From 8aa2670ef3fe2f1711d8f1eaf0db47ae0b00d607 Mon Sep 17 00:00:00 2001 From: Nicolas Lamirault Date: Mon, 23 Oct 2023 18:37:13 +0200 Subject: [PATCH] Update: use core and ui labels. - Use the recommanded label app.kubernetes.io/component for Core and UI resources. - Fix: UI Rbac and secrets resources only generate when webui.enabled is true Signed-off-by: Nicolas Lamirault --- .../templates/deployment-ui.yaml | 28 ++++++++----------- .../falcosidekick/templates/deployment.yaml | 3 ++ .../falcosidekick/templates/ingress-ui.yaml | 6 ++-- charts/falcosidekick/templates/rbac-ui.yaml | 2 ++ .../falcosidekick/templates/secrets-ui.yaml | 14 ++++------ .../falcosidekick/templates/service-ui.yaml | 20 ++++++------- charts/falcosidekick/templates/service.yaml | 2 +- .../templates/servicemonitor.yaml | 3 +- 8 files changed, 35 insertions(+), 43 deletions(-) diff --git a/charts/falcosidekick/templates/deployment-ui.yaml b/charts/falcosidekick/templates/deployment-ui.yaml index 205a51008..582884cf7 100644 --- a/charts/falcosidekick/templates/deployment-ui.yaml +++ b/charts/falcosidekick/templates/deployment-ui.yaml @@ -11,10 +11,8 @@ metadata: name: {{ include "falcosidekick.fullname" . }}-ui namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: {{ include "falcosidekick.name" . }}-ui - helm.sh/chart: {{ include "falcosidekick.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }}-ui - app.kubernetes.io/managed-by: {{ .Release.Service }} + {{- include "falcosidekick.labels" . | nindent 4 }} + app.kubernetes.io/component: ui spec: replicas: {{ .Values.webui.replicaCount }} {{- if .Values.webui.revisionHistoryLimit }} @@ -22,13 +20,13 @@ spec: {{- end }} selector: matchLabels: - app.kubernetes.io/name: {{ include "falcosidekick.name" . }}-ui - app.kubernetes.io/instance: {{ .Release.Name }}-ui + {{- include "falcosidekick.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: ui template: metadata: labels: - app.kubernetes.io/name: {{ include "falcosidekick.name" . }}-ui - app.kubernetes.io/instance: {{ .Release.Name }}-ui + {{- include "falcosidekick.labels" . | nindent 8 }} + app.kubernetes.io/component: ui {{- if .Values.webui.podLabels }} {{ toYaml .Values.webui.podLabels | indent 8 }} {{- end }} @@ -125,22 +123,20 @@ metadata: name: {{ include "falcosidekick.fullname" . }}-ui-redis namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: {{ include "falcosidekick.name" . }}-ui-redis - helm.sh/chart: {{ include "falcosidekick.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }}-ui - app.kubernetes.io/managed-by: {{ .Release.Service }} + {{- include "falcosidekick.labels" . | nindent 4 }} + app.kubernetes.io/component: ui-redis spec: replicas: 1 serviceName: {{ include "falcosidekick.fullname" . }}-ui-redis selector: matchLabels: - app.kubernetes.io/name: {{ include "falcosidekick.name" . }}-ui-redis - app.kubernetes.io/instance: {{ .Release.Name }}-ui-redis + {{- include "falcosidekick.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: ui-redis template: metadata: labels: - app.kubernetes.io/name: {{ include "falcosidekick.name" . }}-ui-redis - app.kubernetes.io/instance: {{ .Release.Name }}-ui-redis + {{- include "falcosidekick.labels" . | nindent 8 }} + app.kubernetes.io/component: ui-redis {{- if .Values.webui.redis.podLabels }} {{ toYaml .Values.webui.redis.podLabels | indent 8 }} {{- end }} diff --git a/charts/falcosidekick/templates/deployment.yaml b/charts/falcosidekick/templates/deployment.yaml index da8f4acc3..cbf0b7f6e 100644 --- a/charts/falcosidekick/templates/deployment.yaml +++ b/charts/falcosidekick/templates/deployment.yaml @@ -6,6 +6,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: {{- include "falcosidekick.labels" . | nindent 4 }} + app.kubernetes.io/component: core spec: replicas: {{ .Values.replicaCount }} {{- if .Values.revisionHistoryLimit }} @@ -14,10 +15,12 @@ spec: selector: matchLabels: {{- include "falcosidekick.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: core template: metadata: labels: {{- include "falcosidekick.labels" . | nindent 8 }} + app.kubernetes.io/component: core {{- if and .Values.config.azure.podIdentityClientID .Values.config.azure.podIdentityName }} aadpodidbinding: {{ include "falcosidekick.fullname" . }} {{- end }} diff --git a/charts/falcosidekick/templates/ingress-ui.yaml b/charts/falcosidekick/templates/ingress-ui.yaml index 1d4bd3de0..5c695f487 100644 --- a/charts/falcosidekick/templates/ingress-ui.yaml +++ b/charts/falcosidekick/templates/ingress-ui.yaml @@ -9,10 +9,8 @@ metadata: name: {{ $fullName }}-ui namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: {{ include "falcosidekick.name" . }}-ui - helm.sh/chart: {{ include "falcosidekick.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }}-ui - app.kubernetes.io/managed-by: {{ .Release.Service }} + {{- include "falcosidekick.labels" . | nindent 4 }} + app.kubernetes.io/component: ui {{- with .Values.webui.ingress.annotations }} annotations: {{- toYaml . | nindent 4 }} diff --git a/charts/falcosidekick/templates/rbac-ui.yaml b/charts/falcosidekick/templates/rbac-ui.yaml index 6797a6c65..6a3c0d1f4 100644 --- a/charts/falcosidekick/templates/rbac-ui.yaml +++ b/charts/falcosidekick/templates/rbac-ui.yaml @@ -1,3 +1,4 @@ +{{- if .Values.webui.enabled -}} --- apiVersion: v1 kind: ServiceAccount @@ -33,3 +34,4 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "falcosidekick.fullname" . }}-ui +{{- end }} diff --git a/charts/falcosidekick/templates/secrets-ui.yaml b/charts/falcosidekick/templates/secrets-ui.yaml index 5e2cfaee4..225f134c8 100644 --- a/charts/falcosidekick/templates/secrets-ui.yaml +++ b/charts/falcosidekick/templates/secrets-ui.yaml @@ -1,3 +1,4 @@ +{{- if .Values.webui.enabled -}} {{- if eq .Values.webui.existingSecret "" }} --- apiVersion: v1 @@ -6,10 +7,8 @@ metadata: name: {{ include "falcosidekick.fullname" . }}-ui namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: {{ include "falcosidekick.name" . }}-ui - helm.sh/chart: {{ include "falcosidekick.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} + {{- include "falcosidekick.labels" . | nindent 4 }} + app.kubernetes.io/component: ui type: Opaque data: {{- if .Values.webui.user }} @@ -27,13 +26,12 @@ metadata: name: {{ include "falcosidekick.fullname" . }}-ui-redis namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: {{ include "falcosidekick.name" . }}-ui - helm.sh/chart: {{ include "falcosidekick.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} + {{- include "falcosidekick.labels" . | nindent 4 }} + app.kubernetes.io/component: ui type: Opaque data: {{- if .Values.webui.redis.password }} REDIS_ARGS: "{{ printf "--requirepass %s" .Values.webui.redis.password | b64enc}}" {{- end }} +{{- end }} {{- end }} \ No newline at end of file diff --git a/charts/falcosidekick/templates/service-ui.yaml b/charts/falcosidekick/templates/service-ui.yaml index d9946480a..0ba7469c4 100644 --- a/charts/falcosidekick/templates/service-ui.yaml +++ b/charts/falcosidekick/templates/service-ui.yaml @@ -6,10 +6,8 @@ metadata: name: {{ include "falcosidekick.fullname" . }}-ui namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: {{ include "falcosidekick.name" . }}-ui - helm.sh/chart: {{ include "falcosidekick.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }}-ui - app.kubernetes.io/managed-by: {{ .Release.Service }} + {{- include "falcosidekick.labels" . | nindent 4 }} + app.kubernetes.io/component: ui {{- with .Values.webui.service.annotations }} annotations: {{- toYaml . | nindent 4 }} @@ -25,8 +23,8 @@ spec: protocol: TCP name: http selector: - app.kubernetes.io/name: {{ include "falcosidekick.name" . }}-ui - app.kubernetes.io/instance: {{ .Release.Name }}-ui + {{- include "falcosidekick.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: ui {{- if .Values.webui.redis.enabled }} --- apiVersion: v1 @@ -35,10 +33,8 @@ metadata: name: {{ include "falcosidekick.fullname" . }}-ui-redis namespace: {{ .Release.Namespace }} labels: - app.kubernetes.io/name: {{ include "falcosidekick.name" . }}-ui-redis - helm.sh/chart: {{ include "falcosidekick.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }}-ui - app.kubernetes.io/managed-by: {{ .Release.Service }} + {{- include "falcosidekick.labels" . | nindent 4 }} + app.kubernetes.io/component: ui {{- with .Values.webui.redis.service.annotations }} annotations: {{- toYaml . | nindent 4 }} @@ -51,7 +47,7 @@ spec: protocol: TCP name: redis selector: - app.kubernetes.io/name: {{ include "falcosidekick.name" . }}-ui-redis - app.kubernetes.io/instance: {{ .Release.Name }}-ui-redis + {{- include "falcosidekick.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: ui-redis {{- end }} {{- end }} diff --git a/charts/falcosidekick/templates/service.yaml b/charts/falcosidekick/templates/service.yaml index e39a5982d..290083b70 100644 --- a/charts/falcosidekick/templates/service.yaml +++ b/charts/falcosidekick/templates/service.yaml @@ -25,6 +25,6 @@ spec: protocol: TCP name: http-notls {{- end }} - selector: {{- include "falcosidekick.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: core diff --git a/charts/falcosidekick/templates/servicemonitor.yaml b/charts/falcosidekick/templates/servicemonitor.yaml index 08142c9d2..ac73e3e9b 100644 --- a/charts/falcosidekick/templates/servicemonitor.yaml +++ b/charts/falcosidekick/templates/servicemonitor.yaml @@ -21,6 +21,5 @@ spec: {{- end }} selector: matchLabels: - app.kubernetes.io/name: {{ include "falcosidekick.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} + {{- include "falcosidekick.selectorLabels" . | nindent 6 }} {{- end }} \ No newline at end of file