Merge pull request #38 from RoseTeague/master

feat: Add optional labels for StatefulSets and DaemonSets
ocadotechnology · Mar 7, 2019 · b608800 · b608800
2 parents 184332d + e53e24a
commit b608800
Show file tree

Hide file tree

Showing 6 changed files with 28 additions and 5 deletions.
diff --git a/README.md b/README.md
@@ -15,6 +15,8 @@ SECONDS_BETWEEN_STREAMS | Time to sleep between calls to the API. The operator w
 HOSTESS_DOCKER_REGISTRY | The docker registry where mirror-hostess is to be pulled from. | docker.io 
 HOSTESS_DOCKER_IMAGE | The name of the docker image for mirror-hostess. | ocadotechnology/mirror-hostess
 HOSTESS_DOCKER_TAG | The tag for the mirror-hostess docker image. | 1.1.0
+SS_DS_LABELS | (Optional) StatefulSet and DaemonSet labels | None
+SS_DS_TEMPLATE_LABELS | (Optional) StatefulSet and DaemonSet pod labels | None
 IMAGE_PULL_SECRETS | (Optional) Secret to pull images from the upstream registry | None
 CA_CERTIFICATE_BUNDLE | (Optional) Certificate bundle for the registry host  | None
 
@@ -95,7 +97,7 @@ spec:
           storage: 20Gi
 ```
 
-The operator will then deploy a daemonset, statefulset, service and headless service in whichever namespace is configured. We generally expect this to be default. These will all be named `registry-mirror-<name>`, with the exception of the headless service which will be named `registry-mirror-<name>-headless`.
+The operator will then deploy a daemonset, statefulset, service and headless service in whichever namespace is configured. We generally expect this to be default. These will all be named `registry-mirror-<name>`, with the exception of the headless service which will be named `registry-mirror-<name>-headless` and the statefulset and daemonset which will both be named `registry-mirror-<name>-utils`.
 You can get all the elements of your mirror using - `kubectl get ds,statefulset,svc,registrymirror -l mirror=<name> -n default`.
 
 If you wish to update the secret or URL, all you need to do is change it in the `RegistryMirror` manifest and the operator will handle updates. 

diff --git a/mirroroperator/operator.py b/mirroroperator/operator.py
@@ -1,3 +1,4 @@
+import ast
 import kubernetes
 import logging
 import time
@@ -21,6 +22,8 @@ def __init__(self, env_vars):
         """
         :param env_vars: dictionary includes namespace,
             hostess_docker_registry (used in RegistryMirror),
+            ss_ds_labels (used in RegistryMirror, optional),
+            ss_ds_template_lables (used in RegistryMirror, optional)
             hostess_docker_image (used in RegistryMirror),
             hostess_docker_tag (used in RegistryMirror),
             image_pull_secrets(used in RegistryMirror, optional),
@@ -63,6 +66,9 @@ def watch_registry_mirrors(self):
         hostess_docker_image=os.environ.get("HOSTESS_DOCKER_IMAGE",
                                             "ocadotechnology/mirror-hostess"),
         hostess_docker_tag=os.environ.get("HOSTESS_DOCKER_TAG", "1.1.0"),
+        # optional labels to be added to daemonsets and statefulsets
+        ss_ds_labels=ast.literal_eval(os.environ.get("SS_DS_LABELS")),
+        ss_ds_template_labels=ast.literal_eval(os.environ.get("SS_DS_TEMPLATE_LABELS")),
         # optional in V1PodSpec secrets split with comma
         image_pull_secrets=os.environ.get("IMAGE_PULL_SECRETS"),
         # get the docker certificate:

diff --git a/mirroroperator/registrymirror.py b/mirroroperator/registrymirror.py
@@ -41,6 +41,8 @@ def __init__(self, event_type, namespace, hostess_docker_registry,
         self.credentials_secret_name = kwargs.get(
             "spec", {}).get("credentialsSecret")
 
+        self.ss_ds_labels = kwargs["ss_ds_labels"] or ""
+        self.ss_ds_template_labels = kwargs["ss_ds_template_labels"] or ""
         self.image_pull_secrets = kwargs["image_pull_secrets"] or ""
         self.ca_certificate_bundle = kwargs["ca_certificate_bundle"]
 
@@ -95,16 +97,16 @@ def __init__(self, event_type, namespace, hostess_docker_registry,
             location {healthcheck_path} {{{{
                 return 200 '';
             }}}}
-            
+
             #resolver;
             set $upstream_endpoint https://{upstream_fqdn};
-                
+
             location / {{{{
                 proxy_ssl_trusted_certificate {shared_cert_mount_path}/{cert_file};
                 limit_except HEAD GET OPTIONS {{{{
                     deny all;
                 }}}}
-                
+
                 proxy_pass                    $upstream_endpoint;
                 proxy_ssl_verify              on;
                 proxy_ssl_verify_depth        9;
@@ -140,6 +142,7 @@ def __init__(self, event_type, namespace, hostess_docker_registry,
                 )
             ]
         )
+
         self.core_api = client.CoreV1Api()
         self.apps_api = client.AppsV1beta1Api()
         self.ext_api = client.ExtensionsV1beta1Api()
@@ -212,8 +215,12 @@ def run_action_and_parse_error(self, func, *args, **kwargs):
     def generate_daemon_set(self, daemon_set):
         ds_pod_labels = copy.deepcopy(self.labels)
         ds_pod_labels["component"] = "hostess-certificate"
+        ds_pod_labels.update(self.ss_ds_template_labels)
+        ds_labels = copy.deepcopy(self.labels)
+        ds_labels.update(self.ss_ds_labels)
         daemon_set.metadata = copy.deepcopy(self.metadata)
         daemon_set.metadata.name = self.daemon_set_name
+        daemon_set.metadata.labels = ds_labels 
         daemon_set.spec = client.V1beta1DaemonSetSpec(
                 min_ready_seconds=10,
                 template=client.V1PodTemplateSpec(
@@ -385,8 +392,11 @@ def generate_stateful_set(self):
         )
 
         stateful_set.spec.replicas = 2
+        ss_labels = copy.deepcopy(self.labels)
+        ss_labels.update(self.ss_ds_labels)
         pod_labels = {'component': 'registry'}
         pod_labels.update(self.labels)
+        pod_labels.update(self.ss_ds_template_labels)
         volumes = []
         if self.ca_certificate_bundle:
             volumes = [
@@ -545,6 +555,7 @@ def generate_stateful_set(self):
                     )
                 )
         stateful_set.spec.update_strategy = client.V1beta1StatefulSetUpdateStrategy(type="RollingUpdate",)
+        stateful_set.metadata.labels = ss_labels
         return stateful_set
 
     def generate_secret(self, secret):

diff --git a/tests/kubernetes_test_case.py b/tests/kubernetes_test_case.py
@@ -21,7 +21,7 @@ def check_calls(self, methods, calls, exp_metadata):
             if exp_call != "GET":
                 body = json.loads(request.body)
                 self.assertIn(exp_metadata.name, body['metadata']['name'])
-                self.assertEqual(body['metadata']['labels'], exp_metadata.labels)
+                self.assertDictContainsSubset(exp_metadata.labels, body['metadata']['labels'])
                 self.assertEqual(body['metadata']['ownerReferences'][0]['name'], exp_metadata.owner_references[0].name)
 
     def tearDown(self):

diff --git a/tests/test_operator.py b/tests/test_operator.py
@@ -31,6 +31,8 @@ def setUp(self):
             "hostess_docker_registry": "docker.io",
             "hostess_docker_image": "ocadotechnology/mirror-hostess",
             "hostess_docker_tag": None,
+            "ss_ds_labels": {"test":"test_labels"},
+            "ss_ds_template_labels": {"test":"test_pod_labels"},
             "image_pull_secrets": None,
             "docker_certificate_secret": 'aaa',
             "ca_certificate_bundle": 'bbb',

diff --git a/tests/test_regmirror.py b/tests/test_regmirror.py
@@ -20,6 +20,8 @@ def setUp(self):
             "hostess_docker_registry": "docker.io",
             "hostess_docker_image": "ocadotechnology/mirror-hostess",
             "hostess_docker_tag": 2,
+            "ss_ds_labels":{"test":"test_labels"},
+            "ss_ds_template_labels":{"test": "test_pod_labels"},
             "image_pull_secrets": None,
             "docker_certificate_secret": VALID_SECRET,
             "ca_certificate_bundle": None,