feat(kspm-collector): Deployment annotations and fix label render iss…

…ue - replace #1626 (#1639) Co-authored-by: Venkata Mannam <[email protected]> Co-authored-by: narendramannam <[email protected]>
sysdiglabs · Mar 12, 2024 · 0b82d81 · 0b82d81
1 parent cf50393
commit 0b82d81
Show file tree

Hide file tree

Showing 7 changed files with 92 additions and 4 deletions.
diff --git a/charts/kspm-collector/Chart.yaml b/charts/kspm-collector/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
 name: kspm-collector
 description: Sysdig KSPM collector
 
-version: 0.13.0
+version: 0.14.0
 appVersion: 1.38.0
 
 keywords:

diff --git a/charts/kspm-collector/README.md b/charts/kspm-collector/README.md
@@ -71,6 +71,7 @@ The following table lists the configurable parameters of the Sysdig KSPM Collect
 | `os`                                       | Specifies the allowed operating systems for scheduling.                                                                                          | `[ linux ]`                                                 |
 | `affinity`                                 | Specifies the node affinities. Overrides `arch` and `os` values.                                                                                 | `{}`                                                        |
 | `labels`                                   | Specifies the KSPM collector specific labels as a multi-line templated string map or as YAML.                                                    | `{}`                                                        |
+| `annotations`                              | Specifies the deployment annotations as a multi-line templated string map or as YAML.                                                            | `{}`                                                        |
 | `podAnnotations`                           | Specifies the pod annotations as a multi-line templated string map or as YAML.                                                                   | `{}`                                                        |
 | `port`                                     | Specifies the KSPM collector port for health checks.                                                                                             | `8080`                                                      |
 | `psp.create`                               | Creates Pod Security Policy to allow the KSPM collector running in PSP-enabled clusters.                                                         | `true`                                                      |

diff --git a/charts/kspm-collector/templates/deployment.yaml b/charts/kspm-collector/templates/deployment.yaml
@@ -6,6 +6,10 @@ metadata:
   labels:
     app.kubernetes.io/name: {{ include "kspmCollector.name" . }}
 {{ include "kspmCollector.labels" . | indent 4 }}
+  {{- with .Values.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
 spec:
   replicas: {{ .Values.replicas }}
   selector:
@@ -16,11 +20,11 @@ spec:
     metadata:
       labels:
         app.kubernetes.io/name: {{ include "kspmCollector.name" . }}
+        {{- include "kspmCollector.labels" . | nindent 8 }}
       {{- with .Values.podAnnotations }}
       annotations:
         {{- toYaml . | nindent 8 }}
       {{- end }}
-{{ include "kspmCollector.labels" . | indent 8 }}
     spec:
       serviceAccountName: {{ template "kspmCollector.serviceAccountName" .}}
       securityContext:

diff --git a/charts/kspm-collector/tests/deployment_annotation_test.yaml b/charts/kspm-collector/tests/deployment_annotation_test.yaml
@@ -0,0 +1,37 @@
+suite: Deployment annotation test
+templates:
+  - deployment.yaml
+tests:
+  - it: check that the deployment do not have any custom annotation if not specified
+    set:
+      sysdig:
+        accessKey: AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE
+    asserts:
+    - isNull:
+        path: metadata.annotations
+
+  - it: check that the deployment include the annotation
+    set:
+      sysdig:
+        accessKey: AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE
+      annotations:
+        my-annotation: my-value
+    asserts:
+    - exists:
+        path: metadata.annotations
+
+  - it: check that the deployment include the annotation match the value we specified
+    set:
+      sysdig:
+        accessKey: AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE
+      annotations:
+        my-annotation-1: my-value-1
+        my-annotation-2: my-value-2
+    asserts:
+    - equal:
+        path: metadata.annotations['my-annotation-1']
+        value: my-value-1
+
+    - equal:
+        path: metadata.annotations['my-annotation-2']
+        value: my-value-2
diff --git a/charts/kspm-collector/tests/deployment_labels_test.yaml b/charts/kspm-collector/tests/deployment_labels_test.yaml
@@ -0,0 +1,44 @@
+suite: Deployment label test
+templates:
+  - deployment.yaml
+tests:
+  - it: check that the deployment do not have any custom labels if not specified
+    set:
+      sysdig:
+        accessKey: AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE
+    asserts:
+      - isNotNull:
+          path: spec.template.metadata.labels['app.kubernetes.io/name']
+      - isNotNull:
+          path: spec.template.metadata.labels['helm.sh/chart']
+      - isNotNull:
+          path: spec.template.metadata.labels['app.kubernetes.io/instance']
+      - isNotNull:
+          path: spec.template.metadata.labels['app.kubernetes.io/version']
+      - isNotNull:
+          path: spec.template.metadata.labels['app.kubernetes.io/managed-by']
+
+  - it: check that the deployment do not have custom labels when specified
+    set:
+      sysdig:
+        accessKey: AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE
+      labels:
+        mylabel1: test1
+        mylabel2: test2
+    asserts:
+      - isNotNull:
+          path: spec.template.metadata.labels['app.kubernetes.io/name']
+      - isNotNull:
+          path: spec.template.metadata.labels['helm.sh/chart']
+      - isNotNull:
+          path: spec.template.metadata.labels['app.kubernetes.io/instance']
+      - isNotNull:
+          path: spec.template.metadata.labels['app.kubernetes.io/version']
+      - isNotNull:
+          path: spec.template.metadata.labels['app.kubernetes.io/managed-by']
+      - equal:
+          path: spec.template.metadata.labels.mylabel1
+          value: test1
+      - equal:
+          path: spec.template.metadata.labels.mylabel2
+          value: test2
diff --git a/charts/kspm-collector/values.yaml b/charts/kspm-collector/values.yaml
@@ -172,6 +172,8 @@ affinity: {}
 
 labels: {}
 
+annotations: {}
+
 podAnnotations: {}
 
 ssl:

diff --git a/charts/sysdig-deploy/Chart.yaml b/charts/sysdig-deploy/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
 name: sysdig-deploy
 description: A chart with various Sysdig components for Kubernetes
 type: application
-version: 1.42.3
+version: 1.43.0
 maintainers:
   - name: AlbertoBarba
     email: [email protected]
@@ -48,7 +48,7 @@ dependencies:
   - name: kspm-collector
     # repository: https://charts.sysdig.com
     repository: file://../kspm-collector
-    version: ~0.13.0
+    version: ~0.14.0
     alias: kspmCollector
     condition: global.kspm.deploy
   - name: rapid-response
-Original file line number
+Diff line change
@@ Expand Up / @@ -172,6 +172,8 @@ affinity: {} @@
     labels: {}
+    annotations: {}
     podAnnotations: {}
     ssl:
@@ Expand Down @@