sync labels from klusterlet to all agent resources

Signed-off-by: Zhiwei Yin <zyin@redhat.com>

manifests/klusterlet/managed/0000_01_work.open-cluster-management.io_appliedmanifestworks.crd.yaml

@@ -2,6 +2,14 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   name: appliedmanifestworks.work.open-cluster-management.io
+  labels:
+    app: klusterlet-agent
+    createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 spec:
   group: work.open-cluster-management.io
   names:

manifests/klusterlet/managed/0000_02_clusters.open-cluster-management.io_clusterclaims.crd.yaml

@@ -2,6 +2,14 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   name: clusterclaims.cluster.open-cluster-management.io
+  labels:
+    app: klusterlet-agent
+    createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 spec:
   group: cluster.open-cluster-management.io
   names:

manifests/klusterlet/managed/0001_01_work.open-cluster-management.io_appliedmanifestworks.crd.yaml

@@ -3,6 +3,14 @@ kind: CustomResourceDefinition
 metadata:
   creationTimestamp: null
   name: appliedmanifestworks.work.open-cluster-management.io
+  labels:
+    app: klusterlet-agent
+    createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 spec:
   group: work.open-cluster-management.io
   names:

manifests/klusterlet/managed/0001_02_clusters.open-cluster-management.io_clusterclaims.crd.yaml

@@ -2,6 +2,14 @@ apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
   name: clusterclaims.cluster.open-cluster-management.io
+  labels:
+    app: klusterlet-agent
+    createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 spec:
   group: cluster.open-cluster-management.io
   names:

manifests/klusterlet/managed/klusterlet-registration-clusterrole-addon-management.yaml

@@ -7,6 +7,14 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
   name: open-cluster-management:{{ .KlusterletName }}-registration:addon-management
+  labels:
+    app: klusterlet-agent
+    createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 rules:
 # Allow agent to get/list/watch/create/delete/update/patch secrets.
 - apiGroups: [""]

manifests/klusterlet/managed/klusterlet-registration-clusterrole.yaml

@@ -4,6 +4,14 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
   name: open-cluster-management:{{ .KlusterletName }}-registration:agent
+  labels:
+    app: klusterlet-agent
+    createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 rules:
 # Allow agent to get/list/watch nodes
 # list nodes to calculates the capacity and allocatable resources of the managed cluster

manifests/klusterlet/managed/klusterlet-registration-clusterrolebinding-addon-management.yaml

@@ -7,6 +7,14 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: open-cluster-management:{{ .KlusterletName }}-registration:addon-management
+  labels:
+    app: klusterlet-agent
+    createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole

manifests/klusterlet/managed/klusterlet-registration-clusterrolebinding.yaml

@@ -3,6 +3,14 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: open-cluster-management:{{ .KlusterletName }}-registration:agent
+  labels:
+    app: klusterlet-agent
+    createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole

manifests/klusterlet/managed/klusterlet-registration-serviceaccount.yaml

@@ -3,5 +3,13 @@ kind: ServiceAccount
 metadata:
   name: {{ .RegistrationServiceAccount }}
   namespace: {{ .KlusterletNamespace }}
+  labels:
+    app: klusterlet-agent
+    createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 imagePullSecrets:
 - name: open-cluster-management-image-pull-credentials

manifests/klusterlet/managed/klusterlet-work-clusterrole-execution.yaml

@@ -6,6 +6,13 @@ metadata:
   name: open-cluster-management:{{ .KlusterletName }}-work:execution
   labels:
     open-cluster-management.io/aggregate-to-work: "true"
+    app: klusterlet-agent
+    createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 rules:
 # Allow agent to get/list/watch/create/delete crds.
 - apiGroups: ["apiextensions.k8s.io"]

manifests/klusterlet/managed/klusterlet-work-clusterrole.yaml

@@ -4,6 +4,14 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
   name: open-cluster-management:{{ .KlusterletName }}-work:agent
+  labels:
+    app: klusterlet-agent
+    createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 rules:
 # Allow agent to managed appliedmanifestworks
 - apiGroups: ["work.open-cluster-management.io"]

manifests/klusterlet/managed/klusterlet-work-clusterrolebinding-aggregate.yaml

@@ -4,6 +4,14 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: open-cluster-management:{{ .KlusterletName }}-work:aggregate
+  labels:
+    app: klusterlet-agent
+    createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole

manifests/klusterlet/managed/klusterlet-work-clusterrolebinding-execution-admin.yaml

@@ -4,6 +4,14 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: open-cluster-management:{{ .KlusterletName }}-work:execution-admin
+  labels:
+    app: klusterlet-agent
+    createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole

manifests/klusterlet/managed/klusterlet-work-clusterrolebinding-execution.yaml

@@ -3,6 +3,14 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: open-cluster-management:{{ .KlusterletName }}-work:execution
+  labels:
+    app: klusterlet-agent
+    createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole

manifests/klusterlet/managed/klusterlet-work-clusterrolebinding.yaml

@@ -3,6 +3,14 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: open-cluster-management:{{ .KlusterletName }}-work:agent
+  labels:
+    app: klusterlet-agent
+    createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole

manifests/klusterlet/managed/klusterlet-work-serviceaccount.yaml

@@ -3,5 +3,13 @@ kind: ServiceAccount
 metadata:
   name: {{ .WorkServiceAccount }}
   namespace: {{ .KlusterletNamespace }}
+  labels:
+    app: klusterlet-agent
+    createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 imagePullSecrets:
 - name: open-cluster-management-image-pull-credentials

manifests/klusterlet/management/klusterlet-agent-deployment.yaml

@@ -6,6 +6,11 @@ metadata:
   labels:
     app: klusterlet-agent
     createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 spec:
   replicas: {{ .Replica }}
   selector:

manifests/klusterlet/management/klusterlet-registration-clusterrole-addon-management.yaml

@@ -4,6 +4,14 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
   name: open-cluster-management:management:{{ .KlusterletName }}-registration:addon-management
+  labels:
+    app: klusterlet-agent
+    createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 rules:
 # Allow agent to get/list/watch/create/delete/update/patch secrets, registration agent needs secret permission for an 
 # arbitrary namespace to create hub-kubeconfig secret for an addon

manifests/klusterlet/management/klusterlet-registration-clusterrolebinding-addon-management.yaml

@@ -5,6 +5,14 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: open-cluster-management:management:{{ .KlusterletName }}-registration:addon-management
+  labels:
+    app: klusterlet-agent
+    createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole

manifests/klusterlet/management/klusterlet-registration-deployment.yaml

@@ -6,6 +6,11 @@ metadata:
   labels:
     app: klusterlet-registration-agent
     createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 spec:
   replicas: {{ .Replica }}
   selector:

manifests/klusterlet/management/klusterlet-registration-role.yaml

@@ -5,6 +5,14 @@ kind: Role
 metadata:
   name: open-cluster-management:management:{{ .KlusterletName }}-registration:agent
   namespace: {{ .AgentNamespace }}
+  labels:
+    app: klusterlet-agent
+    createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 rules:
 # leader election needs to operate configmaps and leases
 - apiGroups: [""]

manifests/klusterlet/management/klusterlet-registration-rolebinding-extension-apiserver.yaml

@@ -3,6 +3,14 @@ kind: RoleBinding
 metadata:
   name: open-cluster-management:management:{{ .KlusterletName }}-registration:agent
   namespace: kube-system
+  labels:
+    app: klusterlet-agent
+    createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role

manifests/klusterlet/management/klusterlet-registration-rolebinding.yaml

@@ -4,6 +4,14 @@ kind: RoleBinding
 metadata:
   name: open-cluster-management:management:{{ .KlusterletName }}-registration:agent
   namespace: {{ .AgentNamespace }}
+  labels:
+    app: klusterlet-agent
+    createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role

manifests/klusterlet/management/klusterlet-registration-serviceaccount.yaml

@@ -3,5 +3,13 @@ kind: ServiceAccount
 metadata:
   name: {{ .RegistrationServiceAccount }}
   namespace: {{ .AgentNamespace }}
+  labels:
+    app: klusterlet-agent
+    createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 imagePullSecrets:
 - name: open-cluster-management-image-pull-credentials

manifests/klusterlet/management/klusterlet-role-extension-apiserver.yaml

@@ -7,6 +7,14 @@ kind: Role
 metadata:
   name: open-cluster-management:management:{{ .KlusterletName }}:extension-apiserver
   namespace: kube-system
+  labels:
+    app: klusterlet-agent
+    createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 rules:
 - apiGroups: [""]
   resources: ["configmaps"]

manifests/klusterlet/management/klusterlet-work-deployment.yaml

@@ -6,6 +6,11 @@ metadata:
   labels:
     app: klusterlet-manifestwork-agent
     createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 spec:
   replicas: {{ .Replica }}
   selector:

manifests/klusterlet/management/klusterlet-work-role.yaml

@@ -5,6 +5,14 @@ kind: Role
 metadata:
   name: open-cluster-management:management:{{ .KlusterletName }}-work:agent
   namespace: {{ .AgentNamespace }}
+  labels:
+    app: klusterlet-agent
+    createdBy: klusterlet
+    {{ if gt (len .Labels) 0 }}
+    {{ range $key, $value := .Labels }}
+    {{ $key }}: {{ $value }}
+    {{ end }}
+    {{ end }}
 rules:
 # leader election needs to operate configmaps and leases
 - apiGroups: [""]