From 36f271f57ce1de07eeeaa0355f39f52a60964f93 Mon Sep 17 00:00:00 2001 From: Lyon Date: Thu, 13 Nov 2025 16:27:00 +0900 Subject: [PATCH] install/kubernetes/tetragon: Helm chart add service Annotations and Labels charts: add serviceAnnotations and serviceLabels for additive Service metadata management Tetragon Helm chart currently exposes only serviceLabelsOverride which forces full replacement of the Service labels and makes day to day label management error prone. This patch fixes this by adding: A new values key serviceLabels as an empty map in values.yaml to allow appending labels without losing chart defaults. A new values key serviceAnnotations as an empty map in values.yaml to allow appending annotations without losing chart defaults. Service template logic that preserves compatibility. If serviceLabels is set it is merged with existing chart labels or serviceLabelsOverride to produce the final label set. If serviceAnnotations is set it is merged with existing chart annotations to produce the final annotations set. As a secondary note, these additive fields can simplify label based selection in systems such as Prometheus. Signed-off-by: Lyon --- docs/content/en/docs/reference/helm-chart.md | 2 ++ install/kubernetes/tetragon/README.md | 2 ++ install/kubernetes/tetragon/templates/service.yaml | 7 +++++++ install/kubernetes/tetragon/values.yaml | 2 ++ 4 files changed, 13 insertions(+) diff --git a/docs/content/en/docs/reference/helm-chart.md b/docs/content/en/docs/reference/helm-chart.md index 00d123a5270..8e6f96cdd8e 100644 --- a/docs/content/en/docs/reference/helm-chart.md +++ b/docs/content/en/docs/reference/helm-chart.md @@ -69,6 +69,8 @@ To use [the values available](#values), with `helm install` or `helm upgrade`, u | serviceAccount.annotations | object | `{}` | | | serviceAccount.create | bool | `true` | | | serviceAccount.name | string | `""` | | +| serviceAnnotations | object | `{}` | | +| serviceLabels | object | `{}` | | | serviceLabelsOverride | object | `{}` | | | tetragon.argsOverride | list | `[]` | Override the arguments. For advanced users only. | | tetragon.btf | string | `""` | | diff --git a/install/kubernetes/tetragon/README.md b/install/kubernetes/tetragon/README.md index 243fe263272..7af3749493a 100644 --- a/install/kubernetes/tetragon/README.md +++ b/install/kubernetes/tetragon/README.md @@ -51,6 +51,8 @@ Helm chart for Tetragon | serviceAccount.annotations | object | `{}` | | | serviceAccount.create | bool | `true` | | | serviceAccount.name | string | `""` | | +| serviceAnnotations | object | `{}` | | +| serviceLabels | object | `{}` | | | serviceLabelsOverride | object | `{}` | | | tetragon.argsOverride | list | `[]` | Override the arguments. For advanced users only. | | tetragon.btf | string | `""` | | diff --git a/install/kubernetes/tetragon/templates/service.yaml b/install/kubernetes/tetragon/templates/service.yaml index 9af54e4ea05..a2562b20491 100644 --- a/install/kubernetes/tetragon/templates/service.yaml +++ b/install/kubernetes/tetragon/templates/service.yaml @@ -3,12 +3,19 @@ apiVersion: v1 kind: Service metadata: + {{- with .Values.serviceAnnotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} labels: {{- with .Values.serviceLabelsOverride}} {{- toYaml . | nindent 4 }} {{- else }} {{- include "tetragon.labels" . | nindent 4 }} {{- end }} + {{- with .Values.serviceLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} name: {{ include "tetragon.name" . }} namespace: {{ .Release.Namespace }} spec: diff --git a/install/kubernetes/tetragon/values.yaml b/install/kubernetes/tetragon/values.yaml index a3e1eb69703..488b18be131 100644 --- a/install/kubernetes/tetragon/values.yaml +++ b/install/kubernetes/tetragon/values.yaml @@ -9,6 +9,7 @@ serviceAccount: annotations: {} name: "" podAnnotations: {} +serviceAnnotations: {} podSecurityContext: {} nodeSelector: {} tolerations: @@ -20,6 +21,7 @@ daemonSetAnnotations: {} extraVolumes: [] updateStrategy: {} podLabels: {} +serviceLabels: {} daemonSetLabelsOverride: {} selectorLabelsOverride: {} podLabelsOverride: {}