diff --git a/helm/defectdojo/templates/celery-beat-deployment.yaml b/helm/defectdojo/templates/celery-beat-deployment.yaml index 7eda46b8680..d380c0ff4c2 100644 --- a/helm/defectdojo/templates/celery-beat-deployment.yaml +++ b/helm/defectdojo/templates/celery-beat-deployment.yaml @@ -10,6 +10,9 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} helm.sh/chart: {{ include "defectdojo.chart" . }} + {{- with .Values.extraLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} spec: replicas: {{ .Values.celery.beat.replicas }} {{- if .Values.revisionHistoryLimit }} @@ -28,8 +31,11 @@ spec: defectdojo.org/subcomponent: beat app.kubernetes.io/name: {{ include "defectdojo.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} - {{- if .Values.podLabels }} - {{- toYaml .Values.podLabels | nindent 8 }} + {{- with .Values.extraLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} {{- end }} annotations: {{- with .Values.celery.beat.annotations }} @@ -143,8 +149,8 @@ spec: secretKeyRef: name: {{ $fullName }} key: DD_SECRET_KEY - {{- if .Values.extraEnv }} - {{- toYaml .Values.extraEnv | nindent 8 }} + {{- with .Values.extraEnv }} + {{- toYaml . | nindent 8 }} {{- end }} resources: {{- toYaml .Values.celery.beat.resources | nindent 10 }} diff --git a/helm/defectdojo/templates/celery-worker-deployment.yaml b/helm/defectdojo/templates/celery-worker-deployment.yaml index f21be7a13be..38decb26d06 100644 --- a/helm/defectdojo/templates/celery-worker-deployment.yaml +++ b/helm/defectdojo/templates/celery-worker-deployment.yaml @@ -10,6 +10,9 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} helm.sh/chart: {{ include "defectdojo.chart" . }} + {{- with .Values.extraLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} spec: replicas: {{ .Values.celery.worker.replicas }} {{- if .Values.revisionHistoryLimit }} @@ -28,8 +31,11 @@ spec: defectdojo.org/subcomponent: worker app.kubernetes.io/name: {{ include "defectdojo.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} - {{- if .Values.podLabels }} - {{- toYaml .Values.podLabels | nindent 8 }} + {{- with .Values.extraLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} {{- end }} annotations: {{- with .Values.celery.worker.annotations }} @@ -138,8 +144,8 @@ spec: secretKeyRef: name: {{ $fullName }} key: DD_SECRET_KEY - {{- if .Values.extraEnv }} - {{- toYaml .Values.extraEnv | nindent 8 }} + {{- with .Values.extraEnv }} + {{- toYaml . | nindent 8 }} {{- end }} resources: {{- toYaml .Values.celery.worker.resources | nindent 10 }} diff --git a/helm/defectdojo/templates/configmap.yaml b/helm/defectdojo/templates/configmap.yaml index b5248a0a9ba..70d454f5a71 100644 --- a/helm/defectdojo/templates/configmap.yaml +++ b/helm/defectdojo/templates/configmap.yaml @@ -8,6 +8,9 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} helm.sh/chart: {{ include "defectdojo.chart" . }} + {{- with .Values.extraLabels }} + {{- toYaml .Values.extraLabels | trim | nindent 4 }} + {{- end }} data: DD_ADMIN_USER: {{ .Values.admin.user | default "admin" }} DD_ADMIN_MAIL: {{ .Values.admin.Mail | default "admin@defectdojo.local" }} @@ -45,5 +48,5 @@ data: {{- if .Values.django.uwsgi.certificates.enabled }} REQUESTS_CA_BUNDLE: {{ .Values.django.uwsgi.certificates.certMountPath }}{{ .Values.django.uwsgi.certificates.certFileName }} {{- end }} -{{- if .Values.extraConfigs }} -{{ toYaml .Values.extraConfigs | indent 2 }}{{- end }} +{{- with .Values.extraConfigs }} + {{ toYaml . | indent 2 }}{{- end }} diff --git a/helm/defectdojo/templates/django-deployment.yaml b/helm/defectdojo/templates/django-deployment.yaml index ce126f1cc28..009f70eec39 100644 --- a/helm/defectdojo/templates/django-deployment.yaml +++ b/helm/defectdojo/templates/django-deployment.yaml @@ -9,6 +9,9 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} helm.sh/chart: {{ include "defectdojo.chart" . }} + {{- with .Values.extraLabels }} + {{- toYaml .Values.extraLabels | nindent 4 }} + {{- end }} spec: replicas: {{ .Values.django.replicas }} {{- if .Values.revisionHistoryLimit }} @@ -25,9 +28,12 @@ spec: defectdojo.org/component: django app.kubernetes.io/name: {{ include "defectdojo.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} - {{- if .Values.podLabels }} - {{- toYaml .Values.podLabels | nindent 8 }} - {{- end }} + {{- with .Values.extraLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} annotations: {{- with .Values.django.annotations }} {{- toYaml . | nindent 8 }} @@ -202,8 +208,8 @@ spec: value: {{- if or .Values.django.ingress.activateTLS .Values.django.nginx.tls.enabled }} "True" {{- else }} "False" {{- end }} - name: DD_CSRF_COOKIE_SECURE value: {{- if or .Values.django.ingress.activateTLS .Values.django.nginx.tls.enabled }} "True" {{- else }} "False" {{- end }} - {{- if .Values.extraEnv }} - {{- toYaml .Values.extraEnv | nindent 8 }} + {{- with .Values.extraEnv }} + {{- toYaml . | nindent 8 }} {{- end }} {{- if .Values.django.uwsgi.livenessProbe.enabled }} livenessProbe: diff --git a/helm/defectdojo/templates/django-ingress.yaml b/helm/defectdojo/templates/django-ingress.yaml index 73ea41404b9..0759842bd30 100644 --- a/helm/defectdojo/templates/django-ingress.yaml +++ b/helm/defectdojo/templates/django-ingress.yaml @@ -14,10 +14,13 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} helm.sh/chart: {{ include "defectdojo.chart" . }} + {{- with .Values.extraLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- if or .Values.django.ingress.annotations .Values.gke.useGKEIngress }} annotations: {{- with .Values.django.ingress.annotations }} -{{ toYaml . | indent 4 }} + {{ toYaml . | indent 4 }} {{- end }} {{- if .Values.gke.useGKEIngress }} kubernetes.io/ingress.class: gce diff --git a/helm/defectdojo/templates/django-service.yaml b/helm/defectdojo/templates/django-service.yaml index b64f3a05570..3823886bbd2 100644 --- a/helm/defectdojo/templates/django-service.yaml +++ b/helm/defectdojo/templates/django-service.yaml @@ -9,6 +9,9 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} helm.sh/chart: {{ include "defectdojo.chart" . }} + {{- with .Values.extraLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- if .Values.django.service.annotations }} annotations: {{- range $key, $value := .Values.django.service.annotations }} diff --git a/helm/defectdojo/templates/extra-secret.yaml b/helm/defectdojo/templates/extra-secret.yaml index a21e8e27ba6..21f9a9507ee 100644 --- a/helm/defectdojo/templates/extra-secret.yaml +++ b/helm/defectdojo/templates/extra-secret.yaml @@ -9,6 +9,9 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} helm.sh/chart: {{ include "defectdojo.chart" . }} + {{- with .Values.extraLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} type: Opaque data: {{- range $key, $value := .Values.extraSecrets }} diff --git a/helm/defectdojo/templates/initializer-job.yaml b/helm/defectdojo/templates/initializer-job.yaml index b078a1fdc64..e527efd4da3 100644 --- a/helm/defectdojo/templates/initializer-job.yaml +++ b/helm/defectdojo/templates/initializer-job.yaml @@ -10,6 +10,9 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} helm.sh/chart: {{ include "defectdojo.chart" . }} + {{- with .Values.extraLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} annotations: {{- with .Values.initializer.jobAnnotations }} {{- toYaml . | nindent 4 }} @@ -22,8 +25,11 @@ spec: defectdojo.org/component: initializer app.kubernetes.io/name: {{ include "defectdojo.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} - {{- if .Values.initializer.labels }} - {{- toYaml .Values.initializer.labels | nindent 8 }} + {{- with .Values.extraLabels }} + {{- toYaml .Values.extraLabels | nindent 8 }} + {{- end -}} + {{- with .Values.initializer.labels }} + {{- toYaml . | nindent 8 }} {{- end }} annotations: {{- with .Values.initializer.annotations }} @@ -118,8 +124,8 @@ spec: name: {{ .Values.postgresqlha.postgresql.existingSecret }} key: postgresql-postgres-password {{- end }} - {{- if .Values.extraEnv }} - {{- toYaml .Values.extraEnv | nindent 8 }} + {{- with .Values.extraEnv }} + {{- toYaml . | nindent 8 }} {{- end }} resources: {{- toYaml .Values.initializer.resources | nindent 10 }} diff --git a/helm/defectdojo/templates/media-pvc.yaml b/helm/defectdojo/templates/media-pvc.yaml index 1eba1977e9f..c1ca40050d4 100644 --- a/helm/defectdojo/templates/media-pvc.yaml +++ b/helm/defectdojo/templates/media-pvc.yaml @@ -10,6 +10,9 @@ metadata: app.kubernetes.io/instance: {{ $.Release.Name }} app.kubernetes.io/managed-by: {{ $.Release.Service }} helm.sh/chart: {{ include "defectdojo.chart" $ }} + {{- with .Values.extraLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} name: {{ $fullName }} spec: accessModes: diff --git a/helm/defectdojo/templates/network-policy.yaml b/helm/defectdojo/templates/network-policy.yaml index 80c55ddcfa3..86b9b0e64de 100644 --- a/helm/defectdojo/templates/network-policy.yaml +++ b/helm/defectdojo/templates/network-policy.yaml @@ -9,26 +9,29 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} helm.sh/chart: {{ include "defectdojo.chart" . }} app.kubernetes.io/name: {{ include "defectdojo.name" . }} + {{- with .Values.extraLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} spec: podSelector: matchLabels: app.kubernetes.io/instance: {{ .Release.Name }} - {{- if .Values.networkPolicy.ingress}} + {{- with .Values.networkPolicy.ingress }} ingress: - {{- toYaml .Values.networkPolicy.ingress | nindent 4 }} + {{- toYaml . | nindent 4 }} {{- else }} ingress: - from: - podSelector: matchLabels: app.kubernetes.io/instance: {{ .Release.Name }} - {{- if .Values.networkPolicy.ingressExtend }} - {{- toYaml .Values.networkPolicy.ingressExtend | nindent 8 }} + {{- with .Values.networkPolicy.ingressExtend }} + {{- toYaml . | nindent 8 }} {{ end }} {{- end }} - {{- if .Values.networkPolicy.egress }} + {{- with .Values.networkPolicy.egress }} egress: - {{- toYaml .Values.networkPolicy.egress | nindent 4 }} + {{- toYaml . | nindent 4 }} {{ end }} --- apiVersion: networking.k8s.io/v1 @@ -40,6 +43,9 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} helm.sh/chart: {{ include "defectdojo.chart" . }} app.kubernetes.io/name: {{ include "defectdojo.name" . }} +{{- with .Values.extraLabels }} + {{- toYaml . | nindent 4 }} +{{- end }} spec: podSelector: matchLabels: diff --git a/helm/defectdojo/templates/sa.yaml b/helm/defectdojo/templates/sa.yaml index 46f1eaa6d97..23cb70ecd6e 100644 --- a/helm/defectdojo/templates/sa.yaml +++ b/helm/defectdojo/templates/sa.yaml @@ -8,6 +8,9 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} helm.sh/chart: {{ include "defectdojo.chart" . }} + {{- with .Values.extraLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} annotations: helm.sh/resource-policy: keep helm.sh/hook: "pre-install" diff --git a/helm/defectdojo/templates/secret-postgresql-ha-pgpool.yaml b/helm/defectdojo/templates/secret-postgresql-ha-pgpool.yaml index 9a440efffd1..40906c1f180 100644 --- a/helm/defectdojo/templates/secret-postgresql-ha-pgpool.yaml +++ b/helm/defectdojo/templates/secret-postgresql-ha-pgpool.yaml @@ -8,6 +8,9 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} helm.sh/chart: {{ include "defectdojo.chart" . }} + {{- with .Values.extraLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} annotations: helm.sh/resource-policy: keep helm.sh/hook: "pre-install" diff --git a/helm/defectdojo/templates/secret-postgresql-ha.yaml b/helm/defectdojo/templates/secret-postgresql-ha.yaml index 8e884fa0484..e9236a63f00 100644 --- a/helm/defectdojo/templates/secret-postgresql-ha.yaml +++ b/helm/defectdojo/templates/secret-postgresql-ha.yaml @@ -8,6 +8,9 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} helm.sh/chart: {{ include "defectdojo.chart" . }} + {{- with .Values.extraLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} annotations: helm.sh/resource-policy: keep helm.sh/hook: "pre-install" diff --git a/helm/defectdojo/templates/secret-postgresql.yaml b/helm/defectdojo/templates/secret-postgresql.yaml index de6e65420b6..115c244baa5 100644 --- a/helm/defectdojo/templates/secret-postgresql.yaml +++ b/helm/defectdojo/templates/secret-postgresql.yaml @@ -8,6 +8,9 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} helm.sh/chart: {{ include "defectdojo.chart" . }} + {{- with .Values.extraLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} annotations: helm.sh/resource-policy: keep helm.sh/hook: "pre-install" diff --git a/helm/defectdojo/templates/secret-redis.yaml b/helm/defectdojo/templates/secret-redis.yaml index 629e6b4fa93..de4549c1f63 100644 --- a/helm/defectdojo/templates/secret-redis.yaml +++ b/helm/defectdojo/templates/secret-redis.yaml @@ -8,6 +8,9 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} helm.sh/chart: {{ include "defectdojo.chart" . }} + {{- with .Values.extraLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} annotations: helm.sh/resource-policy: keep helm.sh/hook: "pre-install" diff --git a/helm/defectdojo/templates/secret.yaml b/helm/defectdojo/templates/secret.yaml index 94ca3ef268b..500a097dd16 100644 --- a/helm/defectdojo/templates/secret.yaml +++ b/helm/defectdojo/templates/secret.yaml @@ -9,6 +9,9 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} helm.sh/chart: {{ include "defectdojo.chart" . }} + {{- with .Values.extraLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} annotations: helm.sh/resource-policy: keep helm.sh/hook: "pre-install" diff --git a/helm/defectdojo/values.yaml b/helm/defectdojo/values.yaml index 67c41eeab3d..5a473dc814b 100644 --- a/helm/defectdojo/values.yaml +++ b/helm/defectdojo/values.yaml @@ -16,6 +16,9 @@ createPostgresqlHaPgpoolSecret: false # - enabled, enables tracking configuration changes based on SHA256 # trackConfig: disabled +# extraLabels: {} +# Add extra labels for k8s + # Enables application network policy # For more info follow https://kubernetes.io/docs/concepts/services-networking/network-policies/ networkPolicy: