Skip to content

Commit

Permalink
add recommended k8s labels
Browse files Browse the repository at this point in the history
  • Loading branch information
charles-edouard.breteche committed Apr 28, 2020
1 parent 52a14b4 commit ba83238
Show file tree
Hide file tree
Showing 28 changed files with 267 additions and 20 deletions.
4 changes: 4 additions & 0 deletions config/100-namespace.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,3 +16,7 @@ apiVersion: v1
kind: Namespace
metadata:
name: tekton-pipelines
labels:
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
4 changes: 4 additions & 0 deletions config/101-podsecuritypolicy.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,10 @@ apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: tekton-pipelines
labels:
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
spec:
privileged: false
allowPrivilegeEscalation: false
Expand Down
15 changes: 15 additions & 0 deletions config/200-clusterrole.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,11 @@ kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: tekton-pipelines-controller-cluster-access
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
rules:
- apiGroups: [""]
# Namespace access is required because the controller timeout handling logic
Expand Down Expand Up @@ -45,6 +50,11 @@ apiVersion: rbac.authorization.k8s.io/v1
metadata:
# This is the access that the controller needs on a per-namespace basis.
name: tekton-pipelines-controller-tenant-access
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
rules:
- apiGroups: [""]
resources: ["pods", "pods/log", "secrets", "events", "serviceaccounts", "configmaps", "persistentvolumeclaims", "limitranges"]
Expand All @@ -62,6 +72,11 @@ kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: tekton-pipelines-webhook-cluster-access
labels:
app.kubernetes.io/component: webhook
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
rules:
# The webhook needs to be able to list and update customresourcedefinitions,
# mainly to update the webhook certificates.
Expand Down
10 changes: 10 additions & 0 deletions config/200-role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,11 @@ apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: tekton-pipelines-controller
namespace: tekton-pipelines
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
rules:
- apiGroups: [""]
resources: ["configmaps"]
Expand All @@ -32,6 +37,11 @@ apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: tekton-pipelines-webhook
namespace: tekton-pipelines
labels:
app.kubernetes.io/component: webhook
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
rules:
- apiGroups: [""]
resources: ["configmaps"]
Expand Down
10 changes: 10 additions & 0 deletions config/200-serviceaccount.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,9 +16,19 @@ kind: ServiceAccount
metadata:
name: tekton-pipelines-controller
namespace: tekton-pipelines
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: tekton-pipelines-webhook
namespace: tekton-pipelines
labels:
app.kubernetes.io/component: webhook
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
15 changes: 15 additions & 0 deletions config/201-clusterrolebinding.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,11 @@ apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: tekton-pipelines-controller-cluster-access
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
subjects:
- kind: ServiceAccount
name: tekton-pipelines-controller
Expand All @@ -33,6 +38,11 @@ apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: tekton-pipelines-controller-tenant-access
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
subjects:
- kind: ServiceAccount
name: tekton-pipelines-controller
Expand All @@ -46,6 +56,11 @@ apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: tekton-pipelines-webhook-cluster-access
labels:
app.kubernetes.io/component: webhook
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
subjects:
- kind: ServiceAccount
name: tekton-pipelines-webhook
Expand Down
10 changes: 10 additions & 0 deletions config/201-rolebinding.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,11 @@ kind: RoleBinding
metadata:
name: tekton-pipelines-controller
namespace: tekton-pipelines
labels:
app.kubernetes.io/component: controller
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
subjects:
- kind: ServiceAccount
name: tekton-pipelines-controller
Expand All @@ -31,6 +36,11 @@ kind: RoleBinding
metadata:
name: tekton-pipelines-webhook
namespace: tekton-pipelines
labels:
app.kubernetes.io/component: webhook
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
subjects:
- kind: ServiceAccount
name: tekton-pipelines-webhook
Expand Down
3 changes: 3 additions & 0 deletions config/300-clustertask.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,9 @@ kind: CustomResourceDefinition
metadata:
name: clustertasks.tekton.dev
labels:
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
pipeline.tekton.dev/release: "devel"
version: "devel"
spec:
Expand Down
3 changes: 3 additions & 0 deletions config/300-condition.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,9 @@ kind: CustomResourceDefinition
metadata:
name: conditions.tekton.dev
labels:
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
pipeline.tekton.dev/release: "devel"
version: "devel"
spec:
Expand Down
3 changes: 3 additions & 0 deletions config/300-imagecache.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,9 @@ kind: CustomResourceDefinition
metadata:
name: images.caching.internal.knative.dev
labels:
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
knative.dev/crd-install: "true"
spec:
group: caching.internal.knative.dev
Expand Down
3 changes: 3 additions & 0 deletions config/300-pipeline.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,9 @@ kind: CustomResourceDefinition
metadata:
name: pipelines.tekton.dev
labels:
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
pipeline.tekton.dev/release: "devel"
version: "devel"
spec:
Expand Down
3 changes: 3 additions & 0 deletions config/300-pipelinerun.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,9 @@ kind: CustomResourceDefinition
metadata:
name: pipelineruns.tekton.dev
labels:
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
pipeline.tekton.dev/release: "devel"
version: "devel"
spec:
Expand Down
3 changes: 3 additions & 0 deletions config/300-resource.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,9 @@ kind: CustomResourceDefinition
metadata:
name: pipelineresources.tekton.dev
labels:
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
pipeline.tekton.dev/release: "devel"
version: "devel"
spec:
Expand Down
3 changes: 3 additions & 0 deletions config/300-task.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,9 @@ kind: CustomResourceDefinition
metadata:
name: tasks.tekton.dev
labels:
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
pipeline.tekton.dev/release: "devel"
version: "devel"
spec:
Expand Down
3 changes: 3 additions & 0 deletions config/300-taskrun.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,9 @@ kind: CustomResourceDefinition
metadata:
name: taskruns.tekton.dev
labels:
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
pipeline.tekton.dev/release: "devel"
version: "devel"
spec:
Expand Down
16 changes: 16 additions & 0 deletions config/500-webhooks.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,10 @@ metadata:
name: webhook-certs
namespace: tekton-pipelines
labels:
app.kubernetes.io/component: webhook
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
pipeline.tekton.dev/release: devel
# The data is populated at install time.

Expand All @@ -27,6 +31,10 @@ kind: ValidatingWebhookConfiguration
metadata:
name: validation.webhook.pipeline.tekton.dev
labels:
app.kubernetes.io/component: webhook
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
pipeline.tekton.dev/release: devel
webhooks:
- admissionReviewVersions:
Expand All @@ -45,6 +53,10 @@ kind: MutatingWebhookConfiguration
metadata:
name: webhook.pipeline.tekton.dev
labels:
app.kubernetes.io/component: webhook
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
pipeline.tekton.dev/release: devel
webhooks:
- admissionReviewVersions:
Expand All @@ -63,6 +75,10 @@ kind: ValidatingWebhookConfiguration
metadata:
name: config.webhook.pipeline.tekton.dev
labels:
app.kubernetes.io/component: webhook
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
pipeline.tekton.dev/release: devel
webhooks:
- admissionReviewVersions:
Expand Down
3 changes: 3 additions & 0 deletions config/clusterrole-aggregate-edit.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,9 @@ kind: ClusterRole
metadata:
name: tekton-aggregate-edit
labels:
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rbac.authorization.k8s.io/aggregate-to-admin: "true"
rules:
Expand Down
3 changes: 3 additions & 0 deletions config/clusterrole-aggregate-view.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,9 @@ kind: ClusterRole
metadata:
name: tekton-aggregate-view
labels:
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
rbac.authorization.k8s.io/aggregate-to-view: "true"
rules:
- apiGroups:
Expand Down
4 changes: 4 additions & 0 deletions config/config-artifact-bucket.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,10 @@ kind: ConfigMap
metadata:
name: config-artifact-bucket
namespace: tekton-pipelines
labels:
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
# data:
# # location of the gcs bucket to be used for artifact storage
# location: "gs://bucket-name"
Expand Down
4 changes: 4 additions & 0 deletions config/config-artifact-pvc.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,10 @@ kind: ConfigMap
metadata:
name: config-artifact-pvc
namespace: tekton-pipelines
labels:
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
# data:
# # size of the PVC volume
# size: 5Gi
Expand Down
4 changes: 4 additions & 0 deletions config/config-defaults.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,10 @@ kind: ConfigMap
metadata:
name: config-defaults
namespace: tekton-pipelines
labels:
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
data:
_example: |
################################
Expand Down
4 changes: 4 additions & 0 deletions config/config-feature-flags.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,10 @@ kind: ConfigMap
metadata:
name: feature-flags
namespace: tekton-pipelines
labels:
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
data:
# Setting this flag to "true" will prevent Tekton overriding your
# Task container's $HOME environment variable.
Expand Down
4 changes: 4 additions & 0 deletions config/config-leader-election.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,10 @@ kind: ConfigMap
metadata:
name: config-leader-election
namespace: tekton-pipelines
labels:
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
data:
# An inactive but valid configuration follows; see example.
resourceLock: "leases"
Expand Down
4 changes: 4 additions & 0 deletions config/config-logging.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,10 @@ kind: ConfigMap
metadata:
name: config-logging
namespace: tekton-pipelines
labels:
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
data:
# Common configuration for all knative codebase
zap-logger-config: |
Expand Down
5 changes: 4 additions & 1 deletion config/config-observability.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,10 @@ kind: ConfigMap
metadata:
name: config-observability
namespace: tekton-pipelines

labels:
app.kubernetes.io/instance: default
app.kubernetes.io/version: devel
app.kubernetes.io/part-of: tekton-pipelines
data:
_example: |
################################
Expand Down
Loading

0 comments on commit ba83238

Please sign in to comment.