From bbd0cb03be90827d58093ba51eb557094a7a17a1 Mon Sep 17 00:00:00 2001 From: "gcp-cherry-pick-bot[bot]" <98988430+gcp-cherry-pick-bot[bot]@users.noreply.github.com> Date: Tue, 11 Jul 2023 16:44:21 +0000 Subject: [PATCH] feat: allow pod labels for cleanup jobs (#7808) (#7809) Signed-off-by: bakito Co-authored-by: Marc Brugger --- charts/kyverno/Chart.yaml | 2 ++ charts/kyverno/README.md | 2 ++ .../templates/cleanup/cleanup-admission-reports.yaml | 4 ++++ .../cleanup/cleanup-cluster-admission-reports.yaml | 4 ++++ charts/kyverno/values.yaml | 6 ++++++ 5 files changed, 18 insertions(+) diff --git a/charts/kyverno/Chart.yaml b/charts/kyverno/Chart.yaml index 939a30512350..5fee4a420fa2 100644 --- a/charts/kyverno/Chart.yaml +++ b/charts/kyverno/Chart.yaml @@ -32,3 +32,5 @@ annotations: description: define resources for cleanupJobs - kind: changed description: change to enable webhook cleanup hook by default + - kind: added + description: allow pod labels for cleanup jobs diff --git a/charts/kyverno/README.md b/charts/kyverno/README.md index 8a523e2ef9ad..4ab6ed2e7629 100644 --- a/charts/kyverno/README.md +++ b/charts/kyverno/README.md @@ -646,6 +646,7 @@ The chart values are organised per component. | cleanupJobs.admissionReports.resources | object | `{}` | Job resources | | cleanupJobs.admissionReports.tolerations | list | `[]` | List of node taints to tolerate | | cleanupJobs.admissionReports.podAnnotations | object | `{}` | Pod Annotations | +| cleanupJobs.admissionReports.podLabels | object | `{}` | Pod labels | | cleanupJobs.clusterAdmissionReports.enabled | bool | `true` | Enable cleanup cronjob | | cleanupJobs.clusterAdmissionReports.image.registry | string | `nil` | Image registry | | cleanupJobs.clusterAdmissionReports.image.repository | string | `"bitnami/kubectl"` | Image repository | @@ -660,6 +661,7 @@ The chart values are organised per component. | cleanupJobs.clusterAdmissionReports.resources | object | `{}` | Job resources | | cleanupJobs.clusterAdmissionReports.tolerations | list | `[]` | List of node taints to tolerate | | cleanupJobs.clusterAdmissionReports.podAnnotations | object | `{}` | Pod Annotations | +| cleanupJobs.clusterAdmissionReports.podLabels | object | `{}` | Pod Labels | ### Other diff --git a/charts/kyverno/templates/cleanup/cleanup-admission-reports.yaml b/charts/kyverno/templates/cleanup/cleanup-admission-reports.yaml index 83ce15ceae64..8092722e7bde 100644 --- a/charts/kyverno/templates/cleanup/cleanup-admission-reports.yaml +++ b/charts/kyverno/templates/cleanup/cleanup-admission-reports.yaml @@ -19,6 +19,10 @@ spec: annotations: {{- toYaml . | nindent 12 }} {{- end }} + {{- with .Values.cleanupJobs.admissionReports.podLabels }} + labels: + {{- toYaml . | nindent 12 }} + {{- end }} spec: serviceAccountName: {{ template "kyverno.name" . }}-cleanup-jobs {{- with .Values.cleanupJobs.admissionReports.podSecurityContext }} diff --git a/charts/kyverno/templates/cleanup/cleanup-cluster-admission-reports.yaml b/charts/kyverno/templates/cleanup/cleanup-cluster-admission-reports.yaml index b2f2ae2a3c32..dc507b57fe81 100644 --- a/charts/kyverno/templates/cleanup/cleanup-cluster-admission-reports.yaml +++ b/charts/kyverno/templates/cleanup/cleanup-cluster-admission-reports.yaml @@ -19,6 +19,10 @@ spec: annotations: {{- toYaml . | nindent 12 }} {{- end }} + {{- with .Values.cleanupJobs.clusterAdmissionReports.podLabels }} + labels: + {{- toYaml . | nindent 12 }} + {{- end }} spec: serviceAccountName: {{ template "kyverno.name" . }}-cleanup-jobs {{- with .Values.cleanupJobs.clusterAdmissionReports.podSecurityContext }} diff --git a/charts/kyverno/values.yaml b/charts/kyverno/values.yaml index 3a9fd333d14b..8e9eed1ba2f9 100644 --- a/charts/kyverno/values.yaml +++ b/charts/kyverno/values.yaml @@ -448,6 +448,9 @@ cleanupJobs: # -- Pod Annotations podAnnotations: {} + # -- Pod labels + podLabels: {} + clusterAdmissionReports: # -- Enable cleanup cronjob @@ -504,6 +507,9 @@ cleanupJobs: # -- Pod Annotations podAnnotations: {} + # -- Pod Labels + podLabels: {} + # Admission controller configuration admissionController: