fix: use recommended Kubernetes labels with all Policy Server resources

All the resources associated with Policy Server are now using the
labels recommended by Kubernetes, see here:
https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/#labels

Signed-off-by: Flavio Castelli <[email protected]>

Makefile

@@ -203,7 +203,7 @@ KUSTOMIZE_VERSION ?= v5.4.1
 CONTROLLER_TOOLS_VERSION ?= v0.16.1
 ENVTEST_VERSION ?= release-0.18
 GOLANGCI_LINT_VERSION ?= v1.64.5
-GINKGO_VERSION ?= v2.22.2
+GINKGO_VERSION ?= v2.23.0
 
 .PHONY: kustomize
 kustomize: $(KUSTOMIZE) ## Download kustomize locally if necessary.

api/policies/v1/policyserver_types.go

@@ -17,6 +17,7 @@
 package v1
 
 import (
+	"github.com/kubewarden/kubewarden-controller/internal/constants"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/util/intstr"
@@ -190,6 +191,18 @@
 	return "kubewarden-" + ps.NameWithPrefix()
 }
 
+// CommonLabels returns the common labels to be used with the resources
+// associated to a Policy Server. The labels defined follow
+// Kubernetes guidelines: https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/#labels
+func (ps *PolicyServer) CommonLabels() map[string]string {
+	return map[string]string{
+		constants.ComponentLabelKey: constants.ComponentPolicyServerLabelValue,
+		constants.InstanceLabelKey:  ps.NameWithPrefix(),
+		constants.PartOfLabelKey:    constants.PartOfLabelValue,
+		constants.ManagedByKey:      "kubewarden-controller",
+	}
+}
+
 //+kubebuilder:object:root=true
 
 // PolicyServerList contains a list of PolicyServer.

internal/constants/constants.go

@@ -32,10 +32,13 @@ const (
 	// Labels.
 	AppLabelKey                     = "app"
 	PolicyServerLabelKey            = "kubewarden/policy-server"
+	ComponentPolicyServerLabelValue = "policy-server"
+	NameLabelKey                    = "app.kubernetes.io/name"
+	InstanceLabelKey                = "app.kubernetes.io/instance"
+	ComponentLabelKey               = "app.kubernetes.io/component"
 	PartOfLabelKey                  = "app.kubernetes.io/part-of"
 	PartOfLabelValue                = "kubewarden"
-	ComponentLabelKey               = "app.kubernetes.io/component"
-	ComponentPolicyServerLabelValue = "policy-server"
+	ManagedByKey                    = "app.kubernetes.io/managed-by"
 
 	// Index.
 	PolicyServerIndexKey = ".spec.policyServer"

internal/controller/policyserver_controller_configmap.go

@@ -115,6 +115,7 @@ func (r *PolicyServerReconciler) reconcilePolicyServerConfigMap(
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      policyServer.NameWithPrefix(),
 			Namespace: r.DeploymentsNamespace,
+			Labels:    policyServer.CommonLabels(),
 		},
 	}
 	_, err := controllerutil.CreateOrPatch(ctx, r.Client, cfg, func() error {

internal/controller/policyserver_controller_deployment.go

@@ -297,6 +297,10 @@ func configureLabelsAndAnnotations(policyServerDeployment *appsv1.Deployment, po
 	}
 	policyServerDeployment.Labels[constants.AppLabelKey] = policyServer.AppLabel()
 	policyServerDeployment.Labels[constants.PolicyServerLabelKey] = policyServer.Name
+
+	for key, value := range policyServer.CommonLabels() {
+		policyServerDeployment.Labels[key] = value
+	}
 }
 
 func (r *PolicyServerReconciler) configureMutualTLS(ctx context.Context, policyServerDeployment *appsv1.Deployment) error {
@@ -373,6 +377,15 @@ func buildPolicyServerDeploymentSpec(
 	templateAnnotations map[string]string,
 	podSecurityContext *corev1.PodSecurityContext,
 ) appsv1.DeploymentSpec {
+	templateLabels := map[string]string{
+		constants.AppLabelKey: policyServer.AppLabel(),
+		constants.PolicyServerDeploymentPodSpecConfigVersionLabel: configMapVersion,
+		constants.PolicyServerLabelKey:                            policyServer.Name,
+	}
+	for key, value := range policyServer.CommonLabels() {
+		templateLabels[key] = value
+	}
+
 	return appsv1.DeploymentSpec{
 		Replicas: &policyServer.Spec.Replicas,
 		Selector: &metav1.LabelSelector{
@@ -385,11 +398,7 @@ func buildPolicyServerDeploymentSpec(
 		},
 		Template: corev1.PodTemplateSpec{
 			ObjectMeta: metav1.ObjectMeta{
-				Labels: map[string]string{
-					constants.AppLabelKey: policyServer.AppLabel(),
-					constants.PolicyServerDeploymentPodSpecConfigVersionLabel: configMapVersion,
-					constants.PolicyServerLabelKey:                            policyServer.Name,
-				},
+				Labels:      templateLabels,
 				Annotations: templateAnnotations,
 			},
 			Spec: corev1.PodSpec{

internal/controller/policyserver_controller_pdb.go

@@ -41,6 +41,7 @@ func reconcilePodDisruptionBudget(ctx context.Context, policyServer *policiesv1.
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      policyServer.NameWithPrefix(),
 			Namespace: namespace,
+			Labels:    policyServer.CommonLabels(),
 		},
 	}
 	_, err := controllerutil.CreateOrPatch(ctx, k8s, pdb, func() error {

internal/controller/policyserver_controller_service.go

@@ -38,6 +38,7 @@ func (r *PolicyServerReconciler) reconcilePolicyServerService(ctx context.Contex
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      policyServer.NameWithPrefix(),
 			Namespace: r.DeploymentsNamespace,
+			Labels:    policyServer.CommonLabels(),
 		},
 	}
 	_, err := controllerutil.CreateOrPatch(ctx, r.Client, &svc, func() error {

internal/controller/policyserver_controller_test.go

@@ -87,6 +87,10 @@ var _ = Describe("PolicyServer controller", func() {
 					"TolerationSeconds": PointTo(Equal(tolerationSeconds)),
 				}),
 			}))
+
+			for k, v := range policyServer.CommonLabels() {
+				Expect(deployment.Spec.Template.ObjectMeta.Labels).To(HaveKeyWithValue(k, v))
+			}
 		})
 
 		It("should use the policy server affinity configuration in the policy server deployment", func() {