Skip to content

Commit b993a53

Browse files
jkatzJonathan S. Katz
jkatz
authored and
Jonathan S. Katz
committed
Ensure "vendor" label is present on PGO objects
Though PGO leverages a lot of stable naming, this label is a helpful identifier among the objects that PGO is managing. Some derived objects (e.g. Secrets from SAs) do not get the label, but they are tightly coulpled to the object that does get the label. Most objects had the "vendor" label already, but this should bring everything inline. Issue: #2470
1 parent 53f6f9e commit b993a53

36 files changed

+132
-11
lines changed

deploy/cluster-role-bindings.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,8 @@ apiVersion: rbac.authorization.k8s.io/v1
33
kind: ClusterRoleBinding
44
metadata:
55
name: pgo-cluster-role
6+
labels:
7+
vendor: crunchydata
68
roleRef:
79
apiGroup: rbac.authorization.k8s.io
810
kind: ClusterRole

deploy/cluster-roles-readonly.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,8 @@ kind: ClusterRole
22
apiVersion: rbac.authorization.k8s.io/v1
33
metadata:
44
name: pgo-cluster-role
5+
labels:
6+
vendor: crunchydata
57
rules:
68
- apiGroups:
79
- ''

deploy/cluster-roles.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,8 @@ kind: ClusterRole
33
apiVersion: rbac.authorization.k8s.io/v1
44
metadata:
55
name: pgo-cluster-role
6+
labels:
7+
vendor: crunchydata
68
rules:
79
- apiGroups:
810
- ''

deploy/deploy.sh

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -52,6 +52,8 @@ $PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE create secret generic pgo-backrest-
5252
--from-file=aws-s3-ca.crt=${PGO_CONF_DIR}/pgo-backrest-repo/aws-s3-ca.crt \
5353
--from-literal=aws-s3-key="${pgbackrest_aws_s3_key}" \
5454
--from-literal=aws-s3-key-secret="${pgbackrest_aws_s3_key_secret}"
55+
$PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE label secret pgo-backrest-repo-config \
56+
vendor=crunchydata
5557

5658
#
5759
# credentials for pgo-apiserver TLS REST API
@@ -63,11 +65,12 @@ then
6365
fi
6466

6567
$PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE create secret tls pgo.tls --key=${PGOROOT}/conf/postgres-operator/server.key --cert=${PGOROOT}/conf/postgres-operator/server.crt
68+
$PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE label secret pgo.tls vendor=crunchydata
6669

6770
$PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE create configmap pgo-config \
6871
--from-file=${PGOROOT}/conf/postgres-operator/pgo.yaml \
6972
--from-file=${PGO_CONF_DIR}/pgo-configs
70-
73+
$PGO_CMD --namespace=$PGO_OPERATOR_NAMESPACE label configmap pgo-config vendor=crunchydata
7174

7275
#
7376
# check if custom port value is set, otherwise set default values

deploy/local-namespace-rbac.yaml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,8 @@ kind: Role
33
apiVersion: rbac.authorization.k8s.io/v1
44
metadata:
55
name: pgo-local-ns
6+
labels:
7+
vendor: crunchydata
68
rules:
79
- apiGroups:
810
- ''
@@ -28,6 +30,8 @@ apiVersion: rbac.authorization.k8s.io/v1
2830
kind: RoleBinding
2931
metadata:
3032
name: pgo-local-ns
33+
labels:
34+
vendor: crunchydata
3135
roleRef:
3236
apiGroup: rbac.authorization.k8s.io
3337
kind: Role
@@ -41,6 +45,8 @@ apiVersion: rbac.authorization.k8s.io/v1
4145
kind: RoleBinding
4246
metadata:
4347
name: pgo-target-role-binding
48+
labels:
49+
vendor: crunchydata
4450
roleRef:
4551
apiGroup: rbac.authorization.k8s.io
4652
kind: Role

deploy/role-bindings.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,8 @@ kind: RoleBinding
44
metadata:
55
name: pgo-role
66
namespace: "$PGO_OPERATOR_NAMESPACE"
7+
labels:
8+
vendor: crunchydata
79
roleRef:
810
apiGroup: rbac.authorization.k8s.io
911
kind: Role

deploy/roles.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,8 @@ apiVersion: rbac.authorization.k8s.io/v1
44
metadata:
55
name: pgo-role
66
namespace: "$PGO_OPERATOR_NAMESPACE"
7+
labels:
8+
vendor: crunchydata
79
rules:
810
- apiGroups:
911
- ''

deploy/service-accounts.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,3 +4,5 @@ kind: ServiceAccount
44
metadata:
55
name: postgres-operator
66
namespace: $PGO_OPERATOR_NAMESPACE
7+
labels:
8+
vendor: crunchydata

deploy/service.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,8 @@
44
"metadata": {
55
"name": "postgres-operator",
66
"labels": {
7-
"name": "postgres-operator"
7+
"name": "postgres-operator",
8+
"vendor": "crunchydata"
89
}
910
},
1011
"spec": {

docs/content/installation/other/operator-hub.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -55,6 +55,8 @@ kubectl -n "$PGO_OPERATOR_NAMESPACE" create secret generic pgo-backrest-repo-con
5555
--from-file=./installers/ansible/roles/pgo-operator/files/pgo-backrest-repo/aws-s3-ca.crt \
5656
--from-literal=aws-s3-key="<your-aws-s3-key>" \
5757
--from-literal=aws-s3-key-secret="<your-aws-s3-key-secret>"
58+
kubectl -n "$PGO_OPERATOR_NAMESPACE" label secret pgo-backrest-repo-config \
59+
vendor=crunchydata
5860
```
5961

6062
### Certificates (optional)

0 commit comments

Comments
 (0)