diff --git a/charts/nginx-ingress/templates/_helpers.tpl b/charts/nginx-ingress/templates/_helpers.tpl index 3f51e2b6a..a0c333afd 100644 --- a/charts/nginx-ingress/templates/_helpers.tpl +++ b/charts/nginx-ingress/templates/_helpers.tpl @@ -58,6 +58,9 @@ helm.sh/chart: {{ include "nginx-ingress.chart" . }} app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} {{- end }} app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- if .Values.commonLabels }} +{{ toYaml .Values.commonLabels }} +{{- end }} {{- end }} {{/* diff --git a/charts/nginx-ingress/values.schema.json b/charts/nginx-ingress/values.schema.json index 0b9bf67dc..afd16f467 100644 --- a/charts/nginx-ingress/values.schema.json +++ b/charts/nginx-ingress/values.schema.json @@ -11,6 +11,12 @@ "nginxServiceMesh" ], "properties": { + "commonLabels": { + "type": "object", + "default": {}, + "title": "Common labels to apply to all resources", + "additionalProperties": true + }, "controller": { "type": "object", "default": {}, diff --git a/charts/nginx-ingress/values.yaml b/charts/nginx-ingress/values.yaml index 3f16780a5..bc21edcc6 100644 --- a/charts/nginx-ingress/values.yaml +++ b/charts/nginx-ingress/values.yaml @@ -1,3 +1,6 @@ +## Labels to apply to all resources. +commonLabels: {} + controller: ## The name of the Ingress Controller daemonset, deployment, or statefulset. name: controller diff --git a/charts/tests/__snapshots__/helmunit_test.snap b/charts/tests/__snapshots__/helmunit_test.snap index 1d55d6653..477670a82 100755 --- a/charts/tests/__snapshots__/helmunit_test.snap +++ b/charts/tests/__snapshots__/helmunit_test.snap @@ -2576,6 +2576,483 @@ metadata: app.kubernetes.io/managed-by: Helm --- +[TestHelmNICTemplate/commonLabels - 1] +/-/-/-/ +# Source: nginx-ingress/templates/controller-serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: common-labels-nginx-ingress + namespace: default + labels: + helm.sh/chart: nginx-ingress-2.5.0 + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: common-labels + app.kubernetes.io/version: "5.4.0" + app.kubernetes.io/managed-by: Helm + cost-center: "12345" + environment: production + team: platform +/-/-/-/ +# Source: nginx-ingress/templates/controller-configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: common-labels-nginx-ingress + namespace: default + labels: + helm.sh/chart: nginx-ingress-2.5.0 + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: common-labels + app.kubernetes.io/version: "5.4.0" + app.kubernetes.io/managed-by: Helm + cost-center: "12345" + environment: production + team: platform +data: + {} +/-/-/-/ +# Source: nginx-ingress/templates/controller-leader-election-configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: common-labels-nginx-ingress-leader-election + namespace: default + labels: + helm.sh/chart: nginx-ingress-2.5.0 + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: common-labels + app.kubernetes.io/version: "5.4.0" + app.kubernetes.io/managed-by: Helm + cost-center: "12345" + environment: production + team: platform +/-/-/-/ +# Source: nginx-ingress/templates/clusterrole.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: common-labels-nginx-ingress + labels: + helm.sh/chart: nginx-ingress-2.5.0 + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: common-labels + app.kubernetes.io/version: "5.4.0" + app.kubernetes.io/managed-by: Helm + cost-center: "12345" + environment: production + team: platform +rules: +- apiGroups: + - "" + resources: + - configmaps + - namespaces + - pods + - secrets + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - list +- apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - list + - watch +- apiGroups: + - discovery.k8s.io + resources: + - endpointslices + verbs: + - get + - list + - watch +- apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - nodes + verbs: + - list +- apiGroups: + - "apps" + resources: + - replicasets + - daemonsets + - statefulsets + verbs: + - get +- apiGroups: + - networking.k8s.io + resources: + - ingressclasses + verbs: + - get + - list +- apiGroups: + - networking.k8s.io + resources: + - ingresses/status + verbs: + - update +- apiGroups: + - k8s.nginx.org + resources: + - virtualservers + - virtualserverroutes + - globalconfigurations + - transportservers + - policies + verbs: + - list + - watch + - get +- apiGroups: + - k8s.nginx.org + resources: + - virtualservers/status + - virtualserverroutes/status + - policies/status + - transportservers/status + verbs: + - update +/-/-/-/ +# Source: nginx-ingress/templates/clusterrolebinding.yaml +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: common-labels-nginx-ingress + labels: + helm.sh/chart: nginx-ingress-2.5.0 + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: common-labels + app.kubernetes.io/version: "5.4.0" + app.kubernetes.io/managed-by: Helm + cost-center: "12345" + environment: production + team: platform +subjects: +- kind: ServiceAccount + name: common-labels-nginx-ingress + namespace: default +roleRef: + kind: ClusterRole + name: common-labels-nginx-ingress + apiGroup: rbac.authorization.k8s.io +/-/-/-/ +# Source: nginx-ingress/templates/controller-role.yaml +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: common-labels-nginx-ingress + labels: + helm.sh/chart: nginx-ingress-2.5.0 + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: common-labels + app.kubernetes.io/version: "5.4.0" + app.kubernetes.io/managed-by: Helm + cost-center: "12345" + environment: production + team: platform + namespace: default +rules: +- apiGroups: + - "" + resources: + - configmaps + - pods + - secrets + - services + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get +- apiGroups: + - "" + resources: + - pods + verbs: + - update +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - list +- apiGroups: + - coordination.k8s.io + resources: + - leases + resourceNames: + - common-labels-nginx-ingress-leader-election + verbs: + - get + - update +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create +/-/-/-/ +# Source: nginx-ingress/templates/controller-rolebinding.yaml +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: common-labels-nginx-ingress + labels: + helm.sh/chart: nginx-ingress-2.5.0 + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: common-labels + app.kubernetes.io/version: "5.4.0" + app.kubernetes.io/managed-by: Helm + cost-center: "12345" + environment: production + team: platform + namespace: default +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: common-labels-nginx-ingress +subjects: +- kind: ServiceAccount + name: common-labels-nginx-ingress + namespace: default +/-/-/-/ +# Source: nginx-ingress/templates/controller-service.yaml +apiVersion: v1 +kind: Service +metadata: + name: common-labels-nginx-ingress-controller + namespace: default + labels: + helm.sh/chart: nginx-ingress-2.5.0 + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: common-labels + app.kubernetes.io/version: "5.4.0" + app.kubernetes.io/managed-by: Helm + cost-center: "12345" + environment: production + team: platform +spec: + externalTrafficPolicy: Local + type: LoadBalancer + ports: + - port: 80 + targetPort: 80 + protocol: TCP + name: http + nodePort: + - port: 443 + targetPort: 443 + protocol: TCP + name: https + nodePort: + selector: + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: common-labels +/-/-/-/ +# Source: nginx-ingress/templates/controller-deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: common-labels-nginx-ingress-controller + namespace: default + labels: + helm.sh/chart: nginx-ingress-2.5.0 + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: common-labels + app.kubernetes.io/version: "5.4.0" + app.kubernetes.io/managed-by: Helm + cost-center: "12345" + environment: production + team: platform +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: common-labels + template: + metadata: + labels: + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: common-labels + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "9113" + prometheus.io/scheme: "http" + spec: + volumes: [] + serviceAccountName: common-labels-nginx-ingress + automountServiceAccountToken: true + securityContext: + seccompProfile: + type: RuntimeDefault + terminationGracePeriodSeconds: 30 + hostNetwork: false + dnsPolicy: ClusterFirst + containers: + - image: nginx/nginx-ingress:5.4.0 + name: nginx-ingress + imagePullPolicy: "IfNotPresent" + ports: + - name: http + containerPort: 80 + protocol: TCP + - name: https + containerPort: 443 + protocol: TCP + - name: prometheus + containerPort: 9113 + - name: readiness-port + containerPort: 8081 + readinessProbe: + httpGet: + path: /nginx-ready + port: readiness-port + periodSeconds: 1 + initialDelaySeconds: 0 + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: false + runAsUser: 101 #nginx + runAsNonRoot: true + capabilities: + drop: + - ALL + add: + - NET_BIND_SERVICE + volumeMounts: [] + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + args: + + - -nginx-plus=false + - -nginx-reload-timeout=60000 + - -enable-app-protect=false + - -enable-app-protect-dos=false + - -nginx-configmaps=$(POD_NAMESPACE)/common-labels-nginx-ingress + - -ingress-class=nginx + - -health-status=false + - -health-status-uri=/nginx-health + - -nginx-debug=false + - -log-level=info + - -log-format=glog + - -nginx-status=true + - -nginx-status-port=8080 + - -nginx-status-allow-cidrs=127.0.0.1 + - -report-ingress-status + - -external-service=common-labels-nginx-ingress-controller + - -enable-leader-election=true + - -leader-election-lock-name=common-labels-nginx-ingress-leader-election + - -enable-prometheus-metrics=true + - -prometheus-metrics-listen-port=9113 + - -prometheus-tls-secret= + - -enable-service-insight=false + - -service-insight-listen-port=9114 + - -service-insight-tls-secret= + - -enable-custom-resources=true + - -enable-snippets=false + - -disable-ipv6=false + - -enable-tls-passthrough=false + - -enable-cert-manager=false + - -enable-oidc=false + - -enable-external-dns=false + - -default-http-listener-port=80 + - -default-https-listener-port=443 + - -ready-status=true + - -ready-status-port=8081 + - -enable-latency-metrics=false + - -ssl-dynamic-reload=true + - -enable-telemetry-reporting=true + - -weight-changes-dynamic-reload=false +/-/-/-/ +# Source: nginx-ingress/templates/controller-ingress-class.yaml +apiVersion: networking.k8s.io/v1 +kind: IngressClass +metadata: + name: nginx + labels: + helm.sh/chart: nginx-ingress-2.5.0 + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: common-labels + app.kubernetes.io/version: "5.4.0" + app.kubernetes.io/managed-by: Helm + cost-center: "12345" + environment: production + team: platform +spec: + controller: nginx.org/ingress-controller +/-/-/-/ +# Source: nginx-ingress/templates/controller-configmap.yaml +/-/-/-/ +/-/-/-/ +# Source: nginx-ingress/templates/controller-lease.yaml +apiVersion: coordination.k8s.io/v1 +kind: Lease +metadata: + name: common-labels-nginx-ingress-leader-election + namespace: default + labels: + helm.sh/chart: nginx-ingress-2.5.0 + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: common-labels + app.kubernetes.io/version: "5.4.0" + app.kubernetes.io/managed-by: Helm + cost-center: "12345" + environment: production + team: platform +--- + [TestHelmNICTemplate/customResources - 1] /-/-/-/ # Source: nginx-ingress/templates/controller-serviceaccount.yaml diff --git a/charts/tests/helmunit_test.go b/charts/tests/helmunit_test.go index 81614aba8..b7e91107d 100644 --- a/charts/tests/helmunit_test.go +++ b/charts/tests/helmunit_test.go @@ -181,6 +181,11 @@ func TestHelmNICTemplate(t *testing.T) { releaseName: "list-configs", namespace: "default", }, + "commonLabels": { + valuesFile: "testdata/common-labels.yaml", + releaseName: "common-labels", + namespace: "default", + }, } // Path to the helm chart we will test diff --git a/charts/tests/testdata/common-labels.yaml b/charts/tests/testdata/common-labels.yaml new file mode 100644 index 000000000..397456c25 --- /dev/null +++ b/charts/tests/testdata/common-labels.yaml @@ -0,0 +1,7 @@ +commonLabels: + team: platform + environment: production + cost-center: "12345" + +controller: + kind: deployment