Refactoring labels #26

nlamirault · 2024-02-02T07:39:35Z

Description of the change

Support Kubernetes recommended labels
Add additional labels to all resources
Fix some indentation
Do not specify default resources

Relevant release note information

Release Notes:

Related JIRA tickets

Relates to JIRA: CWC-XXX

Have you considered the security impacts?

Does this PR have any security impact?

Yes
No

If yes, please explain:

Before:

---
# Source: bctl-quickstart/templates/agent/bctl-agent-serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: bctl-portefaix-k3s-homelab-agent-sa
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/managed-by: Helm
  namespace: default
---
# Source: bctl-quickstart/templates/cleanup/bctl-cleanup-serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: bctl-portefaix-k3s-homelab-cleanup-sa
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/managed-by: Helm
  namespace: default
---
# Source: bctl-quickstart/templates/quickstart/bctl-quickstart-serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: bctl-quickstart-sa
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/managed-by: Helm
  namespace: default
---
# Source: bctl-quickstart/templates/agent/bctl-agent-clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: bctl-portefaix-k3s-homelab-agent-clusterrole
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/managed-by: Helm
  namespace: default
rules:
    - apiGroups: [""]
      resources: ["users", "groups", "serviceaccounts"]
      verbs: ["impersonate"]
    - apiGroups: [""]
      resources: ["serviceaccounts"]
      verbs: ["create", "delete", "list", "get"]
    - apiGroups: ["rbac.authorization.k8s.io"]
      resources: ["clusterrolebindings", "rolebindings"]
      verbs: ["list"]
---
# Source: bctl-quickstart/templates/agent/bctl-agent-clusterrolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: bctl-portefaix-k3s-homelab-agent-clusterrolebinding
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/managed-by: Helm
  namespace: default
subjects:
    - kind: ServiceAccount
      namespace: default
      name: bctl-portefaix-k3s-homelab-agent-sa
roleRef:
    kind: ClusterRole
    name: bctl-portefaix-k3s-homelab-agent-clusterrole
    apiGroup: rbac.authorization.k8s.io
---
# Source: bctl-quickstart/templates/agent/bctl-agent-role.yaml
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: bctl-portefaix-k3s-homelab-agent-role
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/managed-by: Helm
  namespace: default
rules:
    - apiGroups: [""]
      resources: ["secrets"]
      verbs: ["get", "update", "create"]
    - apiGroups: [""]
      resources: ["pods/log", "events"]
      verbs: ["get", "list"]
---
# Source: bctl-quickstart/templates/cleanup/bctl-cleanup-role.yaml
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: bctl-portefaix-k3s-homelab-cleanup-sa-role
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/managed-by: Helm
  namespace: default
rules:
    - apiGroups: [""]
      resources: ["secrets"]
      verbs: ["delete"]
      resourceNames: [bctl-portefaix-k3s-homelab-secret]
---
# Source: bctl-quickstart/templates/quickstart/bctl-quickstart-role.yaml
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: bctl-quickstart-sa-role
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/managed-by: Helm
  namespace: default
rules:
    - apiGroups: [""]
      resources: ["pods"]
      verbs: ["watch"]
    - apiGroups: ["apps"]
      resources: ["deployments"]
      verbs: ["get", "patch", "list"]
    - apiGroups: ["batch"]
      resources: ["jobs"]
      verbs: ["delete"]
---
# Source: bctl-quickstart/templates/agent/bctl-agent-rolebinding.yaml
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: bctl-portefaix-k3s-homelab-agent-rolebinding
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/managed-by: Helm
  namespace: default
subjects:
    - kind: ServiceAccount
      namespace: default
      name: bctl-portefaix-k3s-homelab-agent-sa
roleRef:
    kind: Role
    name: bctl-portefaix-k3s-homelab-agent-role
    apiGroup: rbac.authorization.k8s.io
---
# Source: bctl-quickstart/templates/cleanup/bctl-cleanup-rolebindings.yaml
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: bctl-portefaix-k3s-homelab-cleanup-sa-rolebinding
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/managed-by: Helm
  namespace: default
subjects:
    - kind: ServiceAccount
      namespace: default
      name: bctl-portefaix-k3s-homelab-cleanup-sa
roleRef:
    kind: Role
    name: bctl-portefaix-k3s-homelab-cleanup-sa-role
    apiGroup: rbac.authorization.k8s.io
---
# Source: bctl-quickstart/templates/quickstart/bctl-quickstart-rolebindings.yaml
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: bctl-quickstart-sa-rolebinding
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/managed-by: Helm
  namespace: default
subjects:
    - kind: ServiceAccount
      namespace: default
      name: bctl-quickstart-sa
roleRef:
    kind: Role
    name: bctl-quickstart-sa-role
    apiGroup: rbac.authorization.k8s.io
---
# Source: bctl-quickstart/templates/agent/bctl-agent-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: bctl-portefaix-k3s-homelab-agent
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/managed-by: Helm
  namespace: default
spec:
    replicas: 1
    selector:
        matchLabels:
            app: bctl-portefaix-k3s-homelab-agent
    template:
        metadata:
            labels:
                app: bctl-portefaix-k3s-homelab-agent
        spec:
            serviceAccountName: bctl-portefaix-k3s-homelab-agent-sa
            priorityClassName: system-cluster-critical
            containers:
            - name: bctl-agent
              image: "bastionzero/bctl-agent:latest"
              resources:
                limits:
                  cpu: 1
                  memory: 1G
                requests:
                  cpu: 1
                  memory: 1G
              imagePullPolicy: Always
              ports:
              - containerPort: 6001
                name: bctl-port
              env:
              - name: SERVICE_URL
                value: "https://cloud.bastionzero.com"
              - name: TARGET_NAME
                value: "portefaix-k3s-homelab"
              - name: API_KEY
                
              - name: NAMESPACE
                value: default
              - name: POD_NAME
                valueFrom:
                  fieldRef:
                    fieldPath: metadata.name
              - name: DEV
                value: 'false'
              - name: LOG_LEVEL
                value: debug
---
# Source: bctl-quickstart/templates/cleanup/bctl-cleanup-job.yaml
apiVersion: batch/v1
kind: Job
metadata:
  name: bctl-portefaix-k3s-homelab-cleanup-job
  annotations:
    "helm.sh/hook": pre-delete # run before delete (we still need the RBAC)
    "helm.sh/hook-delete-policy": before-hook-creation, hook-succeeded
  namespace: default
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/managed-by: Helm
spec:
  ttlSecondsAfterFinished: 300 # Leave job for 5 minutes if failed/success
  template:
    spec:
      serviceAccountName: bctl-portefaix-k3s-homelab-cleanup-sa
      restartPolicy: Never
      containers:
      - name: cleanup
        image: "curlimages/curl:latest" # alpine + curl
        env:
          - name: BCTL_SECRET_NAME
            value: bctl-portefaix-k3s-homelab-secret
          - name: NAMESPACE
            valueFrom:
              fieldRef:
                fieldPath: metadata.namespace
        command: 
          - "/bin/sh"
          - "-ec"
          - |
            curl -s -X DELETE -k https://kubernetes.default.svc/api/v1/namespaces/${NAMESPACE}/secrets/${BCTL_SECRET_NAME} \
              -H "Authorization: Bearer $( cat /var/run/secrets/kubernetes.io/serviceaccount/token )" \
              -H "Content-Type: application/json" \
              -H "Accept: application/json" > /dev/null
---
# Source: bctl-quickstart/templates/quickstart/bctl-quickstart-job.yaml
apiVersion: batch/v1
kind: Job
metadata:
  name: bctl-portefaix-k3s-homelab-quickstart
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/managed-by: Helm
  annotations:
    "helm.sh/hook": post-install
    "helm.sh/hook-weight": "0"
    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
  namespace: default
spec:
    backoffLimit: 0
    ttlSecondsAfterFinished: 300 # Leave job for 5 minutes if failed/success
    template:
        spec:
            serviceAccountName: bctl-quickstart-sa
            restartPolicy: Never
            containers:
            - name: bctl-quickstart
              image: "bastionzero/bctl-quickstart:3.2.0"
              resources:
                limits:
                  cpu: 1
                  memory: 1G
                requests:
                  cpu: 1
                  memory: 1G
              imagePullPolicy: Always
              env:
              - name: API_KEY
                
              - name: CLUSTER_NAME
                value: "portefaix-k3s-homelab"
              - name: SERVICE_URL
                value: "https://cloud.bastionzero.com"
              command: 
              - bctl-quickstart
              args:

After:

---
# Source: bctl-quickstart/templates/agent/bctl-agent-serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: bctl-portefaix-k3s-homelab-agent-sa
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/part-of: bctl-quickstart-app
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: agent
  namespace: default
---
# Source: bctl-quickstart/templates/cleanup/bctl-cleanup-serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: bctl-portefaix-k3s-homelab-cleanup-sa
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/part-of: bctl-quickstart-app
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: cleanup
  namespace: default
---
# Source: bctl-quickstart/templates/quickstart/bctl-quickstart-serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: bctl-quickstart-sa
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/part-of: bctl-quickstart-app
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: quickstart
  namespace: default
---
# Source: bctl-quickstart/templates/agent/bctl-agent-clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: bctl-portefaix-k3s-homelab-agent-clusterrole
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/part-of: bctl-quickstart-app
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: agent
  namespace: default
rules:
  - apiGroups: [""]
    resources: ["users", "groups", "serviceaccounts"]
    verbs: ["impersonate"]
  - apiGroups: [""]
    resources: ["serviceaccounts"]
    verbs: ["create", "delete", "list", "get"]
  - apiGroups: ["rbac.authorization.k8s.io"]
    resources: ["clusterrolebindings", "rolebindings"]
    verbs: ["list"]
---
# Source: bctl-quickstart/templates/agent/bctl-agent-clusterrolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: bctl-portefaix-k3s-homelab-agent-clusterrolebinding
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/part-of: bctl-quickstart-app
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: agent
  namespace: default
subjects:
  - kind: ServiceAccount
    namespace: default
    name: bctl-portefaix-k3s-homelab-agent-sa
roleRef:
  kind: ClusterRole
  name: bctl-portefaix-k3s-homelab-agent-clusterrole
  apiGroup: rbac.authorization.k8s.io
---
# Source: bctl-quickstart/templates/agent/bctl-agent-role.yaml
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: bctl-portefaix-k3s-homelab-agent-role
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/part-of: bctl-quickstart-app
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: agent
  namespace: default
rules:
  - apiGroups: [""]
    resources: ["secrets"]
    verbs: ["get", "update", "create"]
  - apiGroups: [""]
    resources: ["pods/log", "events"]
    verbs: ["get", "list"]
---
# Source: bctl-quickstart/templates/cleanup/bctl-cleanup-role.yaml
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: bctl-portefaix-k3s-homelab-cleanup-sa-role
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/part-of: bctl-quickstart-app
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: cleanup
  namespace: default
rules:
  - apiGroups: [""]
    resources: ["secrets"]
    verbs: ["delete"]
    resourceNames: [bctl-portefaix-k3s-homelab-secret]
---
# Source: bctl-quickstart/templates/quickstart/bctl-quickstart-role.yaml
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: bctl-quickstart-sa-role
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/part-of: bctl-quickstart-app
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: quickstart
  namespace: default
rules:
  - apiGroups: [""]
    resources: ["pods"]
    verbs: ["watch"]
  - apiGroups: ["apps"]
    resources: ["deployments"]
    verbs: ["get", "patch", "list"]
  - apiGroups: ["batch"]
    resources: ["jobs"]
    verbs: ["delete"]
---
# Source: bctl-quickstart/templates/agent/bctl-agent-rolebinding.yaml
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: bctl-portefaix-k3s-homelab-agent-rolebinding
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/part-of: bctl-quickstart-app
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: agent
  namespace: default
subjects:
  - kind: ServiceAccount
    namespace: default
    name: bctl-portefaix-k3s-homelab-agent-sa
roleRef:
  kind: Role
  name: bctl-portefaix-k3s-homelab-agent-role
  apiGroup: rbac.authorization.k8s.io
---
# Source: bctl-quickstart/templates/cleanup/bctl-cleanup-rolebindings.yaml
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: bctl-portefaix-k3s-homelab-cleanup-sa-rolebinding
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/part-of: bctl-quickstart-app
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: cleanup
  namespace: default
subjects:
  - kind: ServiceAccount
    namespace: default
    name: bctl-portefaix-k3s-homelab-cleanup-sa
roleRef:
  kind: Role
  name: bctl-portefaix-k3s-homelab-cleanup-sa-role
  apiGroup: rbac.authorization.k8s.io
---
# Source: bctl-quickstart/templates/quickstart/bctl-quickstart-rolebindings.yaml
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: bctl-quickstart-sa-rolebinding
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/part-of: bctl-quickstart-app
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: quickstart
  namespace: default
subjects:
  - kind: ServiceAccount
    namespace: default
    name: bctl-quickstart-sa
roleRef:
  kind: Role
  name: bctl-quickstart-sa-role
  apiGroup: rbac.authorization.k8s.io
---
# Source: bctl-quickstart/templates/agent/bctl-agent-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: bctl-portefaix-k3s-homelab-agent
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/part-of: bctl-quickstart-app
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: agent
    app: bctl-portefaix-k3s-homelab-agent
  namespace: default
spec:
  replicas: 1
  selector:
    matchLabels:
      app.kubernetes.io/name: bctl-quickstart-app
      app.kubernetes.io/instance: release-name
      app.kubernetes.io/component: agent
      app: bctl-portefaix-k3s-homelab-agent
  template:
    metadata:
      labels:
        helm.sh/chart: bctl-quickstart-2.2.0
        app.kubernetes.io/name: bctl-quickstart-app
        app.kubernetes.io/instance: release-name
        app.kubernetes.io/version: "1.16.0"
        app.kubernetes.io/part-of: bctl-quickstart-app
        app.kubernetes.io/managed-by: Helm
        app.kubernetes.io/component: agent
        app: bctl-portefaix-k3s-homelab-agent
    spec:
      serviceAccountName: bctl-portefaix-k3s-homelab-agent-sa
      priorityClassName: system-cluster-critical
      containers:
      - name: bctl-agent
        image: "bastionzero/bctl-agent:latest"
        imagePullPolicy: Always
        ports:
        - containerPort: 6001
          name: bctl-port
        env:
        - name: SERVICE_URL
          value: "https://cloud.bastionzero.com"
        - name: TARGET_NAME
          value: "portefaix-k3s-homelab"
        - name: API_KEY
          
        - name: NAMESPACE
          value: default
        - name: POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        - name: DEV
          value: 'false'
        - name: LOG_LEVEL
          value: debug
---
# Source: bctl-quickstart/templates/cleanup/bctl-cleanup-job.yaml
apiVersion: batch/v1
kind: Job
metadata:
  name: bctl-portefaix-k3s-homelab-cleanup-job
  annotations:
    helm.sh/hook: pre-delete # run before delete (we still need the RBAC)
    helm.sh/hook-delete-policy: before-hook-creation, hook-succeeded
  namespace: default
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/part-of: bctl-quickstart-app
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: cleanup
spec:
  ttlSecondsAfterFinished: 300 # Leave job for 5 minutes if failed/success
  template:
    spec:
      serviceAccountName: bctl-portefaix-k3s-homelab-cleanup-sa
      restartPolicy: Never
      containers:
      - name: cleanup
        image: "curlimages/curl:latest" # alpine + curl
        env:
          - name: BCTL_SECRET_NAME
            value: bctl-portefaix-k3s-homelab-secret
          - name: NAMESPACE
            valueFrom:
              fieldRef:
                fieldPath: metadata.namespace
        command: 
          - "/bin/sh"
          - "-ec"
          - |
            curl -s -X DELETE -k https://kubernetes.default.svc/api/v1/namespaces/${NAMESPACE}/secrets/${BCTL_SECRET_NAME} \
              -H "Authorization: Bearer $( cat /var/run/secrets/kubernetes.io/serviceaccount/token )" \
              -H "Content-Type: application/json" \
              -H "Accept: application/json" > /dev/null
---
# Source: bctl-quickstart/templates/quickstart/bctl-quickstart-job.yaml
apiVersion: batch/v1
kind: Job
metadata:
  name: bctl-portefaix-k3s-homelab-quickstart
  labels:
    helm.sh/chart: bctl-quickstart-2.2.0
    app.kubernetes.io/name: bctl-quickstart-app
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "1.16.0"
    app.kubernetes.io/part-of: bctl-quickstart-app
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: quickstart
  annotations:
    helm.sh/hook: post-install
    helm.sh/hook-weight: "0"
    helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
  namespace: default
spec:
  backoffLimit: 0
  ttlSecondsAfterFinished: 300 # Leave job for 5 minutes if failed/success
  template:
    spec:
      serviceAccountName: bctl-quickstart-sa
      restartPolicy: Never
      containers:
      - name: bctl-quickstart
        image: "bastionzero/bctl-quickstart:3.2.0"
        imagePullPolicy: Always
        env:
        - name: API_KEY
          
        - name: CLUSTER_NAME
          value: "portefaix-k3s-homelab"
        - name: SERVICE_URL
          value: "https://cloud.bastionzero.com"
        command: 
        - bctl-quickstart
        args:

Signed-off-by: Nicolas Lamirault <[email protected]>

nlamirault added 5 commits February 2, 2024 08:22

feat(labels): refactoring Kubernetes recommended labels

b523b49

Signed-off-by: Nicolas Lamirault <[email protected]>

feat(labels): support additional labels for all resources

da91952

Signed-off-by: Nicolas Lamirault <[email protected]>

feat(resources): Do not specify default resources

ab5f042

Signed-off-by: Nicolas Lamirault <[email protected]>

fix(helm): typo and annotations

8fc857b

Signed-off-by: Nicolas Lamirault <[email protected]>

Merge branch 'main' into feat/labels

ede6775

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Refactoring labels #26

Refactoring labels #26

Uh oh!

nlamirault commented Feb 2, 2024 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Refactoring labels #26

Are you sure you want to change the base?

Refactoring labels #26

Uh oh!

Conversation

nlamirault commented Feb 2, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Description of the change

Relevant release note information

Related JIRA tickets

Have you considered the security impacts?

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

nlamirault commented Feb 2, 2024 •

edited

Loading