Annotations and Labels
KubeRocketCI uses labels to interact with various resources in a Kubernetes cluster. This guide details the resources, annotations, and labels used by the platform to streamline operations, enhance monitoring, and enforce governance.
Labels​
The table below contains all the labels used in KubeRocketCI:
| Label Key | Target Resources | Possible Values | Description |
|---|---|---|---|
| app.edp.epam.com/secret-type | Secrets | jira, nexus, sonar, defectdojo, dependency-track,repository | Identifies the type of the secret. |
| app.edp.epam.com/integration-secret | Secrets | true | Indicates if the secret is used for integration. |
| app.edp.epam.com/integration | Codebase | codemie | Indicates that the codebase should be integrated with Codemie. When applied, the Codemie operator reconciles the codebase and creates a Codemie Application. |
| app.edp.epam.com/codebase | PipelineRun, CodebaseImageStream | <codebase_name> | Identifies the codebase associated with the PipelineRun and CodebaseImageStream. |
| app.edp.epam.com/codebasebranch | PipelineRun, CodebaseImageStream | <codebasebranch_name> | Identifies the codebase branch associated with the PipelineRun and CodebaseImageStream. |
| app.edp.epam.com/pipeline | PipelineRun, TaskRun | <environment_name> | Used by the KubeRocketCI to display autotests' status (on Deploy environment) |
| app.edp.epam.com/triggertemplate | Pipeline, PipelineRun | <triggertemplate_name> | Allows to pull default parameters from the TriggerTemplate resource. |
| app.edp.epam.com/pipelinetype | Pipeline, PipelineRun, TaskRun | autotestRunner, build, review, deploy, clean | Identifies the Pipeline type. |
| app.edp.epam.com/parentPipelineRun | PipelineRun | <cd-pipeline-autotest-runner-name> | Used by the KubeRocketCI to display autotests' status (on Deploy environment) |
| app.edp.epam.com/stage | PipelineRun, TaskRun | <stage_name> | Used by the KubeRocketCI to display autotests' status (on Deploy environment) |
| app.edp.epam.com/branch | PipelineRun | <branch_name> | Identifies the branch associated with the PipelineRun. |
| app.edp.epam.com/codebaseType | Codebase | system,application | Identifies the type of the codebase. |
| app.edp.epam.com/systemType | Codebase | gitops | Identifies system repositories. |
| app.edp.epam.com/gitServer | Ingress | <gitServer_name> | Identifies the ingress associated with the Git Server. |
| app.edp.epam.com/cdpipeline | PipelineRun, TaskRun | <cdpipeline> | Identifies Deployment Flow associated with the Pipeline Run. |
| app.edp.epam.com/cdstage | PipelineRun, TaskRun | <cd_stage_name> | Identifies Environment associated with the Pipeline Run. |
| app.edp.epam.com/edit-protection | Codebase, CodebaseBranch, CDPipeline, Stage | delete-update, delete, update | When applied to a resource, protects a resource from deletion and/or modification. |
Labels Usage in Secrets​
The table below shows what labels are used by specific secrets:
| Secret Name | Labels |
|---|---|
| ci-argocd | app.edp.epam.com/integration-secret=true app.edp.epam.com/secret-type=argocd |
| ci-defectdojo | app.edp.epam.com/integration-secret=true app.edp.epam.com/secret-type=defectdojo |
| ci-dependency-track | app.edp.epam.com/integration-secret=true app.edp.epam.com/secret-type=dependency-track |
| ci-jira | app.edp.epam.com/secret-type=jira |
| ci-nexus | app.edp.epam.com/integration-secret=true app.edp.epam.com/secret-type=nexus |
| ci-sonarqube | app.edp.epam.com/integration-secret=true app.edp.epam.com/secret-type=sonar |
| gerrit-ciuser-sshkey | app.edp.epam.com/secret-type=repository |
| kaniko-docker-config | app.edp.epam.com/integration-secret=true app.edp.epam.com/secret-type=registry |
| regcred | app.edp.epam.com/integration-secret=true app.edp.epam.com/secret-type=registry |
Labels Usage in Tekton Pipeline Runs​
The table below displays what labels are used in specific Tekton pipelines:
| PipelineRun | Labels |
|---|---|
| review-pipeline | app.edp.epam.com/codebase: <codebase_name> app.edp.epam.com/codebasebranch: <codebase_name>-<branch_name>app.edp.epam.com/pipelinetype: review |
| build-pipeline | app.edp.epam.com/codebase: <codebase_name> app.edp.epam.com/codebasebranch: <codebase_name>-<branch_name>app.edp.epam.com/pipelinetype: build |
| autotest-runner-pipeline | app.edp.epam.com/pipeline: <pipeline_name>app.edp.epam.com/pipelinetype: autotestRunner app.edp.epam.com/stage: <stage> |
| autotest-pipeline | app.edp.epam.com/branch: <branch>app.edp.epam.com/codebase: <codebase_name>app.edp.epam.com/parentPipelineRun: <cd_pipeline>-<stage>app.edp.epam.com/pipeline: <cd_pipeline>app.edp.epam.com/stage: <stage> |
| deploy | app.edp.epam.com/cdpipeline: <cd_pipeline>app.edp.epam.com/cdstage: <cd_stage_name>app.edp.epam.com/pipelinetype: deploy |
| clean | app.edp.epam.com/cdpipeline: <cd_pipeline>app.edp.epam.com/cdstage: <cd_stage_name>app.edp.epam.com/pipelinetype: clean |
Pipeline Usage Example​
To demonstrate label usage in the Tekton pipelines, find below some KubeRocketCI resource examples:
Codebase specification
metadata:
...
name: demo
...
spec:
...
defaultBranch: main
type: application
framework: react
lang: javascript
...
CD Pipeline specification
spec:
...
applications:
- demo
inputDockerStreams:
- demo-main
name: mypipe
...
Stage specification
spec:
...
cdPipeline: mypipe
name: dev
namespace: krci-delivery-ms-delivery-dev-mypipe-dev
qualityGates:
- autotestName: autotests
branchName: master
qualityGateType: autotests
stepName: autotest
...
The table below shows all the pipelines associated with the demo codebase:
| Pipeline Name | Type | Labels |
|---|---|---|
| gerrit-npm-react-app-review | Review | app.edp.epam.com/codebase: demo app.edp.epam.com/codebasebranch: demo-main app.edp.epam.com/pipelinetype: review |
| gerrit-npm-react-app-build-default | Build | app.edp.epam.com/codebase: demo app.edp.epam.com/codebasebranch: demo-main app.edp.epam.com/pipelinetype: build |
| autotest-runner | Deploy | app.edp.epam.com/pipeline: mypipe app.edp.epam.com/pipelinetype: autotestRunner app.edp.epam.com/stage: dev |
| autotests-gradle, autotests-maven | Deploy | app.edp.epam.com/branch: master app.edp.epam.com/codebase: autotests app.edp.epam.com/parentPipelineRun: mypipe-dev-hash app.edp.epam.com/pipeline: mypipe app.edp.epam.com/stage: dev |
| deploy | Deploy | app.edp.epam.com/cdpipeline: deploy app.edp.epam.com/cdstage: deploy-dev app.edp.epam.com/pipelinetype: deploy |
| clean | Clean | app.edp.epam.com/cdpipeline: deploy app.edp.epam.com/cdstage: deploy-dev app.edp.epam.com/pipelinetype: clean |
The list of all the tasks associated with the demo codebase is presented below:
| Task Name | Labels |
|---|---|
| init-autotest | app.edp.epam.com/pipeline: mypipe app.edp.epam.com/pipelinetype: autotestRunner app.edp.epam.com/stage: dev |
| run-autotest | app.edp.epam.com/branch: master app.edp.epam.com/codebase: autotests app.edp.epam.com/parentPipelineRun: mypipe-dev-hash app.edp.epam.com/pipeline: mypipe app.edp.epam.com/stage: dev |
| wait-for-autotests | app.edp.epam.com/pipeline: mypipe app.edp.epam.com/pipelinetype: autotestRunner app.edp.epam.com/stage: dev |
| promote-images | app.edp.epam.com/pipeline: mypipe app.edp.epam.com/pipelinetype: autotestRunner app.edp.epam.com/stage: dev |