata.com/cluster: init-deploy
+    postgres-operator.crunchydata.com/pguser: postgres
+    postgres-operator.crunchydata.com/role: pguser
+    test-label: test
+  name: init-deploy-pguser-postgres
+type: Opaque
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  annotations:
+    test-annotation: test
+  labels:
+    app.kubernetes.io/instance: init-deploy
+    app.kubernetes.io/managed-by: percona-postgresql-operator
+    app.kubernetes.io/name: percona-postgresql
+    app.kubernetes.io/part-of: percona-postgresql
+    postgres-operator.crunchydata.com/cluster: init-deploy
+    postgres-operator.crunchydata.com/pguser: init-deploy
+    postgres-operator.crunchydata.com/role: pguser
+    test-label: test
+  name: init-deploy-pguser-init-deploy
+type: Opaque
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  annotations:
+    test-annotation: test
+  labels:
+    app.kubernetes.io/component: pgbouncer
+    app.kubernetes.io/instance: init-deploy
+    app.kubernetes.io/managed-by: percona-postgresql-operator
+    app.kubernetes.io/name: percona-postgresql
+    app.kubernetes.io/part-of: percona-postgresql
+    pgv2.percona.com/version: 2.6.0
+    postgres-operator.crunchydata.com/cluster: init-deploy
+    postgres-operator.crunchydata.com/role: pgbouncer
+    test-label: test
+  name: init-deploy-pgbouncer
+type: Opaque
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  annotations:
+    test-annotation: test
+  labels:
+    app.kubernetes.io/instance: init-deploy
+    app.kubernetes.io/managed-by: percona-postgresql-operator
+    app.kubernetes.io/name: percona-postgresql
+    app.kubernetes.io/part-of: percona-postgresql
+    postgres-operator.crunchydata.com/cluster: init-deploy
+    postgres-operator.crunchydata.com/cluster-certificate: postgres-tls
+    test-label: test
+  name: init-deploy-cluster-cert
+type: Opaque
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  annotations:
+    test-annotation: test
+  labels:
+    test-label: test
+  name: init-deploy-cluster-ca-cert
+  ownerReferences:
+  - apiVersion: postgres-operator.crunchydata.com/v1beta1
+    kind: PostgresCluster
+    name: init-deploy
+type: Opaque
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  annotations:
+    test-annotation: test
+  labels:
+    postgres-operator.crunchydata.com/cluster: init-deploy
+    test-label: test
+  name: init-deploy-config
+  ownerReferences:
+  - apiVersion: postgres-operator.crunchydata.com/v1beta1
+    blockOwnerDeletion: true
+    controller: true
+    kind: PostgresCluster
+    name: init-deploy
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  annotations:
+    test-annotation: test
+  labels:
+    app.kubernetes.io/instance: init-deploy
+    app.kubernetes.io/managed-by: percona-postgresql-operator
+    app.kubernetes.io/name: percona-postgresql
+    app.kubernetes.io/part-of: percona-postgresql
+    pgv2.percona.com/version: 2.6.0
+    postgres-operator.crunchydata.com/cluster: init-deploy
+    postgres-operator.crunchydata.com/pgbackrest: ""
+    postgres-operator.crunchydata.com/pgbackrest-config: ""
+    test-label: test
+  name: init-deploy-pgbackrest-config
+  ownerReferences:
+  - apiVersion: postgres-operator.crunchydata.com/v1beta1
+    blockOwnerDeletion: true
+    controller: true
+    kind: PostgresCluster
+    name: init-deploy
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  annotations:
+    test-annotation: test
+  labels:
+    app.kubernetes.io/component: pgbouncer
+    app.kubernetes.io/instance: init-deploy
+    app.kubernetes.io/managed-by: percona-postgresql-operator
+    app.kubernetes.io/name: percona-postgresql
+    app.kubernetes.io/part-of: percona-postgresql
+    pgv2.percona.com/version: 2.6.0
+    postgres-operator.crunchydata.com/cluster: init-deploy
+    postgres-operator.crunchydata.com/role: pgbouncer
+    test-label: test
+  name: init-deploy-pgbouncer
+  ownerReferences:
+  - apiVersion: postgres-operator.crunchydata.com/v1beta1
+    blockOwnerDeletion: true
+    controller: true
+    kind: PostgresCluster
+    name: init-deploy
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  annotations:
+    test-annotation: test
+  generation: 1
+  labels:
+    app.kubernetes.io/instance: init-deploy
+    app.kubernetes.io/managed-by: percona-postgresql-operator
+    app.kubernetes.io/name: percona-postgresql
+    app.kubernetes.io/part-of: percona-postgresql
+    pgv2.percona.com/version: 2.6.0
+    postgres-operator.crunchydata.com/cluster: init-deploy
+    postgres-operator.crunchydata.com/data: pgbackrest
+    postgres-operator.crunchydata.com/pgbackrest: ""
+    postgres-operator.crunchydata.com/pgbackrest-dedicated: ""
+    test-label: test
+  name: init-deploy-repo-host
+  ownerReferences:
+  - apiVersion: postgres-operator.crunchydata.com/v1beta1
+    blockOwnerDeletion: true
+    controller: true
+    kind: PostgresCluster
+    name: init-deploy
+spec:
+  template:
+    metadata:
+      annotations:
+        test-annotation: test
+      labels:
+        app.kubernetes.io/instance: init-deploy
+        app.kubernetes.io/managed-by: percona-postgresql-operator
+        app.kubernetes.io/name: percona-postgresql
+        app.kubernetes.io/part-of: percona-postgresql
+        pgv2.percona.com/version: 2.6.0
+        postgres-operator.crunchydata.com/cluster: init-deploy
+        postgres-operator.crunchydata.com/data: pgbackrest
+        postgres-operator.crunchydata.com/pgbackrest: ""
+        postgres-operator.crunchydata.com/pgbackrest-dedicated: ""
+        test-label: test
+status:
+  availableReplicas: 1
+  collisionCount: 0
+  currentReplicas: 1
+  observedGeneration: 1
+  readyReplicas: 1
+  replicas: 1
+  updatedReplicas: 1
+

internal/controller/postgrescluster/pki.go

@@ -7,6 +7,7 @@ package postgrescluster
 import (
 	"context"
 
+	gover "github.com/hashicorp/go-version"
 	"github.com/pkg/errors"
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
@@ -109,6 +110,12 @@ func (r *Reconciler) reconcileRootCertificate(
 	intent.Data = make(map[string][]byte)
 	intent.ObjectMeta.OwnerReferences = existing.ObjectMeta.OwnerReferences
 
+	currVersion, err := gover.NewVersion(cluster.Labels[naming.LabelVersion])
+	if err == nil && currVersion.GreaterThanOrEqual(gover.Must(gover.NewVersion("2.6.0"))) && cluster.Spec.Metadata != nil {
+		intent.Labels = cluster.Spec.Metadata.Labels
+		intent.Annotations = cluster.Spec.Metadata.Annotations
+	}
+
 	// A root secret is scoped to the namespace where postgrescluster(s)
 	// are deployed. For operator deployments with postgresclusters in more than
 	// one namespace, there will be one root per namespace.

percona/controller/pgcluster/backup.go

@@ -185,6 +185,10 @@ func reconcileBackupJob(ctx context.Context, cl client.Client, cr *v2.PerconaPGC
 				RepoName:  repoName,
 			},
 		}
+		if cr.CompareVersion("2.6.0") >= 0 && cr.Spec.Metadata != nil {
+			pb.Annotations = naming.Merge(cr.Spec.Metadata.Annotations, pb.Annotations)
+			pb.Labels = cr.Spec.Metadata.Labels
+		}
 
 		err = cl.Create(ctx, pb)
 		if err != nil {

percona/controller/pgcluster/controller.go

@@ -369,6 +369,7 @@ func (r *PGClusterReconciler) reconcileOldCACert(ctx context.Context, cr *v2.Per
 			// K8SPG-555: We should create an empty secret with old name, so that crunchy part can populate it
 			// instead of creating secrets unique to the cluster
 			// TODO: remove when 2.4.0 will become unsupported
+
 			if err := r.Client.Create(ctx, oldCASecret); err != nil {
 				return errors.Wrap(err, "failed to create ca secret")
 			}
@@ -409,6 +410,12 @@ func (r *PGClusterReconciler) reconcileOldCACert(ctx context.Context, cr *v2.Per
 		if !k8serrors.IsNotFound(err) {
 			newCASecret.Data = oldCASecret.Data
 		}
+
+		if cr.CompareVersion("2.6.0") >= 0 && cr.Spec.Metadata != nil {
+			newCASecret.Annotations = cr.Spec.Metadata.Annotations
+			newCASecret.Labels = cr.Spec.Metadata.Labels
+		}
+
 		if err := r.Client.Create(ctx, newCASecret); err != nil {
 			return errors.Wrap(err, "failed to create updated CA secret")
 		}

percona/controller/pgcluster/restore.go

@@ -6,6 +6,7 @@ import (
 	k8serrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
+	"github.com/percona/percona-postgresql-operator/internal/naming"
 	pNaming "github.com/percona/percona-postgresql-operator/percona/naming"
 	v2 "github.com/percona/percona-postgresql-operator/pkg/apis/pgv2.percona.com/v2"
 )
@@ -41,6 +42,10 @@ func (r *PGClusterReconciler) createBootstrapRestoreObject(ctx context.Context,
 			RepoName:  repoName,
 		},
 	}
+	if cr.CompareVersion("2.6.0") >= 0 && cr.Spec.Metadata != nil {
+		pgr.Annotations = naming.Merge(cr.Spec.Metadata.Annotations, pgr.Annotations)
+		pgr.Labels = cr.Spec.Metadata.Labels
+	}
 
 	err := r.Client.Create(ctx, pgr)
 	if err != nil && !k8serrors.IsAlreadyExists(err) {

percona/controller/pgcluster/schedule.go

@@ -118,6 +118,11 @@ func (r *PGClusterReconciler) createScheduledBackup(log logr.Logger, backupName,
 		},
 	}
 
+	if pb.CompareVersion("2.6.0") >= 0 && cr.Spec.Metadata != nil {
+		pb.Annotations = cr.Spec.Metadata.Annotations
+		pb.Labels = cr.Spec.Metadata.Labels
+	}
+
 	err := r.Client.Create(ctx, pb)
 	if err != nil {
 		return errors.Wrapf(err, "failed to create PerconaPGBackup %s", backupName)