You are reading the documentation for an outdated Corteza release. 2024.9 is the latest stable Corteza release.

Resource Labels

A resource label is a simple, arbitrary key-value structure that we can use to enrich resources. You can use labels for things like categorization, resource grouping, and marking federated resources.

Supported resources:
  • Users

  • Roles

  • Compose namespace

  • Compose page

  • Compose chart

  • Compose module

  • Compose module field

  • Compose record

Core logic

Resource labels are flexible and compatible with any Corteza resource. However, if we want a resource to use resource labels, it must conform to the pkg/label.LabeledResource interface.

The core logic that works with the centralized label store is implemented in a dedicated package (pkg/label). Therefore, services can trivially include the package into the request cycle.

Use the system/user (system/service/user.go) service as a reference.

Resource labels are defined by a simple key-value structure (pkg/label/types.Label):
Label struct {
  // Kind of the labelled resource
  Kind string

  // ID of the labelled resource
  ResourceID uint64

  // Other parameters
  // ...
}

Resource labels define a simple key-value structure to simplify the underlying logic for label management.

The simple structure also helps us not to abuse the feature.

Resource label structure

Resource labels define a simple key: value structure:
key

The label key is a simple string that is limited to 512 characters. Keys are unique per specific resources (a resource can have a single value for the given key).

The key must pass this regular expression: ^[A-Za-z][0-9A-Za-z_\-.]\*[A-Za-z0-9]$

value

The label values is a regular string value with no other constraints.

Assigning labels

When a label is provided, the resource must support the following cases:
  • If the label parameter is empty, remove all labels from the given resource.

  • If the label parameter is not empty, remove missing labels and add new labels.

If the label parameter is not provided, no modifications are performed.

Retrieving resources

The resource must support the following cases:
  • Existence filter: collect the resources where the key exists.

  • !Existence filter: collect the resources where the key does not exist.

  • Key-value filter: collect the resources where the key exists and the value matches.

Access control

Label access control is inherited from resource access control; resource labels do not put any additional access control.

Access control:
  • Read access inherits the resource’s read operation.

  • Create access inherits the resource’s create operation.

  • Update access inherits the resource’s update operation.

  • Delete access inherits the resource’s delete operation.

Note on deleting

In most cases, Corteza performs a soft-delete. For simplicity on the implementation, labels do not support soft delete.

When a resource is deleted, related labels remain unchanged to cover cases where we restore it.