[feature] Parameterize namespace in CCM, CAPI, CDD manifests; Add docs for PodMonitor manifests

charts/helm_lib/Chart.yaml

@@ -1,5 +1,5 @@
 apiVersion: v2
 type: library
 name: deckhouse_lib_helm
-version: 1.71.6
+version: 1.71.7
 description: "Helm utils template definitions for Deckhouse modules."

charts/helm_lib/README.md

@@ -38,6 +38,7 @@
 | [helm_lib_cloud_controller_manager_manifests](#helm_lib_cloud_controller_manager_manifests) |
 | **Cloud Data Discoverer** |
 | [helm_lib_cloud_data_discoverer_manifests](#helm_lib_cloud_data_discoverer_manifests) |
+| [helm_lib_cloud_data_discoverer_pod_monitor](#helm_lib_cloud_data_discoverer_pod_monitor) |
 | **Csi Controller** |
 | [helm_lib_csi_image_with_common_fallback](#helm_lib_csi_image_with_common_fallback) |
 | **Dns Policy** |
@@ -489,6 +490,7 @@ list:
  Includes Deployment, VerticalPodAutoscaler (optional) and PodDisruptionBudget (optional). 
  Supported configuration parameters: 
  + fullname (required) — resource base name used for Deployment, PDB, VPA, and by default for the main container name. 
+ + namespace (optional, default: `d8-{{ $context.Chart.Name }}`) — resource base namespace. 
  + image (required) — image for the main container. 
  + capiProviderName (required) — value for the cluster.x-k8s.io/provider label in selectors and pod labels. 
  + resources (optional, default: `{cpu: 25m, memory: 50Mi}`) — main container resource requests used when VPA is disabled. 
@@ -535,6 +537,7 @@ list:
  Includes Deployment, VerticalPodAutoscaler (optional), PodDisruptionBudget (optional), and SecurityPolicyException (optional). 
  Supported configuration parameters: 
  + fullname (optional, default: `"cloud-controller-manager"`) — resource base name used for Deployment, PDB, VPA, SecurityPolicyException, and the main container name by default. 
+ + namespace (optional, default: `d8-{{ $context.Chart.Name }}`) — resource base namespace. 
  + image (required) — image for the main container. 
  + resources (optional, default: `{cpu: 25m, memory: 50Mi}`) — main container resource requests used when VPA is disabled. 
  + priorityClassName (optional, default: `"system-cluster-critical"`) — Pod priority class name. 
@@ -579,6 +582,7 @@ list:
  Includes Deployment, VerticalPodAutoscaler (optional) and PodDisruptionBudget (optional). 
  Supported configuration parameters: 
  + fullname (optional, default: `"cloud-data-discoverer"`) — resource base name used for Deployment, PDB, VPA, and the main container name by default. 
+ + namespace (optional, default: `d8-{{ $context.Chart.Name }}`) — resource base namespace. 
  + image (required) — image for the main container. 
  + resources (optional, default: `{cpu: 25m, memory: 50Mi}`) — main container resource requests used when VPA is disabled. 
  + replicas (optional, default: `1`) — number of Deployment replicas. 
@@ -613,6 +617,20 @@ list:
 -  Template context with .Values, .Chart, etc. 
 -  Configuration dict for the Cloud Data Discoverer. 
 
+
+### helm_lib_cloud_data_discoverer_pod_monitor
+
+ Renders PodMonitor manifest for provider-specific Cloud Data Discoverers. 
+ Supported configuration parameters: 
+ + fullname (optional, default: `"cloud-data-discoverer"`) — PodMonitor base name. 
+ + targetNamespace (required) — target pod namespace for selector. 
+ + additionalRelabelings (optional, default: `[]`) — additional rules for labels rewriting. 
+
+#### Usage
+
+`{{ include "helm_lib_cloud_data_discoverer_pod_monitor" (list . $config) }} `
+
+
 ## Csi Controller
 
 ### helm_lib_csi_image_with_common_fallback

charts/helm_lib/templates/_capi_controller_manager.tpl

@@ -29,6 +29,7 @@ periodSeconds: 10
 {{- /* Includes Deployment, VerticalPodAutoscaler (optional) and PodDisruptionBudget (optional). */ -}}
 {{- /* Supported configuration parameters: */ -}}
 {{- /* + fullname (required) — resource base name used for Deployment, PDB, VPA, and by default for the main container name. */ -}}
+{{- /* + namespace (optional, default: `d8-{{ $context.Chart.Name }}`) — resource base namespace. */ -}}
 {{- /* + image (required) — image for the main container. */ -}}
 {{- /* + capiProviderName (required) — value for the cluster.x-k8s.io/provider label in selectors and pod labels. */ -}}
 {{- /* + resources (optional, default: `{cpu: 25m, memory: 50Mi}`) — main container resource requests used when VPA is disabled. */ -}}
@@ -61,6 +62,7 @@ periodSeconds: 10
   {{- $config := index . 1 -}} {{- /* Configuration dict for the CAPI Controller Manager. */ -}}
 
   {{- $fullname := required "helm_lib_capi_controller_manager_manifests: fullname is required" $config.fullname -}}
+  {{- $namespace := dig "namespace" (printf "d8-%s" $context.Chart.Name) $config -}}
   {{- $image := required "helm_lib_capi_controller_manager_manifests: image is required" $config.image -}}
   {{- $capiProviderName := required "helm_lib_capi_controller_manager_manifests: $capiProviderName is required" $config.capiProviderName -}}
   {{- $resources := dig "resources" (include "capi_controller_manager_resources" $context | fromYaml) $config -}}
@@ -95,7 +97,7 @@ apiVersion: autoscaling.k8s.io/v1
 kind: VerticalPodAutoscaler
 metadata:
   name: {{ $fullname }}
-  namespace: d8-{{ $context.Chart.Name }}
+  namespace: {{ $namespace }}
   {{- include "helm_lib_module_labels" (list $context (dict "app" $fullname)) | nindent 2 }}
 spec:
   targetRef:
@@ -119,7 +121,7 @@ apiVersion: policy/v1
 kind: PodDisruptionBudget
 metadata:
   name: {{ $fullname }}
-  namespace: d8-{{ $context.Chart.Name }}
+  namespace: {{ $namespace }}
   {{- include "helm_lib_module_labels" (list $context (dict "app" $fullname)) | nindent 2 }}
 spec:
   maxUnavailable: {{ $pdbMaxUnavailable }}
@@ -133,7 +135,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: {{ $fullname }}
-  namespace: d8-{{ $context.Chart.Name }}
+  namespace: {{ $namespace }}
   {{- include "helm_lib_module_labels" (list $context (dict "app" $fullname)) | nindent 2 }}
 spec:
   {{- include "helm_lib_deployment_on_master_strategy_and_replicas_for_ha" $context | nindent 2 }}

charts/helm_lib/templates/_cloud_controller_manager.tpl

@@ -29,6 +29,7 @@ httpGet:
 {{- /* Includes Deployment, VerticalPodAutoscaler (optional), PodDisruptionBudget (optional), and SecurityPolicyException (optional). */ -}}
 {{- /* Supported configuration parameters: */ -}}
 {{- /* + fullname (optional, default: `"cloud-controller-manager"`) — resource base name used for Deployment, PDB, VPA, SecurityPolicyException, and the main container name by default. */ -}}
+{{- /* + namespace (optional, default: `d8-{{ $context.Chart.Name }}`) — resource base namespace. */ -}}
 {{- /* + image (required) — image for the main container. */ -}}
 {{- /* + resources (optional, default: `{cpu: 25m, memory: 50Mi}`) — main container resource requests used when VPA is disabled. */ -}}
 {{- /* + priorityClassName (optional, default: `"system-cluster-critical"`) — Pod priority class name. */ -}}
@@ -59,6 +60,7 @@ httpGet:
   {{- $config := index . 1 -}} {{- /* Configuration dict for the Cloud Controller Manager. */ -}}
 
   {{- $fullname := dig "fullname" "cloud-controller-manager" $config }}
+  {{- $namespace := dig "namespace" (printf "d8-%s" $context.Chart.Name) $config -}}
   {{- $image := $config.image | required "image is required" }}
   {{- $resources := dig "resources" (include "cloud_controller_manager_resources" $context | fromYaml) $config }}
   {{- $priorityClassName := dig "priorityClassName" "system-cluster-critical" $config }}
@@ -91,7 +93,7 @@ apiVersion: autoscaling.k8s.io/v1
 kind: VerticalPodAutoscaler
 metadata:
   name: {{ $fullname }}
-  namespace: d8-{{ $context.Chart.Name }}
+  namespace: {{ $namespace }}
   {{- include "helm_lib_module_labels" (list $context (dict "app" $fullname)) | nindent 2 }}
 spec:
   targetRef:
@@ -115,7 +117,7 @@ apiVersion: policy/v1
 kind: PodDisruptionBudget
 metadata:
   name: {{ $fullname }}
-  namespace: d8-{{ $context.Chart.Name }}
+  namespace: {{ $namespace }}
   {{- include "helm_lib_module_labels" (list $context (dict "app" $fullname)) | nindent 2 }}
   {{- with $additionalPDBAnnotations }}
   annotations:
@@ -133,7 +135,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: {{ $fullname }}
-  namespace: d8-{{ $context.Chart.Name }}
+  namespace: {{ $namespace }}
   {{- include "helm_lib_module_labels" (list $context (dict "app" $fullname)) | nindent 2 }}
 spec:
   {{- include "helm_lib_deployment_on_master_strategy_and_replicas_for_ha" $context | nindent 2 }}
@@ -225,7 +227,7 @@ apiVersion: deckhouse.io/v1alpha1
 kind: SecurityPolicyException
 metadata:
   name: {{ $fullname }}
-  namespace: d8-{{ $context.Chart.Name }}
+  namespace: {{ $namespace }}
 spec:
   {{- if $hostNetwork }}
   network:

charts/helm_lib/templates/_cloud_data_discoverer.tpl

@@ -27,6 +27,7 @@ httpGet:
 {{- /* Includes Deployment, VerticalPodAutoscaler (optional) and PodDisruptionBudget (optional). */ -}}
 {{- /* Supported configuration parameters: */ -}}
 {{- /* + fullname (optional, default: `"cloud-data-discoverer"`) — resource base name used for Deployment, PDB, VPA, and the main container name by default. */ -}}
+{{- /* + namespace (optional, default: `d8-{{ $context.Chart.Name }}`) — resource base namespace. */ -}}
 {{- /* + image (required) — image for the main container. */ -}}
 {{- /* + resources (optional, default: `{cpu: 25m, memory: 50Mi}`) — main container resource requests used when VPA is disabled. */ -}}
 {{- /* + replicas (optional, default: `1`) — number of Deployment replicas. */ -}}
@@ -55,6 +56,7 @@ httpGet:
   {{- $config := index . 1 -}} {{- /* Configuration dict for the Cloud Data Discoverer. */ -}}
 
   {{- $fullname := dig "fullname" "cloud-data-discoverer" $config -}}
+  {{- $namespace := dig "namespace" (printf "d8-%s" $context.Chart.Name) $config -}}
   {{- $image := required "helm_lib_cloud_data_discoverer_manifests: image is required" $config.image -}}
   {{- $resources := dig "resources" (include "cloud_data_discoverer_resources" $context | fromYaml) $config -}}
   {{- $replicas := dig "replicas" 1 $config -}}
@@ -85,7 +87,7 @@ apiVersion: autoscaling.k8s.io/v1
 kind: VerticalPodAutoscaler
 metadata:
   name: {{ $fullname }}
-  namespace: d8-{{ $context.Chart.Name }}
+  namespace: {{ $namespace }}
   {{- include "helm_lib_module_labels" (list $context (dict "app" $fullname)) | nindent 2 }}
 spec:
   targetRef:
@@ -110,7 +112,7 @@ apiVersion: policy/v1
 kind: PodDisruptionBudget
 metadata:
   name: {{ $fullname }}
-  namespace: d8-{{ $context.Chart.Name }}
+  namespace: {{ $namespace }}
   {{- include "helm_lib_module_labels" (list $context (dict "app" $fullname)) | nindent 2 }}
 spec:
   maxUnavailable: {{ $pdbMaxUnavailable }}
@@ -124,7 +126,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: {{ $fullname }}
-  namespace: d8-{{ $context.Chart.Name }}
+  namespace: {{ $namespace }}
   {{- include "helm_lib_module_labels" (list $context (dict "app" $fullname)) | nindent 2 }}
 spec:
   replicas: {{ $replicas }}
@@ -219,7 +221,7 @@ spec:
                 path: /
                 authorization:
                   resourceAttributes:
-                    namespace: d8-{{ $context.Chart.Name }}
+                    namespace: {{ $namespace }}
                     apiGroup: apps
                     apiVersion: v1
                     resource: deployments
@@ -249,6 +251,11 @@ spec:
 
 
 {{- /* Usage: {{ include "helm_lib_cloud_data_discoverer_pod_monitor" (list . $config) }} */ -}}
+{{- /* Renders PodMonitor manifest for provider-specific Cloud Data Discoverers. */ -}}
+{{- /* Supported configuration parameters: */ -}}
+{{- /* + fullname (optional, default: `"cloud-data-discoverer"`) — PodMonitor base name. */ -}}
+{{- /* + targetNamespace (required) — target pod namespace for selector. */ -}}
+{{- /* + additionalRelabelings (optional, default: `[]`) — additional rules for labels rewriting. */ -}}
 {{- define "helm_lib_cloud_data_discoverer_pod_monitor" -}}
   {{- $context := index . 0 -}}
   {{- $config := index . 1 -}}

tests/tests/helm_lib_capi_controller_manager_test.yaml

@@ -171,6 +171,27 @@ tests:
           name: capz-controller-manager
           namespace: d8-test-module
 
+  - it: renders custom namespace
+    set:
+      global:
+        modules:
+          placement: {}
+        enabledModules: []
+        discovery:
+          d8SpecificNodeCountByRole: {}
+      _testvalues:
+        fullname: capz-controller-manager
+        namespace: d8-cloud-provider-example
+        image: controllerImage
+        capiProviderName: infrastructure-zvirt
+    documentSelector:
+      path: kind
+      value: Deployment
+    asserts:
+      - equal:
+          path: metadata.namespace
+          value: d8-cloud-provider-example
+
   - it: renders custom PDB maxUnavailable
     set:
       global:

tests/tests/helm_lib_cloud_controller_manager_test.yaml

@@ -104,6 +104,32 @@ tests:
           path: spec.template.spec.containers[0].resources.requests.memory
           value: 50Mi
 
+  - it: renders custom namespace
+    set:
+      global:
+        modules:
+          placement: {}
+        enabledModules: []
+        clusterIsBootstrapped: true
+        discovery:
+          d8SpecificNodeCountByRole: {}
+        modulesImages:
+          registry:
+            base: deckhouse.io/deckhouse/ce
+          digests:
+            common:
+              kubeRbacProxy: kubeRbacProxyDigest
+      _testvalues:
+        image: controllerImage
+        namespace: d8-cloud-provider-example
+    documentSelector:
+      path: kind
+      value: Deployment
+    asserts:
+      - equal:
+          path: metadata.namespace
+          value: d8-cloud-provider-example
+
   - it: renders custom liveness and readiness probes
     set:
       global:

tests/tests/helm_lib_cloud_data_discoverer_test.yaml

@@ -132,6 +132,32 @@ tests:
       - notExists:
           path: spec.template.spec.volumes
 
+  - it: renders custom namespace
+    set:
+      global:
+        modules:
+          placement: {}
+        enabledModules: []
+        clusterIsBootstrapped: true
+        discovery:
+          d8SpecificNodeCountByRole: {}
+        modulesImages:
+          registry:
+            base: deckhouse.io/deckhouse/ce
+          digests:
+            common:
+              kubeRbacProxy: kubeRbacProxyDigest
+      _testvalues:
+        image: controllerImage
+        namespace: d8-cloud-provider-example
+    documentSelector:
+      path: kind
+      value: Deployment
+    asserts:
+      - equal:
+          path: metadata.namespace
+          value: d8-cloud-provider-example
+
   - it: renders custom liveness and readiness probes
     set:
       global: