From 13ce605e98a5e66f61732dce7be6240a8aeb0ea9 Mon Sep 17 00:00:00 2001 From: Jacob Floyd Date: Thu, 24 Mar 2022 19:39:40 -0500 Subject: [PATCH 1/8] move labels and selectorLabels into helper templates --- templates/_helpers.tpl | 34 +++ templates/configmaps_packs.yaml | 8 +- templates/configmaps_post-start-script.yaml | 8 +- templates/configmaps_rbac.yaml | 24 +- templates/configmaps_st2-conf.yaml | 8 +- templates/configmaps_st2-urls.yaml | 8 +- templates/configmaps_st2web.yaml | 8 +- templates/deployments.yaml | 280 +++----------------- templates/ingress.yaml | 8 +- templates/jobs.yaml | 80 +----- templates/secrets_datastore_crypto_key.yaml | 8 +- templates/secrets_rabbitmq.yaml | 8 +- templates/secrets_ssh.yaml | 8 +- templates/secrets_st2apikeys.yaml | 8 +- templates/secrets_st2auth.yaml | 8 +- templates/secrets_st2chatops.yaml | 8 +- templates/secrets_st2kv.yaml | 8 +- templates/service-account.yaml | 6 +- templates/services.yaml | 60 +---- templates/tests/st2tests-configmap.yaml | 8 +- templates/tests/st2tests-pod.yaml | 8 +- 21 files changed, 115 insertions(+), 489 deletions(-) diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index 97bc6e67..bd26f238 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -5,6 +5,40 @@ Expand the name of the chart. {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} {{- end -}} +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "stackstorm-ha.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Common labels +Usage: "{{ include "stackstorm-ha.labels" "st2servicename" }}" +*/}} +{{- define "stackstorm-ha.labels" -}} +{{ include "stackstorm-ha.selectorLabels" . }} +{{- if list "st2web" "ingress" | has . }} +tier: frontend +{{- else if eq . "st2tests" }} +tier: tests +{{- else }} +tier: backend +{{- end }} +vendor: stackstorm +chart: {{ include "stackstorm-ha.chart" $ }} +heritage: {{ $.Release.Service }} +{{- end -}} + +{{/* +Selector labels +Usage: "{{ include "stackstorm-ha.selectorLabels" "st2servicename" }}" +*/}} +{{- define "stackstorm-ha.selectorLabels" -}} +app: {{ . }} +release: {{ $.Release.Name }} +{{- end -}} + {{/* Generate Docker image repository: Public Docker Hub 'stackstorm' for FOSS version */}} diff --git a/templates/configmaps_packs.yaml b/templates/configmaps_packs.yaml index c31dd487..c597acde 100644 --- a/templates/configmaps_packs.yaml +++ b/templates/configmaps_packs.yaml @@ -5,12 +5,6 @@ metadata: name: {{ .Release.Name }}-st2-pack-configs annotations: description: StackStorm pack configs defined in helm values, shipped in (or copied to) '/opt/stackstorm/configs/' - labels: - app: st2 - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} data: {{ toYaml .Values.st2.packs.configs | indent 2 }} diff --git a/templates/configmaps_post-start-script.yaml b/templates/configmaps_post-start-script.yaml index d1a203da..da9733c7 100644 --- a/templates/configmaps_post-start-script.yaml +++ b/templates/configmaps_post-start-script.yaml @@ -7,13 +7,7 @@ metadata: name: {{ $.Release.Name }}-{{ . }}-post-start-script annotations: description: Custom postStart lifecycle event handler script for {{ . }} - labels: - app: st2 - tier: backend - vendor: stackstorm - chart: {{ $.Chart.Name }}-{{ $.Chart.Version }} - release: {{ $.Release.Name }} - heritage: {{ $.Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} data: # k8s calls this script in parallel with starting {{ . }} (ie the same time as ENTRYPOINT) # The pod will not be marked as "running" until this script completes successfully. diff --git a/templates/configmaps_rbac.yaml b/templates/configmaps_rbac.yaml index 5c51db7f..f67d4943 100644 --- a/templates/configmaps_rbac.yaml +++ b/templates/configmaps_rbac.yaml @@ -6,13 +6,7 @@ metadata: name: {{ .Release.Name }}-st2-rbac-roles annotations: description: Custom StackStorm RBAC roles, shipped in '/opt/stackstorm/rbac/roles/' - labels: - app: st2 - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} data: {{- range $filename, $contents := .Values.st2.rbac.roles }} {{/* to support removing default files, skip files with empty contents */}} @@ -29,13 +23,7 @@ metadata: name: {{ .Release.Name }}-st2-rbac-assignments annotations: description: Custom StackStorm RBAC role assignments, shipped in '/opt/stackstorm/rbac/assignments/' - labels: - app: st2 - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} data: {{- range $filename, $contents := .Values.st2.rbac.assignments }} {{/* to support removing default files, skip files with empty contents */}} @@ -52,13 +40,7 @@ metadata: name: {{ .Release.Name }}-st2-rbac-mappings annotations: description: StackStorm RBAC LDAP groups-to-roles mapping rules, shipped in '/opt/stackstorm/rbac/mappings/' - labels: - app: st2 - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} data: {{- if .Values.st2.rbac.mappings }} {{ toYaml .Values.st2.rbac.mappings | indent 2 }} diff --git a/templates/configmaps_st2-conf.yaml b/templates/configmaps_st2-conf.yaml index fd734997..bb334587 100644 --- a/templates/configmaps_st2-conf.yaml +++ b/templates/configmaps_st2-conf.yaml @@ -5,13 +5,7 @@ metadata: name: {{ .Release.Name }}-st2-config annotations: description: Custom StackStorm config which will apply settings on top of default st2.conf - labels: - app: st2 - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} data: # TODO: Bundle DB/MQ login secrets in dynamic ENV-based st2.secrets.conf, leave custom user-defined settings for st2.user.conf (?) # Docker/K8s-based st2 config file used for templating service names and common overrides on top of original st2.conf. diff --git a/templates/configmaps_st2-urls.yaml b/templates/configmaps_st2-urls.yaml index 9810ecd6..fdb437a9 100644 --- a/templates/configmaps_st2-urls.yaml +++ b/templates/configmaps_st2-urls.yaml @@ -5,13 +5,7 @@ metadata: name: {{ .Release.Name }}-st2-urls annotations: description: StackStorm service URLs, used across entire st2 cluster - labels: - app: st2 - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} data: ST2_AUTH_URL: http://{{ .Release.Name }}-st2auth:9100/ ST2_API_URL: http://{{ .Release.Name }}-st2api:9101/ diff --git a/templates/configmaps_st2web.yaml b/templates/configmaps_st2web.yaml index 63ed6c99..473b497c 100644 --- a/templates/configmaps_st2web.yaml +++ b/templates/configmaps_st2web.yaml @@ -6,13 +6,7 @@ metadata: name: {{ .Release.Name }}-st2web-config annotations: description: Custom StackStorm Web config which will override defaults - labels: - app: st2 - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} data: # User-defined st2web config with custom settings to replace default config.js # See https://github.com/StackStorm/st2web#connecting-to-st2-server for more info diff --git a/templates/deployments.yaml b/templates/deployments.yaml index fa5467b0..56772171 100644 --- a/templates/deployments.yaml +++ b/templates/deployments.yaml @@ -13,33 +13,19 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2auth - labels: - app: st2auth - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2auth" | nindent 4 }} {{- if .Values.st2auth.annotations }} annotations: {{- toYaml .Values.st2auth.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: - app: st2auth - release: {{ .Release.Name }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2auth" | nindent 6 }} # https://docs.stackstorm.com/reference/ha.html#st2auth # Multiple st2auth processes can be behind a load balancer in an active-active configuration. replicas: {{ default 2 .Values.st2auth.replicas }} template: metadata: - labels: - app: st2auth - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2auth" | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} checksum/auth: {{ include (print $.Template.BasePath "/secrets_st2auth.yaml") . | sha256sum }} @@ -154,33 +140,19 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2api - labels: - app: st2api - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2api" | nindent 4 }} {{- if .Values.st2api.annotations }} annotations: {{- toYaml .Values.st2api.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: - app: st2api - release: {{ .Release.Name }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2api" | nindent 6 }} # https://docs.stackstorm.com/reference/ha.html#st2api # Multiple st2api process can be behind a load balancer in an active-active configuration. replicas: {{ default 2 .Values.st2api.replicas }} template: metadata: - labels: - app: st2api - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2api" | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} checksum/datastore-key: {{ include (print $.Template.BasePath "/secrets_datastore_crypto_key.yaml") . | sha256sum }} @@ -298,33 +270,19 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2stream - labels: - app: st2stream - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2stream" | nindent 4 }} {{- if .Values.st2stream.annotations }} annotations: {{- toYaml .Values.st2stream.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: - app: st2stream - release: {{ .Release.Name }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2stream" | nindent 6 }} # https://docs.stackstorm.com/reference/ha.html#st2stream # Multiple st2stream process can be behind a load balancer in an active-active configuration. replicas: {{ default 2 .Values.st2stream.replicas }} template: metadata: - labels: - app: st2stream - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2stream" | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} {{- if .Values.st2stream.postStartScript }} @@ -414,31 +372,17 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2web - labels: - app: st2web - tier: frontend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2web" | nindent 4 }} {{- if .Values.st2web.annotations }} annotations: {{- toYaml .Values.st2web.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: - app: st2web - release: {{ .Release.Name }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2web" | nindent 6 }} replicas: {{ default 2 .Values.st2web.replicas }} template: metadata: - labels: - app: st2web - tier: frontend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2web" | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2web.yaml") . | sha256sum }} {{- if .Values.st2web.postStartScript }} @@ -556,33 +500,19 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2rulesengine - labels: - app: st2rulesengine - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2rulesengine" | nindent 4 }} {{- if .Values.st2rulesengine.annotations }} annotations: {{- toYaml .Values.st2rulesengine.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: - app: st2rulesengine - release: {{ .Release.Name }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2rulesengine" | nindent 6 }} # https://docs.stackstorm.com/reference/ha.html#st2rulesengine # Multiple st2rulesengine processes can run in active-active with only connections to MongoDB and RabbitMQ. All these will share the TriggerInstance load and naturally pick up more work if one or more of the processes becomes unavailable. replicas: {{ default 2 .Values.st2rulesengine.replicas }} template: metadata: - labels: - app: st2rulesengine - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2rulesengine" | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} checksum/datastore-key: {{ include (print $.Template.BasePath "/secrets_datastore_crypto_key.yaml") . | sha256sum }} @@ -684,34 +614,20 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2timersengine - labels: - app: st2timersengine - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2timersengine" | nindent 4 }} {{- if .Values.st2timersengine.annotations }} annotations: {{- toYaml .Values.st2timersengine.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: - app: st2timersengine - release: {{ .Release.Name }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2timersengine" | nindent 6 }} # https://docs.stackstorm.com/reference/ha.html#st2timersengine # Only single replica is created as timersengine can't work in active-active mode at the moment and it relies on # K8s failover/reschedule capabilities to address cases when the process fails. replicas: 1 template: metadata: - labels: - app: st2timersengine - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2timersengine" | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} {{- if .Values.st2timersengine.postStartScript }} @@ -799,33 +715,19 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2workflowengine - labels: - app: st2workflowengine - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2workflowengine" | nindent 4 }} {{- if .Values.st2workflowengine.annotations }} annotations: {{- toYaml .Values.st2workflowengine.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: - app: st2workflowengine - release: {{ .Release.Name }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2workflowengine" | nindent 6 }} # https://docs.stackstorm.com/reference/ha.html#st2workflowengine # Multiple st2workflowengine processes can run in active-active mode and will share the load and pick up more work if one or more of the processes become available. replicas: {{ default 2 .Values.st2workflowengine.replicas }} template: metadata: - labels: - app: st2workflowengine - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2workflowengine" | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} checksum/datastore-key: {{ include (print $.Template.BasePath "/secrets_datastore_crypto_key.yaml") . | sha256sum }} @@ -927,32 +829,18 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2scheduler - labels: - app: st2scheduler - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2scheduler" | nindent 4 }} {{- if .Values.st2scheduler.annotations }} annotations: {{- toYaml .Values.st2scheduler.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: - app: st2scheduler - release: {{ .Release.Name }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2scheduler" | nindent 6 }} # https://docs.stackstorm.com/reference/ha.html#st2scheduler replicas: {{ default 2 .Values.st2scheduler.replicas }} template: metadata: - labels: - app: st2scheduler - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2scheduler" | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} checksum/datastore-key: {{ include (print $.Template.BasePath "/secrets_datastore_crypto_key.yaml") . | sha256sum }} @@ -1054,33 +942,19 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2notifier - labels: - app: st2notifier - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2notifier" | nindent 4 }} {{- if .Values.st2notifier.annotations }} annotations: {{- toYaml .Values.st2notifier.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: - app: st2notifier - release: {{ .Release.Name }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2notifier" | nindent 6 }} # https://docs.stackstorm.com/reference/ha.html#st2notifier # st2notifier runs in active-active mode and requires for that coordination backend like Redis or Zookeeper replicas: {{ default 2 .Values.st2notifier.replicas }} template: metadata: - labels: - app: st2notifier - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2notifier" | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} {{- if .Values.st2notifier.postStartScript }} @@ -1193,21 +1067,13 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ $.Release.Name }}-{{ $name }} - labels: - app: {{ $name }} - tier: backend - vendor: stackstorm - chart: {{ $.Chart.Name }}-{{ $.Chart.Version }} - release: {{ $.Release.Name }} - heritage: {{ $.Release.Service }} + labels: {{- include "stackstorm-ha.labels" $name | nindent 4 }} {{- if $sensor.annotations }} annotations: {{- toYaml $sensor.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: - app: {{ $name }} - release: {{ $.Release.Name }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" $name | nindent 6 }} # https://docs.stackstorm.com/reference/ha.html#st2sensorcontainer # It is possible to run st2sensorcontainer(s) in one of these modes: # (1) run all sensors in one pod (1 deployment with 1 pod, the default); or @@ -1218,13 +1084,7 @@ spec: replicas: 1 template: metadata: - labels: - app: {{ $name }} - tier: backend - vendor: stackstorm - chart: {{ $.Chart.Name }}-{{ $.Chart.Version }} - release: {{ $.Release.Name }} - heritage: {{ $.Release.Service }} + labels: {{- include "stackstorm-ha.labels" $name | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") $ | sha256sum }} checksum/packs: {{ include (print $.Template.BasePath "/configmaps_packs.yaml") $ | sha256sum }} @@ -1396,34 +1256,20 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2actionrunner - labels: - app: st2actionrunner - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2actionrunner" | nindent 4 }} {{- if .Values.st2actionrunner.annotations }} annotations: {{- toYaml .Values.st2actionrunner.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: - app: st2actionrunner - release: {{ .Release.Name }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2actionrunner" | nindent 6 }} # https://docs.stackstorm.com/reference/ha.html#st2actionrunner # Multiple st2actionrunner processes can run in active-active with only connections to MongoDB and RabbitMQ. Work gets naturally # distributed across runners via RabbitMQ. Adding more st2actionrunner processes increases the ability of StackStorm to execute actions. replicas: {{ default 5 .Values.st2actionrunner.replicas }} template: metadata: - labels: - app: st2actionrunner - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2actionrunner" | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} checksum/ssh: {{ include (print $.Template.BasePath "/secrets_ssh.yaml") . | sha256sum }} @@ -1554,33 +1400,19 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2garbagecollector - labels: - app: st2garbagecollector - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2garbagecollector" | nindent 4 }} {{- if .Values.st2garbagecollector.annotations }} annotations: {{- toYaml .Values.st2garbagecollector.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: - app: st2garbagecollector - release: {{ .Release.Name }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2garbagecollector" | nindent 6 }} # https://docs.stackstorm.com/reference/ha.html#st2garbagecollector # Having 1 st2garbagecollector unique replica is enough for periodic task like st2 history garbage collection replicas: {{ default 1 .Values.st2garbagecollector.replicas }} template: metadata: - labels: - app: st2garbagecollector - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2garbagecollector" | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} {{- if .Values.st2garbagecollector.postStartScript }} @@ -1668,31 +1500,17 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2client - labels: - app: st2client - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2client" | nindent 4 }} {{- if .Values.st2client.annotations }} annotations: {{- toYaml .Values.st2client.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: - app: st2client - release: {{ .Release.Name }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2client" | nindent 6 }} replicas: 1 template: metadata: - labels: - app: st2client - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2client" | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} checksum/rbac: {{ include (print $.Template.BasePath "/configmaps_rbac.yaml") . | sha256sum }} @@ -1869,32 +1687,18 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2chatops - labels: - app: st2chatops - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2chatops" | nindent 4 }} {{- if .Values.st2chatops.annotations }} annotations: {{- toYaml .Values.st2chatops.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: - app: st2chatops - release: {{ .Release.Name }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2chatops" | nindent 6 }} # As hubot can't be HA scaled properly, we deploy only single replica of st2chatops replicas: 1 template: metadata: - labels: - app: st2chatops - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2chatops" | nindent 8 }} annotations: checksum/chatops: {{ include (print $.Template.BasePath "/secrets_st2chatops.yaml") . | sha256sum }} {{- if .Values.st2chatops.postStartScript }} diff --git a/templates/ingress.yaml b/templates/ingress.yaml index ae9e229f..47e1f416 100644 --- a/templates/ingress.yaml +++ b/templates/ingress.yaml @@ -4,13 +4,7 @@ apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: {{ .Release.Name }}-st2web-ingress - labels: - app: ingress - tier: frontend - vendor: stackstorm - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" + labels: {{- include "stackstorm-ha.labels" "ingress" | nindent 4 }} annotations: {{- if .Values.ingress.tls }} ingress.kubernetes.io/secure-backends: "true" diff --git a/templates/jobs.yaml b/templates/jobs.yaml index cd06e961..8cc3a0dc 100644 --- a/templates/jobs.yaml +++ b/templates/jobs.yaml @@ -4,13 +4,7 @@ apiVersion: batch/v1 kind: Job metadata: name: {{ .Release.Name }}-job-st2-apply-rbac-definitions - labels: - app: st2-apply-rbac-definitions - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2-apply-rbac-definitions" | nindent 4 }} annotations: helm.sh/hook: post-install, post-upgrade, post-rollback helm.sh/hook-delete-policy: before-hook-creation @@ -22,13 +16,7 @@ spec: template: metadata: name: job-st2-apply-rbac-definitions - labels: - app: st2-apply-rbac-definitions - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2-apply-rbac-definitions" | nindent 8 }} annotations: # TODO: Investigate/propose running Helm hook only on condition when ConfigMap or Secret has changed checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} @@ -112,13 +100,7 @@ apiVersion: batch/v1 kind: Job metadata: name: {{ .Release.Name }}-job-st2-apikey-load - labels: - app: st2 - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} annotations: helm.sh/hook: post-install, post-upgrade, post-rollback helm.sh/hook-delete-policy: before-hook-creation @@ -130,13 +112,7 @@ spec: template: metadata: name: job-st2-apikey-load - labels: - app: st2 - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2" | nindent 8 }} annotations: # TODO: Investigate/propose running Helm hook only on condition when ConfigMap or Secret has changed checksum/urls: {{ include (print $.Template.BasePath "/configmaps_st2-urls.yaml") . | sha256sum }} @@ -254,13 +230,7 @@ apiVersion: batch/v1 kind: Job metadata: name: {{ .Release.Name }}-job-st2-key-load - labels: - app: st2 - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} annotations: helm.sh/hook: post-install, post-upgrade, post-rollback helm.sh/hook-delete-policy: before-hook-creation @@ -272,13 +242,7 @@ spec: template: metadata: name: job-st2-key-load - labels: - app: st2 - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2" | nindent 8 }} annotations: # TODO: Investigate/propose running Helm hook only on condition when ConfigMap or Secret has changed checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} @@ -387,13 +351,7 @@ apiVersion: batch/v1 kind: Job metadata: name: {{ .Release.Name }}-job-st2-register-content - labels: - app: st2-register-content - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2-register-content" | nindent 4 }} annotations: helm.sh/hook: post-install, post-upgrade, post-rollback helm.sh/hook-delete-policy: before-hook-creation @@ -405,13 +363,7 @@ spec: template: metadata: name: job-st2-register-content - labels: - app: st2-register-content - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2-register-content" | nindent 8 }} annotations: # TODO: Investigate/propose running Helm hook only on condition when ConfigMap or Secret has changed checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} @@ -512,13 +464,7 @@ apiVersion: batch/v1 kind: Job metadata: name: {{ $.Release.Name }}-job-{{ $name }} - labels: - app: {{ $name }} - tier: backend - vendor: stackstorm - chart: {{ $.Chart.Name }}-{{ $.Chart.Version }} - release: {{ $.Release.Name }} - heritage: {{ $.Release.Service }} + labels: {{- include "stackstorm-ha.labels" $name | nindent 4 }} annotations: helm.sh/hook: {{ required "Each entry in jobs.extra_hooks must include 'hook' (the helm.sh/hook value)" .hook }} helm.sh/hook-delete-policy: before-hook-creation @@ -530,13 +476,7 @@ spec: template: metadata: name: job-{{ $name }} - labels: - app: {{ $name }} - tier: backend - vendor: stackstorm - chart: {{ $.Chart.Name }}-{{ $.Chart.Version }} - release: {{ $.Release.Name }} - heritage: {{ $.Release.Service }} + labels: {{- include "stackstorm-ha.labels" $name | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") $ | sha256sum }} checksum/packs: {{ include (print $.Template.BasePath "/configmaps_packs.yaml") $ | sha256sum }} diff --git a/templates/secrets_datastore_crypto_key.yaml b/templates/secrets_datastore_crypto_key.yaml index 36c99836..8e408cd5 100644 --- a/templates/secrets_datastore_crypto_key.yaml +++ b/templates/secrets_datastore_crypto_key.yaml @@ -11,13 +11,7 @@ metadata: name: {{ $name }} annotations: description: StackStorm crypto key used to encrypt/decrypt KV records - labels: - app: st2 - tier: backend - vendor: stackstorm - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" + labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} type: Opaque data: # Datastore key used to encrypt/decrypt record for the KV store diff --git a/templates/secrets_rabbitmq.yaml b/templates/secrets_rabbitmq.yaml index 703b6662..d1763e0c 100644 --- a/templates/secrets_rabbitmq.yaml +++ b/templates/secrets_rabbitmq.yaml @@ -9,13 +9,7 @@ metadata: name: {{ .Release.Name }}-rabbitmq-definitions annotations: description: A rabbitmq definition which will be loaded by the rabbitmq subchart to enable mirroring for Rabbit HA - labels: - app: st2 - tier: backend - vendor: stackstorm - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" + labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} type: Opaque data: rabbitmq-definitions.json: {{ tpl (.Files.Get "conf/rabbit-definition.conf") . | b64enc }} diff --git a/templates/secrets_ssh.yaml b/templates/secrets_ssh.yaml index 807c1b83..a1425fba 100644 --- a/templates/secrets_ssh.yaml +++ b/templates/secrets_ssh.yaml @@ -11,13 +11,7 @@ metadata: name: {{ $name }} annotations: description: StackStorm SSH secret key for 'stanley' user, used to run actions on remote machines - labels: - app: st2 - tier: backend - vendor: stackstorm - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" + labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} type: Opaque data: # SSH private key for the 'stanley' system user ('system_user.ssh_key_file' in st2.conf). diff --git a/templates/secrets_st2apikeys.yaml b/templates/secrets_st2apikeys.yaml index 6a2bd7cd..3a03a9f4 100644 --- a/templates/secrets_st2apikeys.yaml +++ b/templates/secrets_st2apikeys.yaml @@ -5,13 +5,7 @@ metadata: name: {{ .Release.Name }}-st2-apikeys annotations: description: A list of StackStorm API keys with metadata that will be imported into the system - labels: - app: st2 - tier: backend - vendor: stackstorm - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" + labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} type: Opaque data: apikeys.yaml: {{ toYaml .Values.st2.apikeys | b64enc | quote }} diff --git a/templates/secrets_st2auth.yaml b/templates/secrets_st2auth.yaml index 8f17d71e..c5d24dd2 100644 --- a/templates/secrets_st2auth.yaml +++ b/templates/secrets_st2auth.yaml @@ -12,13 +12,7 @@ metadata: name: {{ $name }} annotations: description: StackStorm username and password, used for basic .htaccess auth - labels: - app: st2 - tier: backend - vendor: stackstorm - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" + labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} type: Opaque data: # Username, used to login to StackStorm system (default: st2admin) diff --git a/templates/secrets_st2chatops.yaml b/templates/secrets_st2chatops.yaml index 460a3a8b..8487cfd0 100644 --- a/templates/secrets_st2chatops.yaml +++ b/templates/secrets_st2chatops.yaml @@ -6,13 +6,7 @@ metadata: name: {{ .Release.Name }}-st2chatops annotations: description: Custom StackStorm chatops config, passed to hubot as ENV vars - labels: - app: st2chatops - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2chatops" | nindent 4 }} type: Opaque data: {{- range $env, $value := .Values.st2chatops.env }} diff --git a/templates/secrets_st2kv.yaml b/templates/secrets_st2kv.yaml index c7952934..67e4a2b1 100644 --- a/templates/secrets_st2kv.yaml +++ b/templates/secrets_st2kv.yaml @@ -5,13 +5,7 @@ metadata: name: {{ .Release.Name }}-st2-kv annotations: description: Key/Value pairs to save in StackStorm's datastore - labels: - app: st2 - tier: backend - vendor: stackstorm - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" + labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} type: Opaque data: st2kv.yaml: {{ tpl (toYaml .Values.st2.keyvalue ) . | b64enc | quote }} diff --git a/templates/service-account.yaml b/templates/service-account.yaml index 7b785477..e13bda0a 100644 --- a/templates/service-account.yaml +++ b/templates/service-account.yaml @@ -8,11 +8,7 @@ metadata: annotations: {{- toYaml .Values.serviceAccount.serviceAccountAnnotations | nindent 4 }} {{- end }} - labels: - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - app: '{{ template "stackstorm-ha.name" . }}' - heritage: "{{ .Release.Service }}" - release: "{{ .Release.Name }}" + labels: {{- include "stackstorm-ha.labels" (template "stackstorm-ha.name" .) | nindent 4 }} {{- if .Values.serviceAccount.pullSecret }} imagePullSecrets: - name: "{{ .Values.serviceAccount.pullSecret }}" diff --git a/templates/services.yaml b/templates/services.yaml index 4eee5975..ad6378c1 100644 --- a/templates/services.yaml +++ b/templates/services.yaml @@ -11,17 +11,9 @@ metadata: {{- if .Values.st2auth.service.annotations }} {{- toYaml .Values.st2auth.service.annotations | nindent 4 }} {{- end }} - labels: - app: st2auth - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2auth" | nindent 4 }} spec: - selector: - app: st2auth - release: {{ .Release.Name }} + selector: {{- include "stackstorm-ha.selectorLabels" "st2auth" | nindent 4 }} type: {{ .Values.st2auth.service.type }} {{- if contains "ExternalName" .Values.st2auth.service.type }} {{- if .Values.st2auth.service.hostname }} @@ -45,17 +37,9 @@ metadata: {{- if .Values.st2api.service.annotations }} {{- toYaml .Values.st2api.service.annotations | nindent 4 }} {{- end }} - labels: - app: st2api - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2api" | nindent 4 }} spec: - selector: - app: st2api - release: {{ .Release.Name }} + selector: {{- include "stackstorm-ha.selectorLabels" "st2api" | nindent 4 }} type: {{ .Values.st2api.service.type }} {{- if contains "ExternalName" .Values.st2api.service.type }} {{- if .Values.st2api.service.hostname }} @@ -79,17 +63,9 @@ metadata: {{- if .Values.st2stream.service.annotations }} {{- toYaml .Values.st2stream.service.annotations | nindent 4 }} {{- end }} - labels: - app: st2stream - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2stream" | nindent 4 }} spec: - selector: - app: st2stream - release: {{ .Release.Name }} + selector: {{- include "stackstorm-ha.selectorLabels" "st2stream" | nindent 4 }} type: {{ .Values.st2stream.service.type }} {{- if contains "ExternalName" .Values.st2stream.service.type }} {{- if .Values.st2stream.service.hostname }} @@ -113,17 +89,9 @@ metadata: {{- if .Values.st2web.service.annotations }} {{- toYaml .Values.st2web.service.annotations | nindent 4 }} {{- end }} - labels: - app: st2web - tier: frontend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2web" | nindent 4 }} spec: - selector: - app: st2web - release: {{ .Release.Name }} + selector: {{- include "stackstorm-ha.selectorLabels" "st2web" | nindent 4 }} type: {{ .Values.st2web.service.type }} {{- if contains "ExternalName" .Values.st2web.service.type }} {{- if .Values.st2web.service.hostname }} @@ -142,17 +110,9 @@ metadata: name: {{ .Release.Name }}-st2chatops annotations: description: StackStorm st2chatops, - conversation-driven automation service exposed as hubot instance with predefined list of chat adapters - labels: - app: st2chatops - tier: backend - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2chatops" | nindent 4 }} spec: - selector: - app: st2chatops - release: {{ .Release.Name }} + selector: {{- include "stackstorm-ha.selectorLabels" "st2chatops" | nindent 4 }} type: ClusterIP ports: - protocol: TCP diff --git a/templates/tests/st2tests-configmap.yaml b/templates/tests/st2tests-configmap.yaml index a2730b9f..25d0feab 100644 --- a/templates/tests/st2tests-configmap.yaml +++ b/templates/tests/st2tests-configmap.yaml @@ -2,13 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ .Release.Name }}-st2tests - labels: - app: st2tests - tier: tests - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2tests" | nindent 4 }} data: st2tests.sh: | {{ .Files.Get "tests/integration/st2tests.sh" | indent 4 }} diff --git a/templates/tests/st2tests-pod.yaml b/templates/tests/st2tests-pod.yaml index 5bb3b50f..53790a9b 100644 --- a/templates/tests/st2tests-pod.yaml +++ b/templates/tests/st2tests-pod.yaml @@ -2,13 +2,7 @@ apiVersion: v1 kind: Pod metadata: name: "{{ .Release.Name }}-st2tests" - labels: - app: st2tests - tier: tests - vendor: stackstorm - chart: {{ .Chart.Name }}-{{ .Chart.Version }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + labels: {{- include "stackstorm-ha.labels" "st2tests" | nindent 4 }} annotations: "helm.sh/hook": test-success "helm.sh/hook-delete-policy": hook-succeeded From 89b076cc4452d217f3f728ccb3712e1aa1be5ace Mon Sep 17 00:00:00 2001 From: Jacob Floyd Date: Thu, 24 Mar 2022 21:15:17 -0500 Subject: [PATCH 2/8] use list to pass multiple args to labels helpers --- templates/_helpers.tpl | 20 +++-- templates/configmaps_packs.yaml | 2 +- templates/configmaps_post-start-script.yaml | 2 +- templates/configmaps_rbac.yaml | 6 +- templates/configmaps_st2-conf.yaml | 2 +- templates/configmaps_st2-urls.yaml | 2 +- templates/configmaps_st2web.yaml | 2 +- templates/deployments.yaml | 84 ++++++++++----------- templates/ingress.yaml | 2 +- templates/jobs.yaml | 20 ++--- templates/secrets_datastore_crypto_key.yaml | 2 +- templates/secrets_rabbitmq.yaml | 2 +- templates/secrets_ssh.yaml | 2 +- templates/secrets_st2apikeys.yaml | 2 +- templates/secrets_st2auth.yaml | 2 +- templates/secrets_st2chatops.yaml | 2 +- templates/secrets_st2kv.yaml | 2 +- templates/service-account.yaml | 2 +- templates/services.yaml | 20 ++--- templates/tests/st2tests-configmap.yaml | 2 +- templates/tests/st2tests-pod.yaml | 2 +- 21 files changed, 93 insertions(+), 89 deletions(-) diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index bd26f238..15f9fcab 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -14,29 +14,33 @@ Create chart name and version as used by the chart label. {{/* Common labels -Usage: "{{ include "stackstorm-ha.labels" "st2servicename" }}" +Usage: "{{ include "stackstorm-ha.labels" (list $ "st2servicename") }}" */}} {{- define "stackstorm-ha.labels" -}} +{{- $root := index . 0 }} +{{- $name := index . 1 }} {{ include "stackstorm-ha.selectorLabels" . }} -{{- if list "st2web" "ingress" | has . }} +{{- if list "st2web" "ingress" | has $name }} tier: frontend -{{- else if eq . "st2tests" }} +{{- else if eq $name "st2tests" }} tier: tests {{- else }} tier: backend {{- end }} vendor: stackstorm -chart: {{ include "stackstorm-ha.chart" $ }} -heritage: {{ $.Release.Service }} +chart: {{ include "stackstorm-ha.chart" $root }} +heritage: {{ $root.Release.Service }} {{- end -}} {{/* Selector labels -Usage: "{{ include "stackstorm-ha.selectorLabels" "st2servicename" }}" +Usage: "{{ include "stackstorm-ha.selectorLabels" (list $ "st2servicename") }}" */}} {{- define "stackstorm-ha.selectorLabels" -}} -app: {{ . }} -release: {{ $.Release.Name }} +{{- $root := index . 0 }} +{{- $name := index . 1 }} +app: {{ $name }} +release: {{ $root.Release.Name }} {{- end -}} {{/* diff --git a/templates/configmaps_packs.yaml b/templates/configmaps_packs.yaml index c597acde..9d5a8817 100644 --- a/templates/configmaps_packs.yaml +++ b/templates/configmaps_packs.yaml @@ -5,6 +5,6 @@ metadata: name: {{ .Release.Name }}-st2-pack-configs annotations: description: StackStorm pack configs defined in helm values, shipped in (or copied to) '/opt/stackstorm/configs/' - labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2") | nindent 4 }} data: {{ toYaml .Values.st2.packs.configs | indent 2 }} diff --git a/templates/configmaps_post-start-script.yaml b/templates/configmaps_post-start-script.yaml index da9733c7..180f822c 100644 --- a/templates/configmaps_post-start-script.yaml +++ b/templates/configmaps_post-start-script.yaml @@ -7,7 +7,7 @@ metadata: name: {{ $.Release.Name }}-{{ . }}-post-start-script annotations: description: Custom postStart lifecycle event handler script for {{ . }} - labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2") | nindent 4 }} data: # k8s calls this script in parallel with starting {{ . }} (ie the same time as ENTRYPOINT) # The pod will not be marked as "running" until this script completes successfully. diff --git a/templates/configmaps_rbac.yaml b/templates/configmaps_rbac.yaml index f67d4943..99eb5d2c 100644 --- a/templates/configmaps_rbac.yaml +++ b/templates/configmaps_rbac.yaml @@ -6,7 +6,7 @@ metadata: name: {{ .Release.Name }}-st2-rbac-roles annotations: description: Custom StackStorm RBAC roles, shipped in '/opt/stackstorm/rbac/roles/' - labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2") | nindent 4 }} data: {{- range $filename, $contents := .Values.st2.rbac.roles }} {{/* to support removing default files, skip files with empty contents */}} @@ -23,7 +23,7 @@ metadata: name: {{ .Release.Name }}-st2-rbac-assignments annotations: description: Custom StackStorm RBAC role assignments, shipped in '/opt/stackstorm/rbac/assignments/' - labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2") | nindent 4 }} data: {{- range $filename, $contents := .Values.st2.rbac.assignments }} {{/* to support removing default files, skip files with empty contents */}} @@ -40,7 +40,7 @@ metadata: name: {{ .Release.Name }}-st2-rbac-mappings annotations: description: StackStorm RBAC LDAP groups-to-roles mapping rules, shipped in '/opt/stackstorm/rbac/mappings/' - labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2") | nindent 4 }} data: {{- if .Values.st2.rbac.mappings }} {{ toYaml .Values.st2.rbac.mappings | indent 2 }} diff --git a/templates/configmaps_st2-conf.yaml b/templates/configmaps_st2-conf.yaml index bb334587..aac17ff3 100644 --- a/templates/configmaps_st2-conf.yaml +++ b/templates/configmaps_st2-conf.yaml @@ -5,7 +5,7 @@ metadata: name: {{ .Release.Name }}-st2-config annotations: description: Custom StackStorm config which will apply settings on top of default st2.conf - labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2") | nindent 4 }} data: # TODO: Bundle DB/MQ login secrets in dynamic ENV-based st2.secrets.conf, leave custom user-defined settings for st2.user.conf (?) # Docker/K8s-based st2 config file used for templating service names and common overrides on top of original st2.conf. diff --git a/templates/configmaps_st2-urls.yaml b/templates/configmaps_st2-urls.yaml index fdb437a9..e02dccc1 100644 --- a/templates/configmaps_st2-urls.yaml +++ b/templates/configmaps_st2-urls.yaml @@ -5,7 +5,7 @@ metadata: name: {{ .Release.Name }}-st2-urls annotations: description: StackStorm service URLs, used across entire st2 cluster - labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2") | nindent 4 }} data: ST2_AUTH_URL: http://{{ .Release.Name }}-st2auth:9100/ ST2_API_URL: http://{{ .Release.Name }}-st2api:9101/ diff --git a/templates/configmaps_st2web.yaml b/templates/configmaps_st2web.yaml index 473b497c..44d9a430 100644 --- a/templates/configmaps_st2web.yaml +++ b/templates/configmaps_st2web.yaml @@ -6,7 +6,7 @@ metadata: name: {{ .Release.Name }}-st2web-config annotations: description: Custom StackStorm Web config which will override defaults - labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2") | nindent 4 }} data: # User-defined st2web config with custom settings to replace default config.js # See https://github.com/StackStorm/st2web#connecting-to-st2-server for more info diff --git a/templates/deployments.yaml b/templates/deployments.yaml index 56772171..7aa84894 100644 --- a/templates/deployments.yaml +++ b/templates/deployments.yaml @@ -13,19 +13,19 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2auth - labels: {{- include "stackstorm-ha.labels" "st2auth" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2auth") | nindent 4 }} {{- if .Values.st2auth.annotations }} annotations: {{- toYaml .Values.st2auth.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2auth" | nindent 6 }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" (list $ "st2auth") | nindent 6 }} # https://docs.stackstorm.com/reference/ha.html#st2auth # Multiple st2auth processes can be behind a load balancer in an active-active configuration. replicas: {{ default 2 .Values.st2auth.replicas }} template: metadata: - labels: {{- include "stackstorm-ha.labels" "st2auth" | nindent 8 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2auth") | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} checksum/auth: {{ include (print $.Template.BasePath "/secrets_st2auth.yaml") . | sha256sum }} @@ -140,19 +140,19 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2api - labels: {{- include "stackstorm-ha.labels" "st2api" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2api") | nindent 4 }} {{- if .Values.st2api.annotations }} annotations: {{- toYaml .Values.st2api.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2api" | nindent 6 }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" (list $ "st2api") | nindent 6 }} # https://docs.stackstorm.com/reference/ha.html#st2api # Multiple st2api process can be behind a load balancer in an active-active configuration. replicas: {{ default 2 .Values.st2api.replicas }} template: metadata: - labels: {{- include "stackstorm-ha.labels" "st2api" | nindent 8 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2api") | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} checksum/datastore-key: {{ include (print $.Template.BasePath "/secrets_datastore_crypto_key.yaml") . | sha256sum }} @@ -270,19 +270,19 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2stream - labels: {{- include "stackstorm-ha.labels" "st2stream" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2stream") | nindent 4 }} {{- if .Values.st2stream.annotations }} annotations: {{- toYaml .Values.st2stream.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2stream" | nindent 6 }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" (list $ "st2stream") | nindent 6 }} # https://docs.stackstorm.com/reference/ha.html#st2stream # Multiple st2stream process can be behind a load balancer in an active-active configuration. replicas: {{ default 2 .Values.st2stream.replicas }} template: metadata: - labels: {{- include "stackstorm-ha.labels" "st2stream" | nindent 8 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2stream") | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} {{- if .Values.st2stream.postStartScript }} @@ -372,17 +372,17 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2web - labels: {{- include "stackstorm-ha.labels" "st2web" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2web") | nindent 4 }} {{- if .Values.st2web.annotations }} annotations: {{- toYaml .Values.st2web.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2web" | nindent 6 }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" (list $ "st2web") | nindent 6 }} replicas: {{ default 2 .Values.st2web.replicas }} template: metadata: - labels: {{- include "stackstorm-ha.labels" "st2web" | nindent 8 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2web") | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2web.yaml") . | sha256sum }} {{- if .Values.st2web.postStartScript }} @@ -500,19 +500,19 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2rulesengine - labels: {{- include "stackstorm-ha.labels" "st2rulesengine" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2rulesengine") | nindent 4 }} {{- if .Values.st2rulesengine.annotations }} annotations: {{- toYaml .Values.st2rulesengine.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2rulesengine" | nindent 6 }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" (list $ "st2rulesengine") | nindent 6 }} # https://docs.stackstorm.com/reference/ha.html#st2rulesengine # Multiple st2rulesengine processes can run in active-active with only connections to MongoDB and RabbitMQ. All these will share the TriggerInstance load and naturally pick up more work if one or more of the processes becomes unavailable. replicas: {{ default 2 .Values.st2rulesengine.replicas }} template: metadata: - labels: {{- include "stackstorm-ha.labels" "st2rulesengine" | nindent 8 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2rulesengine") | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} checksum/datastore-key: {{ include (print $.Template.BasePath "/secrets_datastore_crypto_key.yaml") . | sha256sum }} @@ -614,20 +614,20 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2timersengine - labels: {{- include "stackstorm-ha.labels" "st2timersengine" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2timersengine") | nindent 4 }} {{- if .Values.st2timersengine.annotations }} annotations: {{- toYaml .Values.st2timersengine.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2timersengine" | nindent 6 }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" (list $ "st2timersengine") | nindent 6 }} # https://docs.stackstorm.com/reference/ha.html#st2timersengine # Only single replica is created as timersengine can't work in active-active mode at the moment and it relies on # K8s failover/reschedule capabilities to address cases when the process fails. replicas: 1 template: metadata: - labels: {{- include "stackstorm-ha.labels" "st2timersengine" | nindent 8 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2timersengine") | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} {{- if .Values.st2timersengine.postStartScript }} @@ -715,19 +715,19 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2workflowengine - labels: {{- include "stackstorm-ha.labels" "st2workflowengine" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2workflowengine") | nindent 4 }} {{- if .Values.st2workflowengine.annotations }} annotations: {{- toYaml .Values.st2workflowengine.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2workflowengine" | nindent 6 }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" (list $ "st2workflowengine") | nindent 6 }} # https://docs.stackstorm.com/reference/ha.html#st2workflowengine # Multiple st2workflowengine processes can run in active-active mode and will share the load and pick up more work if one or more of the processes become available. replicas: {{ default 2 .Values.st2workflowengine.replicas }} template: metadata: - labels: {{- include "stackstorm-ha.labels" "st2workflowengine" | nindent 8 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2workflowengine") | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} checksum/datastore-key: {{ include (print $.Template.BasePath "/secrets_datastore_crypto_key.yaml") . | sha256sum }} @@ -829,18 +829,18 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2scheduler - labels: {{- include "stackstorm-ha.labels" "st2scheduler" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2scheduler") | nindent 4 }} {{- if .Values.st2scheduler.annotations }} annotations: {{- toYaml .Values.st2scheduler.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2scheduler" | nindent 6 }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" (list $ "st2scheduler") | nindent 6 }} # https://docs.stackstorm.com/reference/ha.html#st2scheduler replicas: {{ default 2 .Values.st2scheduler.replicas }} template: metadata: - labels: {{- include "stackstorm-ha.labels" "st2scheduler" | nindent 8 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2scheduler") | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} checksum/datastore-key: {{ include (print $.Template.BasePath "/secrets_datastore_crypto_key.yaml") . | sha256sum }} @@ -942,19 +942,19 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2notifier - labels: {{- include "stackstorm-ha.labels" "st2notifier" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2notifier") | nindent 4 }} {{- if .Values.st2notifier.annotations }} annotations: {{- toYaml .Values.st2notifier.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2notifier" | nindent 6 }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" (list $ "st2notifier") | nindent 6 }} # https://docs.stackstorm.com/reference/ha.html#st2notifier # st2notifier runs in active-active mode and requires for that coordination backend like Redis or Zookeeper replicas: {{ default 2 .Values.st2notifier.replicas }} template: metadata: - labels: {{- include "stackstorm-ha.labels" "st2notifier" | nindent 8 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2notifier") | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} {{- if .Values.st2notifier.postStartScript }} @@ -1067,13 +1067,13 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ $.Release.Name }}-{{ $name }} - labels: {{- include "stackstorm-ha.labels" $name | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ $name) | nindent 4 }} {{- if $sensor.annotations }} annotations: {{- toYaml $sensor.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: {{- include "stackstorm-ha.selectorLabels" $name | nindent 6 }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" (list $ $name) | nindent 6 }} # https://docs.stackstorm.com/reference/ha.html#st2sensorcontainer # It is possible to run st2sensorcontainer(s) in one of these modes: # (1) run all sensors in one pod (1 deployment with 1 pod, the default); or @@ -1084,7 +1084,7 @@ spec: replicas: 1 template: metadata: - labels: {{- include "stackstorm-ha.labels" $name | nindent 8 }} + labels: {{- include "stackstorm-ha.labels" (list $ $name) | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") $ | sha256sum }} checksum/packs: {{ include (print $.Template.BasePath "/configmaps_packs.yaml") $ | sha256sum }} @@ -1256,20 +1256,20 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2actionrunner - labels: {{- include "stackstorm-ha.labels" "st2actionrunner" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2actionrunner") | nindent 4 }} {{- if .Values.st2actionrunner.annotations }} annotations: {{- toYaml .Values.st2actionrunner.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2actionrunner" | nindent 6 }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" (list $ "st2actionrunner") | nindent 6 }} # https://docs.stackstorm.com/reference/ha.html#st2actionrunner # Multiple st2actionrunner processes can run in active-active with only connections to MongoDB and RabbitMQ. Work gets naturally # distributed across runners via RabbitMQ. Adding more st2actionrunner processes increases the ability of StackStorm to execute actions. replicas: {{ default 5 .Values.st2actionrunner.replicas }} template: metadata: - labels: {{- include "stackstorm-ha.labels" "st2actionrunner" | nindent 8 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2actionrunner") | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} checksum/ssh: {{ include (print $.Template.BasePath "/secrets_ssh.yaml") . | sha256sum }} @@ -1400,19 +1400,19 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2garbagecollector - labels: {{- include "stackstorm-ha.labels" "st2garbagecollector" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2garbagecollector") | nindent 4 }} {{- if .Values.st2garbagecollector.annotations }} annotations: {{- toYaml .Values.st2garbagecollector.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2garbagecollector" | nindent 6 }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" (list $ "st2garbagecollector") | nindent 6 }} # https://docs.stackstorm.com/reference/ha.html#st2garbagecollector # Having 1 st2garbagecollector unique replica is enough for periodic task like st2 history garbage collection replicas: {{ default 1 .Values.st2garbagecollector.replicas }} template: metadata: - labels: {{- include "stackstorm-ha.labels" "st2garbagecollector" | nindent 8 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2garbagecollector") | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} {{- if .Values.st2garbagecollector.postStartScript }} @@ -1500,17 +1500,17 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2client - labels: {{- include "stackstorm-ha.labels" "st2client" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2client") | nindent 4 }} {{- if .Values.st2client.annotations }} annotations: {{- toYaml .Values.st2client.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2client" | nindent 6 }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" (list $ "st2client") | nindent 6 }} replicas: 1 template: metadata: - labels: {{- include "stackstorm-ha.labels" "st2client" | nindent 8 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2client") | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} checksum/rbac: {{ include (print $.Template.BasePath "/configmaps_rbac.yaml") . | sha256sum }} @@ -1687,18 +1687,18 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-st2chatops - labels: {{- include "stackstorm-ha.labels" "st2chatops" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2chatops") | nindent 4 }} {{- if .Values.st2chatops.annotations }} annotations: {{- toYaml .Values.st2chatops.annotations | nindent 4 }} {{- end }} spec: selector: - matchLabels: {{- include "stackstorm-ha.selectorLabels" "st2chatops" | nindent 6 }} + matchLabels: {{- include "stackstorm-ha.selectorLabels" (list $ "st2chatops") | nindent 6 }} # As hubot can't be HA scaled properly, we deploy only single replica of st2chatops replicas: 1 template: metadata: - labels: {{- include "stackstorm-ha.labels" "st2chatops" | nindent 8 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2chatops") | nindent 8 }} annotations: checksum/chatops: {{ include (print $.Template.BasePath "/secrets_st2chatops.yaml") . | sha256sum }} {{- if .Values.st2chatops.postStartScript }} diff --git a/templates/ingress.yaml b/templates/ingress.yaml index 47e1f416..b90b8d03 100644 --- a/templates/ingress.yaml +++ b/templates/ingress.yaml @@ -4,7 +4,7 @@ apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: {{ .Release.Name }}-st2web-ingress - labels: {{- include "stackstorm-ha.labels" "ingress" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "ingress") | nindent 4 }} annotations: {{- if .Values.ingress.tls }} ingress.kubernetes.io/secure-backends: "true" diff --git a/templates/jobs.yaml b/templates/jobs.yaml index 8cc3a0dc..2f08f8b8 100644 --- a/templates/jobs.yaml +++ b/templates/jobs.yaml @@ -4,7 +4,7 @@ apiVersion: batch/v1 kind: Job metadata: name: {{ .Release.Name }}-job-st2-apply-rbac-definitions - labels: {{- include "stackstorm-ha.labels" "st2-apply-rbac-definitions" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2-apply-rbac-definitions") | nindent 4 }} annotations: helm.sh/hook: post-install, post-upgrade, post-rollback helm.sh/hook-delete-policy: before-hook-creation @@ -16,7 +16,7 @@ spec: template: metadata: name: job-st2-apply-rbac-definitions - labels: {{- include "stackstorm-ha.labels" "st2-apply-rbac-definitions" | nindent 8 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2-apply-rbac-definitions") | nindent 8 }} annotations: # TODO: Investigate/propose running Helm hook only on condition when ConfigMap or Secret has changed checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} @@ -100,7 +100,7 @@ apiVersion: batch/v1 kind: Job metadata: name: {{ .Release.Name }}-job-st2-apikey-load - labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2") | nindent 4 }} annotations: helm.sh/hook: post-install, post-upgrade, post-rollback helm.sh/hook-delete-policy: before-hook-creation @@ -112,7 +112,7 @@ spec: template: metadata: name: job-st2-apikey-load - labels: {{- include "stackstorm-ha.labels" "st2" | nindent 8 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2") | nindent 8 }} annotations: # TODO: Investigate/propose running Helm hook only on condition when ConfigMap or Secret has changed checksum/urls: {{ include (print $.Template.BasePath "/configmaps_st2-urls.yaml") . | sha256sum }} @@ -230,7 +230,7 @@ apiVersion: batch/v1 kind: Job metadata: name: {{ .Release.Name }}-job-st2-key-load - labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2") | nindent 4 }} annotations: helm.sh/hook: post-install, post-upgrade, post-rollback helm.sh/hook-delete-policy: before-hook-creation @@ -242,7 +242,7 @@ spec: template: metadata: name: job-st2-key-load - labels: {{- include "stackstorm-ha.labels" "st2" | nindent 8 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2") | nindent 8 }} annotations: # TODO: Investigate/propose running Helm hook only on condition when ConfigMap or Secret has changed checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} @@ -351,7 +351,7 @@ apiVersion: batch/v1 kind: Job metadata: name: {{ .Release.Name }}-job-st2-register-content - labels: {{- include "stackstorm-ha.labels" "st2-register-content" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2-register-content") | nindent 4 }} annotations: helm.sh/hook: post-install, post-upgrade, post-rollback helm.sh/hook-delete-policy: before-hook-creation @@ -363,7 +363,7 @@ spec: template: metadata: name: job-st2-register-content - labels: {{- include "stackstorm-ha.labels" "st2-register-content" | nindent 8 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2-register-content") | nindent 8 }} annotations: # TODO: Investigate/propose running Helm hook only on condition when ConfigMap or Secret has changed checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") . | sha256sum }} @@ -464,7 +464,7 @@ apiVersion: batch/v1 kind: Job metadata: name: {{ $.Release.Name }}-job-{{ $name }} - labels: {{- include "stackstorm-ha.labels" $name | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ $name) | nindent 4 }} annotations: helm.sh/hook: {{ required "Each entry in jobs.extra_hooks must include 'hook' (the helm.sh/hook value)" .hook }} helm.sh/hook-delete-policy: before-hook-creation @@ -476,7 +476,7 @@ spec: template: metadata: name: job-{{ $name }} - labels: {{- include "stackstorm-ha.labels" $name | nindent 8 }} + labels: {{- include "stackstorm-ha.labels" (list $ $name) | nindent 8 }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmaps_st2-conf.yaml") $ | sha256sum }} checksum/packs: {{ include (print $.Template.BasePath "/configmaps_packs.yaml") $ | sha256sum }} diff --git a/templates/secrets_datastore_crypto_key.yaml b/templates/secrets_datastore_crypto_key.yaml index 8e408cd5..509db834 100644 --- a/templates/secrets_datastore_crypto_key.yaml +++ b/templates/secrets_datastore_crypto_key.yaml @@ -11,7 +11,7 @@ metadata: name: {{ $name }} annotations: description: StackStorm crypto key used to encrypt/decrypt KV records - labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2") | nindent 4 }} type: Opaque data: # Datastore key used to encrypt/decrypt record for the KV store diff --git a/templates/secrets_rabbitmq.yaml b/templates/secrets_rabbitmq.yaml index d1763e0c..a09f1ddd 100644 --- a/templates/secrets_rabbitmq.yaml +++ b/templates/secrets_rabbitmq.yaml @@ -9,7 +9,7 @@ metadata: name: {{ .Release.Name }}-rabbitmq-definitions annotations: description: A rabbitmq definition which will be loaded by the rabbitmq subchart to enable mirroring for Rabbit HA - labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2") | nindent 4 }} type: Opaque data: rabbitmq-definitions.json: {{ tpl (.Files.Get "conf/rabbit-definition.conf") . | b64enc }} diff --git a/templates/secrets_ssh.yaml b/templates/secrets_ssh.yaml index a1425fba..d236e692 100644 --- a/templates/secrets_ssh.yaml +++ b/templates/secrets_ssh.yaml @@ -11,7 +11,7 @@ metadata: name: {{ $name }} annotations: description: StackStorm SSH secret key for 'stanley' user, used to run actions on remote machines - labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2") | nindent 4 }} type: Opaque data: # SSH private key for the 'stanley' system user ('system_user.ssh_key_file' in st2.conf). diff --git a/templates/secrets_st2apikeys.yaml b/templates/secrets_st2apikeys.yaml index 3a03a9f4..9d6800f8 100644 --- a/templates/secrets_st2apikeys.yaml +++ b/templates/secrets_st2apikeys.yaml @@ -5,7 +5,7 @@ metadata: name: {{ .Release.Name }}-st2-apikeys annotations: description: A list of StackStorm API keys with metadata that will be imported into the system - labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2") | nindent 4 }} type: Opaque data: apikeys.yaml: {{ toYaml .Values.st2.apikeys | b64enc | quote }} diff --git a/templates/secrets_st2auth.yaml b/templates/secrets_st2auth.yaml index c5d24dd2..a1f45942 100644 --- a/templates/secrets_st2auth.yaml +++ b/templates/secrets_st2auth.yaml @@ -12,7 +12,7 @@ metadata: name: {{ $name }} annotations: description: StackStorm username and password, used for basic .htaccess auth - labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2") | nindent 4 }} type: Opaque data: # Username, used to login to StackStorm system (default: st2admin) diff --git a/templates/secrets_st2chatops.yaml b/templates/secrets_st2chatops.yaml index 8487cfd0..5c853ae6 100644 --- a/templates/secrets_st2chatops.yaml +++ b/templates/secrets_st2chatops.yaml @@ -6,7 +6,7 @@ metadata: name: {{ .Release.Name }}-st2chatops annotations: description: Custom StackStorm chatops config, passed to hubot as ENV vars - labels: {{- include "stackstorm-ha.labels" "st2chatops" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2chatops") | nindent 4 }} type: Opaque data: {{- range $env, $value := .Values.st2chatops.env }} diff --git a/templates/secrets_st2kv.yaml b/templates/secrets_st2kv.yaml index 67e4a2b1..0d755d46 100644 --- a/templates/secrets_st2kv.yaml +++ b/templates/secrets_st2kv.yaml @@ -5,7 +5,7 @@ metadata: name: {{ .Release.Name }}-st2-kv annotations: description: Key/Value pairs to save in StackStorm's datastore - labels: {{- include "stackstorm-ha.labels" "st2" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2") | nindent 4 }} type: Opaque data: st2kv.yaml: {{ tpl (toYaml .Values.st2.keyvalue ) . | b64enc | quote }} diff --git a/templates/service-account.yaml b/templates/service-account.yaml index e13bda0a..4d1d3380 100644 --- a/templates/service-account.yaml +++ b/templates/service-account.yaml @@ -8,7 +8,7 @@ metadata: annotations: {{- toYaml .Values.serviceAccount.serviceAccountAnnotations | nindent 4 }} {{- end }} - labels: {{- include "stackstorm-ha.labels" (template "stackstorm-ha.name" .) | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ (include "stackstorm-ha.name" $)) | nindent 4 }} {{- if .Values.serviceAccount.pullSecret }} imagePullSecrets: - name: "{{ .Values.serviceAccount.pullSecret }}" diff --git a/templates/services.yaml b/templates/services.yaml index ad6378c1..6b0e385d 100644 --- a/templates/services.yaml +++ b/templates/services.yaml @@ -11,9 +11,9 @@ metadata: {{- if .Values.st2auth.service.annotations }} {{- toYaml .Values.st2auth.service.annotations | nindent 4 }} {{- end }} - labels: {{- include "stackstorm-ha.labels" "st2auth" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2auth") | nindent 4 }} spec: - selector: {{- include "stackstorm-ha.selectorLabels" "st2auth" | nindent 4 }} + selector: {{- include "stackstorm-ha.selectorLabels" (list $ "st2auth") | nindent 4 }} type: {{ .Values.st2auth.service.type }} {{- if contains "ExternalName" .Values.st2auth.service.type }} {{- if .Values.st2auth.service.hostname }} @@ -37,9 +37,9 @@ metadata: {{- if .Values.st2api.service.annotations }} {{- toYaml .Values.st2api.service.annotations | nindent 4 }} {{- end }} - labels: {{- include "stackstorm-ha.labels" "st2api" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2api") | nindent 4 }} spec: - selector: {{- include "stackstorm-ha.selectorLabels" "st2api" | nindent 4 }} + selector: {{- include "stackstorm-ha.selectorLabels" (list $ "st2api") | nindent 4 }} type: {{ .Values.st2api.service.type }} {{- if contains "ExternalName" .Values.st2api.service.type }} {{- if .Values.st2api.service.hostname }} @@ -63,9 +63,9 @@ metadata: {{- if .Values.st2stream.service.annotations }} {{- toYaml .Values.st2stream.service.annotations | nindent 4 }} {{- end }} - labels: {{- include "stackstorm-ha.labels" "st2stream" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2stream") | nindent 4 }} spec: - selector: {{- include "stackstorm-ha.selectorLabels" "st2stream" | nindent 4 }} + selector: {{- include "stackstorm-ha.selectorLabels" (list $ "st2stream") | nindent 4 }} type: {{ .Values.st2stream.service.type }} {{- if contains "ExternalName" .Values.st2stream.service.type }} {{- if .Values.st2stream.service.hostname }} @@ -89,9 +89,9 @@ metadata: {{- if .Values.st2web.service.annotations }} {{- toYaml .Values.st2web.service.annotations | nindent 4 }} {{- end }} - labels: {{- include "stackstorm-ha.labels" "st2web" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2web") | nindent 4 }} spec: - selector: {{- include "stackstorm-ha.selectorLabels" "st2web" | nindent 4 }} + selector: {{- include "stackstorm-ha.selectorLabels" (list $ "st2web") | nindent 4 }} type: {{ .Values.st2web.service.type }} {{- if contains "ExternalName" .Values.st2web.service.type }} {{- if .Values.st2web.service.hostname }} @@ -110,9 +110,9 @@ metadata: name: {{ .Release.Name }}-st2chatops annotations: description: StackStorm st2chatops, - conversation-driven automation service exposed as hubot instance with predefined list of chat adapters - labels: {{- include "stackstorm-ha.labels" "st2chatops" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2chatops") | nindent 4 }} spec: - selector: {{- include "stackstorm-ha.selectorLabels" "st2chatops" | nindent 4 }} + selector: {{- include "stackstorm-ha.selectorLabels" (list $ "st2chatops") | nindent 4 }} type: ClusterIP ports: - protocol: TCP diff --git a/templates/tests/st2tests-configmap.yaml b/templates/tests/st2tests-configmap.yaml index 25d0feab..13703a61 100644 --- a/templates/tests/st2tests-configmap.yaml +++ b/templates/tests/st2tests-configmap.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ .Release.Name }}-st2tests - labels: {{- include "stackstorm-ha.labels" "st2tests" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2tests") | nindent 4 }} data: st2tests.sh: | {{ .Files.Get "tests/integration/st2tests.sh" | indent 4 }} diff --git a/templates/tests/st2tests-pod.yaml b/templates/tests/st2tests-pod.yaml index 53790a9b..632ec7d7 100644 --- a/templates/tests/st2tests-pod.yaml +++ b/templates/tests/st2tests-pod.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Pod metadata: name: "{{ .Release.Name }}-st2tests" - labels: {{- include "stackstorm-ha.labels" "st2tests" | nindent 4 }} + labels: {{- include "stackstorm-ha.labels" (list $ "st2tests") | nindent 4 }} annotations: "helm.sh/hook": test-success "helm.sh/hook-delete-policy": hook-succeeded From 474fc3abee75661816393d223e3d37ae961cef01 Mon Sep 17 00:00:00 2001 From: Jacob Floyd Date: Thu, 24 Mar 2022 21:18:37 -0500 Subject: [PATCH 3/8] enable ServiceAccount label tests --- tests/unit/labels_test.yaml | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/tests/unit/labels_test.yaml b/tests/unit/labels_test.yaml index 09f1dd7d..3423babc 100644 --- a/tests/unit/labels_test.yaml +++ b/tests/unit/labels_test.yaml @@ -198,13 +198,12 @@ tests: - equal: path: metadata.labels.release value: some-release-name - # ServiceAccount does not have tier or vendor - #- equal: - # path: metadata.labels.tier - # value: backend - #- equal: - # path: metadata.labels.vendor - # value: stackstorm + - equal: + path: metadata.labels.tier + value: backend + - equal: + path: metadata.labels.vendor + value: stackstorm - equal: path: metadata.labels.chart value: stackstorm-ha-1.0.999 From 11b43ddaa8f6ed31959d15a278b04f9061c563fe Mon Sep 17 00:00:00 2001 From: Jacob Floyd Date: Thu, 24 Mar 2022 22:43:35 -0500 Subject: [PATCH 4/8] simplify chart name helper --- templates/_helpers.tpl | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index 15f9fcab..6f653481 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -5,13 +5,6 @@ Expand the name of the chart. {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} {{- end -}} -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "stackstorm-ha.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - {{/* Common labels Usage: "{{ include "stackstorm-ha.labels" (list $ "st2servicename") }}" @@ -28,7 +21,7 @@ tier: tests tier: backend {{- end }} vendor: stackstorm -chart: {{ include "stackstorm-ha.chart" $root }} +chart: {{ $root.Chart.Name }}-{{ $root.Chart.Version }} heritage: {{ $root.Release.Service }} {{- end -}} From 8327f95e53217fdb3a3c3332217076f1e4ff8025 Mon Sep 17 00:00:00 2001 From: Jacob Floyd Date: Thu, 24 Mar 2022 22:43:44 -0500 Subject: [PATCH 5/8] add changelog entry --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 28b7a7ef..6692ed5f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,7 @@ * Allow partitioning sensors using the hash_range strategy instead of one sensor per pod. (#218) (by @cognifloyd) * New feature to include possibility for external services in st2api, st2stream and st2auth, setting default value for this services as `ClusterIP` and `hostname: ""`. Also, added new entry for custom_annotations_test.yaml and created new unit test services_test.yaml. (by @sandesvitor) * Advanced Feature: Add extra Helm hook Jobs. This minimizes the boilerplate required to run stackstorm workflows at various helm hook stages: post-install, pre-upgrade, post-upgrade. (#265) (by @cognifloyd) +* Refactor label definitions to be more consistent by building labels and label selectors in partial helper templates. (#299) (by @cognifloyd) ## v0.80.0 * Switch st2 to `v3.6` as a new default stable version (#274) From 1d376546073a0d951339e7e7a2e2178f659baf5c Mon Sep 17 00:00:00 2001 From: Jacob Floyd Date: Thu, 24 Mar 2022 22:55:28 -0500 Subject: [PATCH 6/8] fix label tests --- tests/unit/labels_test.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tests/unit/labels_test.yaml b/tests/unit/labels_test.yaml index 3423babc..f7c4e925 100644 --- a/tests/unit/labels_test.yaml +++ b/tests/unit/labels_test.yaml @@ -192,6 +192,8 @@ tests: serviceAccount: create: true asserts: + - hasDocuments: + count: 1 - equal: path: metadata.labels.app value: stackstorm-ha @@ -219,7 +221,9 @@ tests: hostname: some-host-name ingress: enabled: true - assert: + asserts: + - hasDocuments: + count: 1 - equal: path: metadata.labels.app value: ingress From 2997164fdcdd5f277df526921d96f8f62cb1218f Mon Sep 17 00:00:00 2001 From: Jacob Floyd Date: Thu, 24 Mar 2022 23:27:53 -0500 Subject: [PATCH 7/8] add label unit tests for ConfigMaps and Secrets --- tests/unit/labels_test.yaml | 173 +++++++++++++++++++++++++++++++++++- 1 file changed, 171 insertions(+), 2 deletions(-) diff --git a/tests/unit/labels_test.yaml b/tests/unit/labels_test.yaml index f7c4e925..d59fe4ea 100644 --- a/tests/unit/labels_test.yaml +++ b/tests/unit/labels_test.yaml @@ -6,14 +6,14 @@ templates: - services.yaml - configmaps_packs.yaml - - configmaps_post-start-scripts.yaml + - configmaps_post-start-script.yaml - configmaps_rbac.yaml - configmaps_st2-conf.yaml - configmaps_st2-urls.yaml - configmaps_st2web.yaml - secrets_datastore_crypto_key.yaml - - secrets_rabbit.yaml + - secrets_rabbitmq.yaml - secrets_ssh.yaml - secrets_st2apikeys.yaml - secrets_st2auth.yaml @@ -242,3 +242,172 @@ tests: - equal: path: metadata.labels.heritage value: Helm + + - it: ConfigMaps and Secrets have required labels + templates: + - configmaps_packs.yaml + - configmaps_st2-conf.yaml + - configmaps_st2-urls.yaml + + - secrets_datastore_crypto_key.yaml + - secrets_rabbitmq.yaml + - secrets_ssh.yaml + - secrets_st2apikeys.yaml + - secrets_st2auth.yaml + - secrets_st2kv.yaml + set: + rabbitmq: # for secrets_rabbitmq.yaml + enabled: true + asserts: + - hasDocuments: + count: 1 + - equal: + path: metadata.labels.app + value: st2 + - equal: + path: metadata.labels.release + value: some-release-name + - equal: + path: metadata.labels.tier + value: backend + - equal: + path: metadata.labels.vendor + value: stackstorm + - equal: + path: metadata.labels.chart + value: stackstorm-ha-1.0.999 + - equal: + path: metadata.labels.heritage + value: Helm + + - it: RBAC ConfigMaps have required labels + templates: + - configmaps_rbac.yaml + set: + st2: + rbac: + enabled: true # enable rbac config maps + asserts: + - hasDocuments: + count: 3 + - equal: + path: metadata.labels.app + value: st2 + - equal: + path: metadata.labels.release + value: some-release-name + - equal: + path: metadata.labels.tier + value: backend + - equal: + path: metadata.labels.vendor + value: stackstorm + - equal: + path: metadata.labels.chart + value: stackstorm-ha-1.0.999 + - equal: + path: metadata.labels.heritage + value: Helm + + - it: st2chatops Secret has required labels + templates: + - secrets_st2chatops.yaml + set: + st2chatops: + enabled: true + asserts: + - hasDocuments: + count: 1 + - equal: + path: metadata.labels.app + value: st2chatops + - equal: + path: metadata.labels.release + value: some-release-name + - equal: + path: metadata.labels.tier + value: backend + - equal: + path: metadata.labels.vendor + value: stackstorm + - equal: + path: metadata.labels.chart + value: stackstorm-ha-1.0.999 + - equal: + path: metadata.labels.heritage + value: Helm + + - it: st2web ConfigMap has required labels + templates: + #- configmaps_post-start-scripts.yaml # needs postStartScript for each service + - configmaps_st2web.yaml + set: + st2web: + config: | + // see https://github.com/StackStorm/st2web/blob/master/config.js + 'use strict'; + /* global angular */ + angular.module('main').constant('st2Config', {}); + asserts: + - hasDocuments: + count: 1 + - equal: + path: metadata.labels.app + value: st2 # should this be st2web? + - equal: + path: metadata.labels.release + value: some-release-name + - equal: + path: metadata.labels.tier + value: backend # should this be frontend? + - equal: + path: metadata.labels.vendor + value: stackstorm + - equal: + path: metadata.labels.chart + value: stackstorm-ha-1.0.999 + - equal: + path: metadata.labels.heritage + value: Helm + + - it: post-start-script ConfigMaps have required labels + templates: + - configmaps_post-start-script.yaml + set: + st2auth: &postStartScript + postStartScript: | + echo hello world + st2api: *postStartScript + st2stream: *postStartScript + st2web: *postStartScript + st2rulesengine: *postStartScript + st2timersengine: *postStartScript + st2workflowengine: *postStartScript + st2scheduler: *postStartScript + st2notifier: *postStartScript + st2sensorcontainer: *postStartScript + st2actionrunner: *postStartScript + st2garbagecollector: *postStartScript + st2client: *postStartScript + st2chatops: *postStartScript + asserts: + - hasDocuments: + count: 14 + - equal: + path: metadata.labels.app + value: st2 + - equal: + path: metadata.labels.release + value: some-release-name + - equal: + path: metadata.labels.tier + value: backend + - equal: + path: metadata.labels.vendor + value: stackstorm + - equal: + path: metadata.labels.chart + value: stackstorm-ha-1.0.999 + - equal: + path: metadata.labels.heritage + value: Helm From 620a678f2893f42bcf3e12d981eff17874c79616 Mon Sep 17 00:00:00 2001 From: Jacob Floyd Date: Sat, 4 Jun 2022 21:25:23 -0500 Subject: [PATCH 8/8] fix changelog --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c6efbdd9..9cd470e6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,7 @@ ## In Development * Temporary workaround for #311 to use previous bitnami index from: https://github.com/bitnami/charts/issues/10539 (#312) (by @0xhaven) +* Refactor label definitions to be more consistent by building labels and label selectors in partial helper templates. (#299) (by @cognifloyd) ## v0.100.0 * Switch st2 to `v3.7` as a new default stable version (#274) @@ -17,7 +18,6 @@ * Allow partitioning sensors using the hash_range strategy instead of one sensor per pod. (#218) (by @cognifloyd) * New feature to include possibility for external services in st2api, st2stream and st2auth, setting default value for this services as `ClusterIP` and `hostname: ""`. Also, added new entry for custom_annotations_test.yaml and created new unit test services_test.yaml. (by @sandesvitor) * Advanced Feature: Add extra Helm hook Jobs. This minimizes the boilerplate required to run stackstorm workflows at various helm hook stages: post-install, pre-upgrade, post-upgrade. (#265) (by @cognifloyd) -* Refactor label definitions to be more consistent by building labels and label selectors in partial helper templates. (#299) (by @cognifloyd) ## v0.80.0 * Switch st2 to `v3.6` as a new default stable version (#274)