Allow custom (non-propagating) stateful set metadata (#2337)

* allow custom (non-propagating) sts metadata

docs/tenant_crd.adoc

@@ -689,6 +689,35 @@ Security Context
 |===
 
 
+[id="{anchor_prefix}-github-com-minio-operator-pkg-apis-minio-min-io-v2-poolsmetadata"]
+==== PoolsMetadata 
+
+PoolsMetadata (`poolsMetadata`) defines custom labels and annotations for the MinIO pool stateful sets / pods. +
+
+.Appears In:
+****
+- xref:{anchor_prefix}-github-com-minio-operator-pkg-apis-minio-min-io-v2-tenantspec[$$TenantSpec$$]
+****
+
+[cols="25a,75a", options="header"]
+|===
+| Field | Description
+
+|*`labels`* __object (keys:string, values:string)__ 
+|*Optional* +
+
+
+If provided, append these labels to the MinIO statefulset / pods
+
+|*`annotations`* __object (keys:string, values:string)__ 
+|*Optional* +
+
+
+If provided, append these annotations to the MinIO statefulset / pods
+
+|===
+
+
 [id="{anchor_prefix}-github-com-minio-operator-pkg-apis-minio-min-io-v2-servicemetadata"]
 ==== ServiceMetadata 
 
@@ -727,6 +756,18 @@ If provided, append these labels to the Console service
 
 If provided, append these annotations to the Console service
 
+|*`kesServiceLabels`* __object (keys:string, values:string)__ 
+|*Optional* +
+
+
+If provided, append these labels to the KES service
+
+|*`kesServiceAnnotations`* __object (keys:string, values:string)__ 
+|*Optional* +
+
+
+If provided, append these annotations to the KES service
+
 |===
 
 
@@ -1154,6 +1195,12 @@ Directs the Operator to expose the MinIO and/or Console services. +
 
 Specify custom labels and annotations to append to the MinIO service and/or Console service.
 
+|*`poolsMetadata`* __xref:{anchor_prefix}-github-com-minio-operator-pkg-apis-minio-min-io-v2-poolsmetadata[$$PoolsMetadata$$]__ 
+|*Optional* +
+
+
+Specify custom labels and annotations to append to all pool statefulsets and pods.
+
 |*`users`* __link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.23/#localobjectreference-v1-core[$$LocalObjectReference$$] array__ 
 |*Optional* +
 

examples/kustomization/tenant-certmanager/tenant.yaml

@@ -4,6 +4,10 @@ metadata:
   name: myminio
   namespace: minio-tenant
 spec:
+  ## Assign labels to the pool
+  poolsMetadata:
+    labels:
+      app: minio
   ## Disable default tls certificates.
   requestAutoCert: false
   ## Use certificates generated by cert-manager.

helm/operator/templates/minio.min.io_tenants.yaml

@@ -3638,6 +3638,17 @@ spec:
                 x-kubernetes-list-map-keys:
                 - name
                 x-kubernetes-list-type: map
+              poolsMetadata:
+                properties:
+                  annotations:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                type: object
               priorityClassName:
                 type: string
               prometheusOperator:
@@ -3736,6 +3747,14 @@ spec:
                     additionalProperties:
                       type: string
                     type: object
+                  kesServiceAnnotations:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  kesServiceLabels:
+                    additionalProperties:
+                      type: string
+                    type: object
                   minioServiceAnnotations:
                     additionalProperties:
                       type: string

helm/tenant/templates/tenant.yaml

@@ -28,6 +28,12 @@ spec:
   ## Secret with default environment variable configurations
   configuration:
     name: {{ .configuration.name }}
+  {{- if hasKey . "poolsMetadata" }}
+  poolsMetadata: {{- if eq (len .poolsMetadata) 0 }} {} {{- end }}
+  {{- with (dig "poolsMetadata" (dict) .) }}
+  {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- end }}
   pools:
     {{- range (dig "pools" (list) .) }}
     - servers: {{ dig "servers" 4 . }}

helm/tenant/values.yaml

@@ -70,6 +70,16 @@ tenant:
     secretKey: minio123
     #existingSecret: true
 
+  ###
+  # Metadata that will be added to the statefulset and pods of all pools
+  poolsMetadata:
+    ###
+    # Specify `annotations <https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/>`__ to associate to Tenant pods.
+    annotations: { }
+    ###
+    # Specify `labels <https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/>`__ to associate to Tenant pods.
+    labels: { }
+
   ###
   # If this variable is set to true, then enable the usage of an existing Kubernetes secret to set environment variables for the Tenant.
   # The existing Kubernetes secret name must be placed under .tenant.configuration.name e.g. existing-minio-env-configuration

pkg/apis/minio.min.io/v2/helper.go

@@ -878,20 +878,6 @@ func GetClusterDomain() string {
 	return k8sClusterDomain
 }
 
-// MergeMaps merges two maps and returns the union
-func MergeMaps(a, b map[string]string) map[string]string {
-	if a == nil {
-		a = map[string]string{}
-	}
-	if b == nil {
-		b = map[string]string{}
-	}
-	for k, v := range b {
-		a[k] = v
-	}
-	return a
-}
-
 // ToMap converts a slice of env vars to a map of Name and value
 func ToMap(envs []corev1.EnvVar) map[string]string {
 	newMap := make(map[string]string)

pkg/apis/minio.min.io/v2/types.go

@@ -318,6 +318,11 @@ type TenantSpec struct {
 	ServiceMetadata *ServiceMetadata `json:"serviceMetadata,omitempty"`
 	// *Optional* +
 	//
+	// Specify custom labels and annotations to append to all pool statefulsets and pods.
+	// +optional
+	PoolsMetadata *PoolsMetadata `json:"poolsMetadata,omitempty"`
+	// *Optional* +
+	//
 	// An array of https://kubernetes.io/docs/concepts/configuration/secret/[Kubernetes opaque secrets] to use for generating MinIO users during tenant provisioning. +
 	//
 	// Each element in the array is an object consisting of a key-value pair `name: <string>`, where the `<string>` references an opaque Kubernetes secret. +
@@ -395,6 +400,30 @@ type ServiceMetadata struct {
 	// If provided, append these annotations to the Console service
 	// +optional
 	ConsoleServiceAnnotations map[string]string `json:"consoleServiceAnnotations,omitempty"`
+	// *Optional* +
+	//
+	// If provided, append these labels to the KES service
+	// +optional
+	KESServiceLabels map[string]string `json:"kesServiceLabels,omitempty"`
+	// *Optional* +
+	//
+	// If provided, append these annotations to the KES service
+	// +optional
+	KESServiceAnnotations map[string]string `json:"kesServiceAnnotations,omitempty"`
+}
+
+// PoolsMetadata (`poolsMetadata`) defines custom labels and annotations for the MinIO pool stateful sets / pods. +
+type PoolsMetadata struct {
+	// *Optional* +
+	//
+	// If provided, append these labels to the MinIO statefulset / pods
+	// +optional
+	Labels map[string]string `json:"labels,omitempty"`
+	// *Optional* +
+	//
+	// If provided, append these annotations to the MinIO statefulset / pods
+	// +optional
+	Annotations map[string]string `json:"annotations,omitempty"`
 }
 
 // LocalCertificateReference (`externalCertSecret`, `externalCaCertSecret`,`clientCertSecret`) contains a Kubernetes secret containing TLS certificates or Certificate Authority files for use with enabling TLS in the MinIO Tenant. +