Tweak value naming

Related to #173

helm/multi-juicer/README.md

@@ -27,6 +27,9 @@ MultiJuicer gives you the ability to run separate Juice Shop instances for every
 | balancer.metrics.dashboards.enabled | bool | `false` | if true, creates a Grafana Dashboard Config Map. (also requires metrics.enabled to be true). These will automatically be imported by Grafana when using the Grafana helm chart, see: https://github.com/helm/charts/tree/main/stable/grafana#sidecar-for-dashboards |
 | balancer.metrics.enabled | bool | `true` | enables prometheus metrics for the balancer. If set to true you should change the prometheus-scraper password |
 | balancer.metrics.serviceMonitor.enabled | bool | `false` | If true, creates a Prometheus Operator ServiceMonitor (also requires metrics.enabled to be true). This will also deploy a servicemonitor which monitors metrics from the Juice Shop instances |
+| balancer.metrics.serviceMonitor.labels | object | `{}` | If you use the kube-prometheus-stack helm chart, the default label looked for is `release=<kube-prometheus-release-name> |
+| balancer.pod.annotations | object | `{}` | Optional Additional annotations for the balancer pods. |
+| balancer.pod.labels | object | `{}` | Optional Additional labels for the balancer pods. |
 | balancer.replicas | int | `1` | Number of replicas of the juice-balancer deployment |
 | balancer.repository | string | `"ghcr.io/juice-shop/multi-juicer/juice-balancer"` |  |
 | balancer.resources.limits.cpu | string | `"400m"` |  |
@@ -47,6 +50,7 @@ MultiJuicer gives you the ability to run separate Juice Shop instances for every
 | ingress.enabled | bool | `false` |  |
 | ingress.hosts[0].host | string | `"multi-juicer.local"` |  |
 | ingress.hosts[0].paths[0] | string | `"/"` |  |
+| ingress.ingressClassName | string | `"nginx"` |  |
 | ingress.tls | list | `[]` |  |
 | juiceShop.affinity | object | `{}` | Optional Configure kubernetes scheduling affinity for the created JuiceShops (see: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity) |
 | juiceShop.config | string | See values.yaml for full details | Specify a custom Juice Shop config.yaml. See the JuiceShop Config Docs for more detail: https://pwning.owasp-juice.shop/part1/customization.html#yaml-configuration-file |
@@ -56,6 +60,8 @@ MultiJuicer gives you the ability to run separate Juice Shop instances for every
 | juiceShop.image | string | `"bkimminich/juice-shop"` | Juice Shop Image to use |
 | juiceShop.maxInstances | int | `10` | Specifies how many JuiceShop instances MultiJuicer should start at max. Set to -1 to remove the max Juice Shop instance cap |
 | juiceShop.nodeEnv | string | `"multi-juicer"` | Specify a custom NODE_ENV for JuiceShop. If value is changed to something other than 'multi-juicer' it's not possible to set a custom config via `juiceShop.config`. |
+| juiceShop.pod.annotations | object | `{}` | Optional Additional annotations for the Juice Shop pods. |
+| juiceShop.pod.labels | object | `{}` | Optional Additional labels for the Juice Shop pods. |
 | juiceShop.resources | object | `{"requests":{"cpu":"150m","memory":"300Mi"}}` | Optional resources definitions to set for each JuiceShop instance |
 | juiceShop.runtimeClassName | string | `nil` | Optional Can be used to configure the runtime class for the JuiceShop pods to add an additional layer of isolation to reduce the impact of potential container escapes. (see: https://kubernetes.io/docs/concepts/containers/runtime-class/) |
 | juiceShop.securityContext | object | `{}` | Optional securityContext definitions to set for each JuiceShop instance |

helm/multi-juicer/templates/juice-balancer/config-map.yaml

@@ -39,6 +39,7 @@ data:
         "affinity": {{ .Values.juiceShop.affinity | toJson }},
         "tolerations": {{ .Values.juiceShop.tolerations | toJson }},
         "runtimeClassName": {{ .Values.juiceShop.runtimeClassName | toJson }},
-        "additionalAnnotations": {{ .Values.juiceShop.additionalAnnotations | toJson }}
+        "annotations": {{ .Values.juiceShop.pod.annotations | toJson }},
+        "labels": {{ .Values.juiceShop.pod.labels | toJson }}
       }
     }

helm/multi-juicer/templates/juice-balancer/deployment.yaml

@@ -14,11 +14,14 @@ spec:
       annotations:
         checksum/config: {{ include (print $.Template.BasePath "/juice-balancer/config-map.yaml") . | sha256sum }}
         checksum/secret: {{ include (print $.Template.BasePath "/juice-balancer/secret.yaml") . | sha256sum }}
-        {{- with .Values.balancer.additionalAnnotations }}
+        {{- with .Values.balancer.pod.annotations }}
           {{- toYaml . | nindent 8 }}
         {{- end }}
       labels:
         {{- include "multi-juicer.juice-balancer.labels" . | nindent 8 }}
+        {{- with .Values.balancer.pod.labels }}
+          {{- toYaml . | nindent 8 }}
+        {{- end }}
     spec:
       serviceAccountName: juice-balancer
       {{- with .Values.balancer.securityContext }}

helm/multi-juicer/templates/juice-balancer/servicemonitor.yaml

@@ -5,9 +5,13 @@ metadata:
   name: juice-balancer
   labels:
     {{ include "multi-juicer.juice-balancer.labels" . | nindent 4 }}
-    {{- with .Values.balancer.metrics.serviceMonitor.additionalLabels }}
-      {{- toYaml . | nindent 4 }}
+    {{- with .Values.balancer.metrics.serviceMonitor.labels }}
+    {{- toYaml . | nindent 4 }}
     {{- end }}
+  {{- with .Values.balancer.metrics.serviceMonitor.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
 spec:
   selector:
     matchLabels:

helm/multi-juicer/templates/juice-shop/servicemonitor.yaml

@@ -5,9 +5,13 @@ metadata:
   name: juice-shops
   labels:
     {{- include "multi-juicer.juice-shop.labels" . | nindent 4 }}
-    {{- with .Values.balancer.metrics.serviceMonitor.additionalLabels }}
+    {{- with .Values.balancer.metrics.serviceMonitor.labels }}
       {{- toYaml . | nindent 4 }}
     {{- end }}
+  {{- with .Values.balancer.metrics.serviceMonitor.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
 spec:
   targetLabels:
     - team

helm/multi-juicer/values.yaml

@@ -63,8 +63,11 @@ balancer:
   tolerations: []
   # -- If set to true this skips setting ownerReferences on the teams JuiceShop Deployment and Services. This lets MultiJuicer run in older kubernetes cluster which don't support the reference type or the app/v1 deployment type
   skipOwnerReference: false
-  # -- Optional Additional annotations for the balancer pods.
-  additionalAnnotations: {}
+  pod:
+    # -- Optional Additional annotations for the balancer pods.
+    annotations: {}
+    # -- Optional Additional labels for the balancer pods.
+    labels: {}
   metrics:
     # -- enables prometheus metrics for the balancer. If set to true you should change the prometheus-scraper password
     enabled: true
@@ -74,9 +77,9 @@ balancer:
     serviceMonitor:
       # -- If true, creates a Prometheus Operator ServiceMonitor (also requires metrics.enabled to be true). This will also deploy a servicemonitor which monitors metrics from the Juice Shop instances
       enabled: false
-      # -- Allows to add additional labels. The Prometheus Operator can be adjusted to look for specific labels in ServiceMonitors.
-      # -- If you use the Kube-Prometheus-Stack Helm-Chart, the default label looked for is `release=<Kube-Prometheus-Release-Name>
-      additionalLabels: {}
+      # -- Optional Allows to add additional labels to the service monitor. The Prometheus Operator can be adjusted to look for specific labels in ServiceMonitors.
+      # -- If you use the kube-prometheus-stack helm chart, the default label looked for is `release=<kube-prometheus-release-name>
+      labels: {}
     basicAuth:
       username: prometheus-scraper
       # -- Should be changed when metrics are enabled.
@@ -146,8 +149,11 @@ juiceShop:
   affinity: {}
   # -- Optional Configure kubernetes toleration for the created JuiceShops (see: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/)
   tolerations: []
-  # -- Optional Additional annotations for the Juice Shop pods.
-  additionalAnnotations: {}
+  pod:
+    # -- Optional Additional annotations for the Juice Shop pods.
+    annotations: {}
+    # -- Optional Additional labels for the Juice Shop pods.
+    labels: {}
   # -- Optional Can be used to configure the runtime class for the JuiceShop pods to add an additional layer of isolation to reduce the impact of potential container escapes. (see: https://kubernetes.io/docs/concepts/containers/runtime-class/)
   runtimeClassName: null
 

juice-balancer/config/config.json

@@ -38,6 +38,7 @@
     },
     "tolerations": [],
     "affinity": {},
-    "additionalAnnotations": {}
+    "annotations": {},
+    "labels": {}
   }
 }

juice-balancer/src/kubernetes.js

@@ -50,6 +50,7 @@ const createDeploymentForTeam = async ({ team, passcodeHash }) => {
       template: {
         metadata: {
           labels: {
+            ...get('juiceShop.labels'),
             team,
             'app.kubernetes.io/version': get('juiceShop.tag'),
             'app.kubernetes.io/name': 'juice-shop',
@@ -58,7 +59,7 @@ const createDeploymentForTeam = async ({ team, passcodeHash }) => {
             'app.kubernetes.io/instance': `juice-shop-${get('deploymentContext')}`,
             'app.kubernetes.io/part-of': 'multi-juicer',
           },
-          annotations: get('juiceShop.additionalAnnotations'),
+          annotations: get('juiceShop.annotations'),
         },
         spec: {
           automountServiceAccountToken: false,