reverting changes to charts directory

charts/gatekeeper/templates/_helpers.tpl

@@ -36,44 +36,10 @@ Adds additional pod labels to the common ones
 */}}
 {{- define "gatekeeper.podLabels" -}}
 {{- if .Values.podLabels }}
-{{- toYaml .Values.podLabels }}
+{{- toYaml .Values.podLabels | nindent 8 }}
 {{- end }}
 {{- end -}}
 
-{{/*
-Mandatory labels
-*/}}
-{{- define "gatekeeper.mandatoryLabels" -}}
-app: '{{ "gatekeeper.name" . }}'
-chart: '{{ "gatekeeper.name" . }}'
-gatekeeper.sh/system: "yes"
-heritage: '{{ .Release.Service }}'
-release: '{{ .Release.Name }}'
-{{- end }}
-
-{{/*
-Common labels
-*/}}
-{{- define "gatekeeper.commonLabels" -}}
-helm.sh/chart: {{ include "gatekeeper.chart" . }}
-{{ include "gatekeeper.selectorLabels" . }}
-{{- if .Chart.Version }}
-app.kubernetes.io/version: {{ .Chart.Version | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- if .Values.commonLabels }}
-{{ toYaml .Values.commonLabels }}
-{{- end }}
-{{- end }}
-
-{{/*
-Selector labels
-*/}}
-{{- define "gatekeeper.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "gatekeeper.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end }}
-
 {{/*
 Output post install webhook probe container entry
 */}}

charts/gatekeeper/templates/gatekeeper-admin-podsecuritypolicy.yaml

@@ -5,8 +5,11 @@ metadata:
   annotations:
     seccomp.security.alpha.kubernetes.io/allowedProfileNames: '*'
   labels:
-    {{- include "gatekeeper.mandatoryLabels" . | nindent 4 }}
-    {{- include "gatekeeper.commonLabels" . | nindent 4 }}
+    app: '{{ template "gatekeeper.name" . }}'
+    chart: '{{ template "gatekeeper.name" . }}'
+    gatekeeper.sh/system: "yes"
+    heritage: '{{ .Release.Service }}'
+    release: '{{ .Release.Name }}'
   name: gatekeeper-admin
 spec:
   allowPrivilegeEscalation: false

charts/gatekeeper/templates/gatekeeper-admin-serviceaccount.yaml

@@ -2,7 +2,10 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
   labels:
-    {{- include "gatekeeper.mandatoryLabels" . | nindent 4 }}
-    {{- include "gatekeeper.commonLabels" . | nindent 4 }}
+    app: '{{ template "gatekeeper.name" . }}'
+    chart: '{{ template "gatekeeper.name" . }}'
+    gatekeeper.sh/system: "yes"
+    heritage: '{{ .Release.Service }}'
+    release: '{{ .Release.Name }}'
   name: gatekeeper-admin
   namespace: '{{ .Release.Namespace }}'

charts/gatekeeper/templates/gatekeeper-audit-deployment.yaml

@@ -2,32 +2,41 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   labels:
-    {{- include "gatekeeper.mandatoryLabels" . | nindent 4 }}
-    {{- include "gatekeeper.commonLabels" . | nindent 4 }}
+    app: '{{ template "gatekeeper.name" . }}'
+    chart: '{{ template "gatekeeper.name" . }}'
     control-plane: audit-controller
     gatekeeper.sh/operation: audit
+    gatekeeper.sh/system: "yes"
+    heritage: '{{ .Release.Service }}'
+    release: '{{ .Release.Name }}'
   name: gatekeeper-audit
   namespace: '{{ .Release.Namespace }}'
 spec:
   replicas: 1
   selector:
     matchLabels:
-      {{- include "gatekeeper.mandatoryLabels" . | nindent 6 }}
-      {{- include "gatekeeper.selectorLabels" . | nindent 6 }}
+      app: '{{ template "gatekeeper.name" . }}'
+      chart: '{{ template "gatekeeper.name" . }}'
       control-plane: audit-controller
       gatekeeper.sh/operation: audit
+      gatekeeper.sh/system: "yes"
+      heritage: '{{ .Release.Service }}'
+      release: '{{ .Release.Name }}'
   template:
     metadata:
       annotations:
         {{- if .Values.podAnnotations }}
         {{- toYaml .Values.podAnnotations | trim | nindent 8 }}
         {{- end }}
       labels:
-        {{- include "gatekeeper.podLabels" . | nindent 8 }}
-        {{- include "gatekeeper.mandatoryLabels" . | nindent 8 }}
-        {{- include "gatekeeper.commonLabels" . | nindent 8 }}
+{{- include "gatekeeper.podLabels" . }}
+        app: '{{ template "gatekeeper.name" . }}'
+        chart: '{{ template "gatekeeper.name" . }}'
         control-plane: audit-controller
         gatekeeper.sh/operation: audit
+        gatekeeper.sh/system: "yes"
+        heritage: '{{ .Release.Service }}'
+        release: '{{ .Release.Name }}'
     spec:
       affinity:
         {{- toYaml .Values.audit.affinity | nindent 8 }}

charts/gatekeeper/templates/gatekeeper-controller-manager-deployment.yaml

@@ -2,32 +2,41 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   labels:
-    {{- include "gatekeeper.mandatoryLabels" . | nindent 4 }}
-    {{- include "gatekeeper.commonLabels" . | nindent 4 }}
+    app: '{{ template "gatekeeper.name" . }}'
+    chart: '{{ template "gatekeeper.name" . }}'
     control-plane: controller-manager
     gatekeeper.sh/operation: webhook
+    gatekeeper.sh/system: "yes"
+    heritage: '{{ .Release.Service }}'
+    release: '{{ .Release.Name }}'
   name: gatekeeper-controller-manager
   namespace: '{{ .Release.Namespace }}'
 spec:
   replicas: {{ .Values.replicas }}
   selector:
     matchLabels:
-      {{- include "gatekeeper.mandatoryLabels" . | nindent 6 }}
-      {{- include "gatekeeper.selectorLabels" . | nindent 6 }}
+      app: '{{ template "gatekeeper.name" . }}'
+      chart: '{{ template "gatekeeper.name" . }}'
       control-plane: controller-manager
       gatekeeper.sh/operation: webhook
+      gatekeeper.sh/system: "yes"
+      heritage: '{{ .Release.Service }}'
+      release: '{{ .Release.Name }}'
   template:
     metadata:
       annotations:
         {{- if .Values.podAnnotations }}
         {{- toYaml .Values.podAnnotations | trim | nindent 8 }}
         {{- end }}
       labels:
-        {{- include "gatekeeper.podLabels" . | nindent 8 }}
-        {{- include "gatekeeper.mandatoryLabels" . | nindent 8 }}
-        {{- include "gatekeeper.commonLabels" . | nindent 8 }}
+{{- include "gatekeeper.podLabels" . }}
+        app: '{{ template "gatekeeper.name" . }}'
+        chart: '{{ template "gatekeeper.name" . }}'
         control-plane: controller-manager
         gatekeeper.sh/operation: webhook
+        gatekeeper.sh/system: "yes"
+        heritage: '{{ .Release.Service }}'
+        release: '{{ .Release.Name }}'
     spec:
       affinity:
         {{- toYaml .Values.controllerManager.affinity | nindent 8 }}

charts/gatekeeper/templates/gatekeeper-controller-manager-network-policy.yaml

@@ -3,8 +3,10 @@ kind: NetworkPolicy
 apiVersion: networking.k8s.io/v1
 metadata:
   labels:
-    {{- include "gatekeeper.mandatoryLabels" . | nindent 4 }}
-    {{- include "gatekeeper.commonLabels" . | nindent 4 }}
+    app: '{{ template "gatekeeper.name" . }}'
+    chart: '{{ template "gatekeeper.name" . }}'
+    heritage: '{{ .Release.Service }}'
+    release: '{{ .Release.Name }}'
   name: gatekeeper-controller-manager
 spec:
   ingress:
@@ -18,8 +20,11 @@ spec:
     {{- end }}
   podSelector:
     matchLabels:
-      {{- include "gatekeeper.mandatoryLabels" . | nindent 6 }}
-      {{- include "gatekeeper.commonLabels" . | nindent 6 }}
+      app: '{{ template "gatekeeper.name" . }}'
+      chart: '{{ template "gatekeeper.name" . }}'
       control-plane: controller-manager
       gatekeeper.sh/operation: webhook
+      gatekeeper.sh/system: "yes"
+      heritage: '{{ .Release.Service }}'
+      release: '{{ .Release.Name }}'
 {{- end -}}

charts/gatekeeper/templates/gatekeeper-controller-manager-poddisruptionbudget.yaml

@@ -4,15 +4,21 @@ apiVersion: policy/v1{{- if and (not $v1) $v1beta1 -}}beta1{{- end }}
 kind: PodDisruptionBudget
 metadata:
   labels:
-    {{- include "gatekeeper.mandatoryLabels" . | nindent 4 }}
-    {{- include "gatekeeper.commonLabels" . | nindent 4 }}
+    app: '{{ template "gatekeeper.name" . }}'
+    chart: '{{ template "gatekeeper.name" . }}'
+    gatekeeper.sh/system: "yes"
+    heritage: '{{ .Release.Service }}'
+    release: '{{ .Release.Name }}'
   name: gatekeeper-controller-manager
   namespace: '{{ .Release.Namespace }}'
 spec:
   minAvailable: {{ .Values.pdb.controllerManager.minAvailable }}
   selector:
     matchLabels:
-      {{- include "gatekeeper.mandatoryLabels" . | nindent 6 }}
-      {{- include "gatekeeper.commonLabels" . | nindent 6 }}
+      app: '{{ template "gatekeeper.name" . }}'
+      chart: '{{ template "gatekeeper.name" . }}'
       control-plane: controller-manager
       gatekeeper.sh/operation: webhook
+      gatekeeper.sh/system: "yes"
+      heritage: '{{ .Release.Service }}'
+      release: '{{ .Release.Name }}'

charts/gatekeeper/templates/gatekeeper-critical-pods-resourcequota.yaml

@@ -3,8 +3,11 @@ apiVersion: v1
 kind: ResourceQuota
 metadata:
   labels:
-    {{- include "gatekeeper.mandatoryLabels" . | nindent 4 }}
-    {{- include "gatekeeper.commonLabels" . | nindent 4 }}
+    app: '{{ template "gatekeeper.name" . }}'
+    chart: '{{ template "gatekeeper.name" . }}'
+    gatekeeper.sh/system: "yes"
+    heritage: '{{ .Release.Service }}'
+    release: '{{ .Release.Name }}'
   name: gatekeeper-critical-pods
   namespace: '{{ .Release.Namespace }}'
 spec:

charts/gatekeeper/templates/gatekeeper-manager-role-clusterrole.yaml

@@ -4,8 +4,11 @@ kind: ClusterRole
 metadata:
   creationTimestamp: null
   labels:
-    {{- include "gatekeeper.mandatoryLabels" . | nindent 4 }}
-    {{- include "gatekeeper.commonLabels" . | nindent 4 }}
+    app: '{{ template "gatekeeper.name" . }}'
+    chart: '{{ template "gatekeeper.name" . }}'
+    gatekeeper.sh/system: "yes"
+    heritage: '{{ .Release.Service }}'
+    release: '{{ .Release.Name }}'
   name: gatekeeper-manager-role
 rules:
 - apiGroups:

charts/gatekeeper/templates/gatekeeper-manager-role-role.yaml

@@ -4,8 +4,11 @@ kind: Role
 metadata:
   creationTimestamp: null
   labels:
-    {{- include "gatekeeper.mandatoryLabels" . | nindent 4 }}
-    {{- include "gatekeeper.commonLabels" . | nindent 4 }}
+    app: '{{ template "gatekeeper.name" . }}'
+    chart: '{{ template "gatekeeper.name" . }}'
+    gatekeeper.sh/system: "yes"
+    heritage: '{{ .Release.Service }}'
+    release: '{{ .Release.Name }}'
   name: gatekeeper-manager-role
   namespace: '{{ .Release.Namespace }}'
 rules:

charts/gatekeeper/templates/gatekeeper-manager-rolebinding-clusterrolebinding.yaml

@@ -3,8 +3,11 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   labels:
-    {{- include "gatekeeper.mandatoryLabels" . | nindent 4 }}
-    {{- include "gatekeeper.commonLabels" . | nindent 4 }}
+    app: '{{ template "gatekeeper.name" . }}'
+    chart: '{{ template "gatekeeper.name" . }}'
+    gatekeeper.sh/system: "yes"
+    heritage: '{{ .Release.Service }}'
+    release: '{{ .Release.Name }}'
   name: gatekeeper-manager-rolebinding
 roleRef:
   apiGroup: rbac.authorization.k8s.io

charts/gatekeeper/templates/gatekeeper-manager-rolebinding-rolebinding.yaml

@@ -3,8 +3,11 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
   labels:
-    {{- include "gatekeeper.mandatoryLabels" . | nindent 4 }}
-    {{- include "gatekeeper.commonLabels" . | nindent 4 }}
+    app: '{{ template "gatekeeper.name" . }}'
+    chart: '{{ template "gatekeeper.name" . }}'
+    gatekeeper.sh/system: "yes"
+    heritage: '{{ .Release.Service }}'
+    release: '{{ .Release.Name }}'
   name: gatekeeper-manager-rolebinding
   namespace: '{{ .Release.Namespace }}'
 roleRef:

charts/gatekeeper/templates/gatekeeper-mutating-webhook-configuration-mutatingwebhookconfiguration.yaml

@@ -4,8 +4,11 @@ kind: MutatingWebhookConfiguration
 metadata:
   annotations: {{- toYaml .Values.mutatingWebhookAnnotations | trim | nindent 4 }}
   labels:
-    {{- include "gatekeeper.mandatoryLabels" . | nindent 4 }}
-    {{- include "gatekeeper.commonLabels" . | nindent 4 }}
+    app: '{{ template "gatekeeper.name" . }}'
+    chart: '{{ template "gatekeeper.name" . }}'
+    gatekeeper.sh/system: "yes"
+    heritage: '{{ .Release.Service }}'
+    release: '{{ .Release.Name }}'
   name: '{{ .Values.mutatingWebhookName }}'
 webhooks:
 - admissionReviewVersions:

charts/gatekeeper/templates/gatekeeper-validating-webhook-configuration-validatingwebhookconfiguration.yaml

@@ -4,8 +4,11 @@ kind: ValidatingWebhookConfiguration
 metadata:
   annotations: {{- toYaml .Values.validatingWebhookAnnotations | trim | nindent 4 }}
   labels:
-    {{- include "gatekeeper.mandatoryLabels" . | nindent 4 }}
-    {{- include "gatekeeper.commonLabels" . | nindent 4 }}
+    app: '{{ template "gatekeeper.name" . }}'
+    chart: '{{ template "gatekeeper.name" . }}'
+    gatekeeper.sh/system: "yes"
+    heritage: '{{ .Release.Service }}'
+    release: '{{ .Release.Name }}'
   name: '{{ .Values.validatingWebhookName }}'
 webhooks:
 - admissionReviewVersions:

charts/gatekeeper/templates/gatekeeper-webhook-server-cert-secret.yaml

@@ -4,8 +4,11 @@ kind: Secret
 metadata:
   annotations: {{- toYaml .Values.secretAnnotations | trim | nindent 4 }}
   labels:
-    {{- include "gatekeeper.mandatoryLabels" . | nindent 4 }}
-    {{- include "gatekeeper.commonLabels" . | nindent 4 }}
+    app: '{{ template "gatekeeper.name" . }}'
+    chart: '{{ template "gatekeeper.name" . }}'
+    gatekeeper.sh/system: "yes"
+    heritage: '{{ .Release.Service }}'
+    release: '{{ .Release.Name }}'
   name: gatekeeper-webhook-server-cert
   namespace: '{{ .Release.Namespace }}'
 {{- end }}

charts/gatekeeper/templates/gatekeeper-webhook-service-service.yaml

@@ -2,8 +2,11 @@ apiVersion: v1
 kind: Service
 metadata:
   labels:
-    {{- include "gatekeeper.mandatoryLabels" . | nindent 4 }}
-    {{- include "gatekeeper.commonLabels" . | nindent 4 }}
+    app: '{{ template "gatekeeper.name" . }}'
+    chart: '{{ template "gatekeeper.name" . }}'
+    gatekeeper.sh/system: "yes"
+    heritage: '{{ .Release.Service }}'
+    release: '{{ .Release.Name }}'
   name: gatekeeper-webhook-service
   namespace: '{{ .Release.Namespace }}'
 spec: