From 87d8570600421f00514b508dd7e80bb4fd717d27 Mon Sep 17 00:00:00 2001 From: Pierangelo Di Pilato Date: Thu, 26 Sep 2024 14:34:51 +0200 Subject: [PATCH] Use istio inject label (#762) Ref: https://github.com/knative/eventing/issues/8204 Signed-off-by: Pierangelo Di Pilato --- pkg/eventshub/103-pod.yaml | 3 +++ pkg/eventshub/104-forwarder.yaml | 12 ++++++++++-- pkg/eventshub/eventshub_test.go | 2 ++ pkg/eventshub/resources.go | 1 + pkg/manifest/options.go | 24 ++++++++++++++++++++++++ pkg/resources/cronjob/cronjob.go | 1 + pkg/resources/deployment/deployment.go | 1 + pkg/resources/deployment/deployment.yaml | 3 +++ pkg/resources/job/job.go | 1 + pkg/resources/pod/pod.go | 1 + pkg/resources/pod/pod_test.go | 1 + 11 files changed, 48 insertions(+), 2 deletions(-) diff --git a/pkg/eventshub/103-pod.yaml b/pkg/eventshub/103-pod.yaml index 83b2c55f..c780e86a 100644 --- a/pkg/eventshub/103-pod.yaml +++ b/pkg/eventshub/103-pod.yaml @@ -19,6 +19,9 @@ metadata: namespace: {{ .namespace }} labels: app: eventshub-{{ .name }} + {{ range $key, $value := .labels }} + {{ $key }}: "{{ $value }}" + {{ end }} {{ if .annotations }} annotations: {{ range $key, $value := .annotations }} diff --git a/pkg/eventshub/104-forwarder.yaml b/pkg/eventshub/104-forwarder.yaml index e014d5fb..a34e7132 100644 --- a/pkg/eventshub/104-forwarder.yaml +++ b/pkg/eventshub/104-forwarder.yaml @@ -25,12 +25,20 @@ metadata: {{ end }} spec: template: - {{ if .podannotations }} + {{ if or .podannotations .podlabels }} metadata: + {{ if .podannotations }} annotations: {{ range $key, $value := .podannotations }} {{ $key }}: "{{ $value }}" - {{ end }} + {{ end }} + {{ end }} + {{ if .podlabels }} + labels: + {{ range $key, $value := .podlabels }} + {{ $key }}: "{{ $value }}" + {{ end }} + {{ end }} {{ end }} spec: serviceAccountName: "{{ .name }}" diff --git a/pkg/eventshub/eventshub_test.go b/pkg/eventshub/eventshub_test.go index 5914cadb..a9791413 100644 --- a/pkg/eventshub/eventshub_test.go +++ b/pkg/eventshub/eventshub_test.go @@ -124,6 +124,7 @@ func ExampleIstioAnnotation() { } manifest.WithIstioPodAnnotations(cfg) + manifest.WithIstioPodLabels(cfg) files, err := manifest.ExecuteYAML(ctx, templates, images, cfg) if err != nil { @@ -153,6 +154,7 @@ func ExampleIstioAnnotation() { // namespace: example // labels: // app: eventshub-hubhub + // sidecar.istio.io/inject: "true" // annotations: // proxy.istio.io/config: "{ 'holdApplicationUntilProxyStarts': true }" // sidecar.istio.io/inject: "true" diff --git a/pkg/eventshub/resources.go b/pkg/eventshub/resources.go index d87e2f5f..c34f55c8 100644 --- a/pkg/eventshub/resources.go +++ b/pkg/eventshub/resources.go @@ -168,6 +168,7 @@ func Install(name string, options ...EventsHubOption) feature.StepFn { if ic := environment.GetIstioConfig(ctx); ic.Enabled { manifest.WithIstioPodAnnotations(cfg) + manifest.WithIstioPodLabels(cfg) } manifest.PodSecurityCfgFn(ctx, t)(cfg) diff --git a/pkg/manifest/options.go b/pkg/manifest/options.go index bb51fb58..6e0aa92b 100644 --- a/pkg/manifest/options.go +++ b/pkg/manifest/options.go @@ -63,6 +63,21 @@ func WithPodAnnotations(additional map[string]interface{}) CfgFn { } } +// WithPodLabels appends pod labels (usually used by types where pod template is embedded) +func WithPodLabels(additional map[string]string) CfgFn { + return func(cfg map[string]interface{}) { + if ann, ok := cfg["podlabels"]; ok { + m := make(map[string]interface{}, len(additional)) + for k, v := range additional { + m[k] = v + } + appendToOriginal(ann, m) + return + } + cfg["podlabels"] = additional + } +} + func appendToOriginal(original interface{}, additional map[string]interface{}) { annotations := original.(map[string]interface{}) for k, v := range additional { @@ -92,3 +107,12 @@ func WithIstioPodAnnotations(cfg map[string]interface{}) { WithAnnotations(podAnnotations)(cfg) WithPodAnnotations(podAnnotations)(cfg) } + +func WithIstioPodLabels(cfg map[string]interface{}) { + podLabels := map[string]string{ + "sidecar.istio.io/inject": "true", + } + + WithLabels(podLabels)(cfg) + WithPodLabels(podLabels)(cfg) +} diff --git a/pkg/resources/cronjob/cronjob.go b/pkg/resources/cronjob/cronjob.go index 7da7341f..cf82fc85 100644 --- a/pkg/resources/cronjob/cronjob.go +++ b/pkg/resources/cronjob/cronjob.go @@ -62,6 +62,7 @@ func Install(name string, image string, options ...manifest.CfgFn) feature.StepF if ic := environment.GetIstioConfig(ctx); ic.Enabled { manifest.WithIstioPodAnnotations(cfg) + manifest.WithIstioPodLabels(cfg) } manifest.PodSecurityCfgFn(ctx, t)(cfg) diff --git a/pkg/resources/deployment/deployment.go b/pkg/resources/deployment/deployment.go index a961d8a6..3388fcc0 100644 --- a/pkg/resources/deployment/deployment.go +++ b/pkg/resources/deployment/deployment.go @@ -49,6 +49,7 @@ func Install(name string, image string, options ...manifest.CfgFn) feature.StepF if ic := environment.GetIstioConfig(ctx); ic.Enabled { manifest.WithIstioPodAnnotations(cfg) + manifest.WithIstioPodLabels(cfg) } manifest.PodSecurityCfgFn(ctx, t)(cfg) diff --git a/pkg/resources/deployment/deployment.yaml b/pkg/resources/deployment/deployment.yaml index 189cfd6f..48ff661c 100644 --- a/pkg/resources/deployment/deployment.yaml +++ b/pkg/resources/deployment/deployment.yaml @@ -36,6 +36,9 @@ spec: {{ range $key, $value := .selectors }} {{ $key }}: "{{ $value }}" {{ end }} + {{ range $key, $value := .podlabels }} + {{ $key }}: "{{ $value }}" + {{ end }} spec: {{ if .podSecurityContext }} securityContext: diff --git a/pkg/resources/job/job.go b/pkg/resources/job/job.go index b9237df3..aee65536 100644 --- a/pkg/resources/job/job.go +++ b/pkg/resources/job/job.go @@ -47,6 +47,7 @@ func Install(name string, image string, options ...manifest.CfgFn) feature.StepF if ic := environment.GetIstioConfig(ctx); ic.Enabled { manifest.WithIstioPodAnnotations(cfg) + manifest.WithIstioPodLabels(cfg) } manifest.PodSecurityCfgFn(ctx, t)(cfg) diff --git a/pkg/resources/pod/pod.go b/pkg/resources/pod/pod.go index 93fd8f51..0bec72e3 100644 --- a/pkg/resources/pod/pod.go +++ b/pkg/resources/pod/pod.go @@ -44,6 +44,7 @@ func Install(name string, image string, opts ...manifest.CfgFn) feature.StepFn { if ic := environment.GetIstioConfig(ctx); ic.Enabled { manifest.WithIstioPodAnnotations(cfg) + manifest.WithIstioPodLabels(cfg) } manifest.PodSecurityCfgFn(ctx, t)(cfg) diff --git a/pkg/resources/pod/pod_test.go b/pkg/resources/pod/pod_test.go index 0abd9a6b..95635b9a 100644 --- a/pkg/resources/pod/pod_test.go +++ b/pkg/resources/pod/pod_test.go @@ -21,6 +21,7 @@ import ( "os" v1 "k8s.io/api/core/v1" + testlog "knative.dev/reconciler-test/pkg/logging" "knative.dev/reconciler-test/pkg/manifest" "knative.dev/reconciler-test/pkg/resources/pod"