diff --git a/pkg/plugins/resources/k8s/store.go b/pkg/plugins/resources/k8s/store.go index cbe9868c18e2..bfb0eb63e596 100644 --- a/pkg/plugins/resources/k8s/store.go +++ b/pkg/plugins/resources/k8s/store.go @@ -55,6 +55,13 @@ func (s *KubernetesStore) Create(ctx context.Context, r core_model.Resource, fs if err != nil { return err } +<<<<<<< HEAD +======= + + labels, annotations := SplitLabelsAndAnnotations(opts.Labels, obj.GetAnnotations()) + obj.GetObjectMeta().SetLabels(labels) + obj.GetObjectMeta().SetAnnotations(annotations) +>>>>>>> da824ce57 (fix(kuma-cp): mistakenly setting 'kuma.io/display-name' as label (#10430)) obj.SetMesh(opts.Mesh) obj.GetObjectMeta().SetName(name) obj.GetObjectMeta().SetNamespace(namespace) @@ -91,6 +98,18 @@ func (s *KubernetesStore) Update(ctx context.Context, r core_model.Resource, fs return errors.Wrapf(err, "failed to convert core model of type %s into k8s counterpart", r.Descriptor().Name) } +<<<<<<< HEAD +======= + updateLabels := r.GetMeta().GetLabels() + if opts.ModifyLabels { + updateLabels = opts.Labels + } + labels, annotations := SplitLabelsAndAnnotations(updateLabels, obj.GetAnnotations()) + obj.GetObjectMeta().SetLabels(labels) + obj.GetObjectMeta().SetAnnotations(annotations) + obj.SetMesh(r.GetMeta().GetMesh()) + +>>>>>>> da824ce57 (fix(kuma-cp): mistakenly setting 'kuma.io/display-name' as label (#10430)) if err := s.Client.Update(ctx, obj); err != nil { if kube_apierrs.IsConflict(err) { return store.ErrorResourceConflict(r.Descriptor().Name, r.GetMeta().GetName(), r.GetMeta().GetMesh()) @@ -222,6 +241,24 @@ func k8sNameNamespace(coreName string, scope k8s_model.Scope) (string, string, e } } +<<<<<<< HEAD +======= +// Kuma resource labels are generally stored on Kubernetes as labels, except "kuma.io/display-name". +// We store it as an annotation because the resource name on k8s is limited by 253 and the label value is limited by 63. +func SplitLabelsAndAnnotations(coreLabels map[string]string, currentAnnotations map[string]string) (map[string]string, map[string]string) { + labels := maps.Clone(coreLabels) + annotations := maps.Clone(currentAnnotations) + if annotations == nil { + annotations = map[string]string{} + } + if v, ok := labels[v1alpha1.DisplayName]; ok { + annotations[v1alpha1.DisplayName] = v + delete(labels, v1alpha1.DisplayName) + } + return labels, annotations +} + +>>>>>>> da824ce57 (fix(kuma-cp): mistakenly setting 'kuma.io/display-name' as label (#10430)) var _ core_model.ResourceMeta = &KubernetesMetaAdapter{} type KubernetesMetaAdapter struct { diff --git a/pkg/plugins/runtime/k8s/webhooks/defaulter.go b/pkg/plugins/runtime/k8s/webhooks/defaulter.go index 7fd5a4e226b3..065c4345551f 100644 --- a/pkg/plugins/runtime/k8s/webhooks/defaulter.go +++ b/pkg/plugins/runtime/k8s/webhooks/defaulter.go @@ -11,7 +11,11 @@ import ( core_model "github.com/kumahq/kuma/pkg/core/resources/model" "github.com/kumahq/kuma/pkg/core/resources/registry" k8s_common "github.com/kumahq/kuma/pkg/plugins/common/k8s" +<<<<<<< HEAD "github.com/kumahq/kuma/pkg/plugins/runtime/k8s/metadata" +======= + "github.com/kumahq/kuma/pkg/plugins/resources/k8s" +>>>>>>> da824ce57 (fix(kuma-cp): mistakenly setting 'kuma.io/display-name' as label (#10430)) ) type Defaulter interface { @@ -74,6 +78,15 @@ func (h *defaultingHandler) Handle(ctx context.Context, req admission.Request) a obj.SetLabels(labels) } } +<<<<<<< HEAD +======= + labels, annotations := k8s.SplitLabelsAndAnnotations( + core_model.ComputeLabels(resource, h.Mode, true, h.SystemNamespace), + obj.GetAnnotations(), + ) + obj.SetLabels(labels) + obj.SetAnnotations(annotations) +>>>>>>> da824ce57 (fix(kuma-cp): mistakenly setting 'kuma.io/display-name' as label (#10430)) marshaled, err := json.Marshal(obj) if err != nil { diff --git a/pkg/plugins/runtime/k8s/webhooks/defaulter_test.go b/pkg/plugins/runtime/k8s/webhooks/defaulter_test.go index 0272a7de9b98..ac41e91e88b9 100644 --- a/pkg/plugins/runtime/k8s/webhooks/defaulter_test.go +++ b/pkg/plugins/runtime/k8s/webhooks/defaulter_test.go @@ -127,7 +127,14 @@ var _ = Describe("Defaulter", func() { "kind": "Mesh", "metadata": { "name": "empty", +<<<<<<< HEAD "creationTimestamp": null +======= + "creationTimestamp": null, + "annotations": { + "kuma.io/display-name": "empty" + } +>>>>>>> da824ce57 (fix(kuma-cp): mistakenly setting 'kuma.io/display-name' as label (#10430)) }, "spec": { "metrics": { @@ -179,7 +186,14 @@ var _ = Describe("Defaulter", func() { "kind": "Mesh", "metadata": { "name": "empty", +<<<<<<< HEAD "creationTimestamp": null +======= + "creationTimestamp": null, + "annotations": { + "kuma.io/display-name": "empty" + } +>>>>>>> da824ce57 (fix(kuma-cp): mistakenly setting 'kuma.io/display-name' as label (#10430)) }, "spec": { "metrics": { @@ -227,12 +241,249 @@ var _ = Describe("Defaulter", func() { "name": "empty", "creationTimestamp": null, "labels": { +<<<<<<< HEAD "kuma.io/mesh": "my-mesh-1" +======= + "kuma.io/mesh": "my-mesh-1", + "k8s.kuma.io/namespace": "example" + }, + "annotations": { + "kuma.io/display-name": "empty" +>>>>>>> da824ce57 (fix(kuma-cp): mistakenly setting 'kuma.io/display-name' as label (#10430)) } }, "spec": {} } `, }), +<<<<<<< HEAD +======= + Entry("should set mesh label when apply new policy on Zone", testCase{ + checker: zoneChecker(true, true), + kind: string(v1alpha1.MeshTrafficPermissionType), + inputObject: ` + { + "apiVersion": "kuma.io/v1alpha1", + "kind": "MeshTrafficPermission", + "metadata": { + "namespace": "example", + "name": "empty", + "creationTimestamp": null, + "labels": { + "kuma.io/origin": "zone" + } + }, + "spec": { + "targetRef": {} + } + } +`, + expected: ` + { + "apiVersion": "kuma.io/v1alpha1", + "kind": "MeshTrafficPermission", + "metadata": { + "namespace": "example", + "name": "empty", + "creationTimestamp": null, + "labels": { + "kuma.io/origin": "zone", + "kuma.io/mesh": "default", + "kuma.io/policy-role": "workload-owner", + "k8s.kuma.io/namespace": "example" + }, + "annotations": { + "kuma.io/display-name": "empty" + } + }, + "spec": { + "targetRef": {} + } + } +`, + }), + Entry("should set mesh and origin label when origin validation is disabled, federated zone", testCase{ + checker: zoneChecker(true, false), + kind: string(v1alpha1.MeshTrafficPermissionType), + inputObject: ` + { + "apiVersion": "kuma.io/v1alpha1", + "kind": "MeshTrafficPermission", + "metadata": { + "namespace": "example", + "name": "empty", + "creationTimestamp": null + }, + "spec": { + "targetRef": {} + } + } +`, + expected: ` + { + "apiVersion": "kuma.io/v1alpha1", + "kind": "MeshTrafficPermission", + "metadata": { + "namespace": "example", + "name": "empty", + "creationTimestamp": null, + "labels": { + "k8s.kuma.io/namespace": "example", + "kuma.io/mesh": "default", + "kuma.io/origin": "zone", + "kuma.io/policy-role": "workload-owner" + }, + "annotations": { + "kuma.io/display-name": "empty" + } + }, + "spec": { + "targetRef": {} + } + } +`, + }), + Entry("should set mesh and origin label when origin validation is disabled, non-federated zone", testCase{ + checker: zoneChecker(false, false), + kind: string(v1alpha1.MeshTrafficPermissionType), + inputObject: ` + { + "apiVersion": "kuma.io/v1alpha1", + "kind": "MeshTrafficPermission", + "metadata": { + "namespace": "example", + "name": "empty", + "creationTimestamp": null + }, + "spec": { + "targetRef": {} + } + } +`, + expected: ` + { + "apiVersion": "kuma.io/v1alpha1", + "kind": "MeshTrafficPermission", + "metadata": { + "namespace": "example", + "name": "empty", + "creationTimestamp": null, + "labels": { + "k8s.kuma.io/namespace": "example", + "kuma.io/mesh": "default", + "kuma.io/origin": "zone", + "kuma.io/policy-role": "workload-owner" + }, + "annotations": { + "kuma.io/display-name": "empty" + } + }, + "spec": { + "targetRef": {} + } + } +`, + }), + Entry("should set mesh and origin label on DPP", testCase{ + checker: zoneChecker(true, true), + kind: string(mesh.DataplaneType), + inputObject: ` + { + "apiVersion":"kuma.io/v1alpha1", + "kind":"Dataplane", + "mesh":"demo", + "metadata":{ + "namespace":"example", + "name":"empty", + "creationTimestamp":null + }, + "spec":{ + "networking": { + "address": "127.0.0.1", + "inbound": [ + { + "port": 11011, + "tags": { + "kuma.io/service": "backend" + } + } + ] + } + } + }`, + expected: ` + { + "apiVersion":"kuma.io/v1alpha1", + "kind":"Dataplane", + "mesh":"demo", + "metadata":{ + "namespace":"example", + "name":"empty", + "creationTimestamp":null, + "labels": { + "k8s.kuma.io/namespace": "example", + "kuma.io/mesh": "default", + "kuma.io/origin": "zone" + }, + "annotations": { + "kuma.io/display-name": "empty" + } + }, + "spec":{ + "networking": { + "address": "127.0.0.1", + "inbound": [ + { + "port": 11011, + "tags": { + "kuma.io/service": "backend" + } + } + ] + } + } + }`, + }), + Entry("should not add origin label on Global", testCase{ + checker: globalChecker(), + kind: string(v1alpha1.MeshTrafficPermissionType), + inputObject: ` + { + "apiVersion": "kuma.io/v1alpha1", + "kind": "MeshTrafficPermission", + "metadata": { + "namespace": "example", + "name": "empty", + "creationTimestamp": null + }, + "spec": { + "targetRef": {} + } + } +`, + expected: ` + { + "apiVersion": "kuma.io/v1alpha1", + "kind": "MeshTrafficPermission", + "metadata": { + "namespace": "example", + "name": "empty", + "creationTimestamp": null, + "labels": { + "k8s.kuma.io/namespace": "example", + "kuma.io/mesh": "default", + "kuma.io/policy-role": "workload-owner" + }, + "annotations": { + "kuma.io/display-name": "empty" + } + }, + "spec": { + "targetRef": {} + } + } +`, + }), +>>>>>>> da824ce57 (fix(kuma-cp): mistakenly setting 'kuma.io/display-name' as label (#10430)) ) })