feat: Ability to specify annotations for jobs (#302)

* feat: Ability to specify annotations for jobs

Signed-off-by: TannerGabriel <gabrieltanner.code@gmail.com>

* Annotations documentation

Signed-off-by: TannerGabriel <gabrieltanner.code@gmail.com>

* Update feature documentation

Signed-off-by: TannerGabriel <gabrieltanner.code@gmail.com>

docs/FEATURES.md

@@ -1,28 +1,34 @@
 
 ## Features
 
-- [Features](#Features)
-    - [Getting started](#getting-started)
-    - [Specifying the working directory](#specifying-the-working-directory)
-    - [Event Matching](#event-matching)
-    - [Kubernetes Job](#kubernetes-job)
-    - [Kubernetes Job Environment Variables](#kubernetes-job-environment-variables)
-        - [From Events](#from-events)
-        - [From Kubernetes Secrets](#from-kubernetes-secrets)
-        - [From String Literal](#from-string-literal)
-    - [File Handling](#file-handling)
-    - [Silent mode](#silent-mode)
-    - [Resource quotas](#resource-quotas)
-    - [Poll duration](#poll-duration)
-    - [Job namespace](#job-namespace)
-    - [Job security context](#job-security-context)
-    - [Job image pull policy](#job-image-pull-policy)
-    - [Job service account](#job-service-account)
-    - [Restrict job images](#restrict-job-images)
-    - [Limit network access](#limit-network-access)
-    - [Additional Event Data](#additional-event-data)
-    - [Remote Control Plane](#remote-control-plane)
-    - [Job clean-up](#job-clean-up)
+- [Features](#features)
+  - [Getting started](#getting-started)
+  - [Specifying the working directory](#specifying-the-working-directory)
+  - [Event Matching](#event-matching)
+  - [Kubernetes Job](#kubernetes-job)
+  - [Kubernetes Job Environment Variables](#kubernetes-job-environment-variables)
+    - [From Events](#from-events)
+    - [From Kubernetes Secrets](#from-kubernetes-secrets)
+    - [From String Literal](#from-string-literal)
+  - [File Handling](#file-handling)
+  - [Silent mode](#silent-mode)
+  - [Resource quotas](#resource-quotas)
+  - [Poll duration](#poll-duration)
+  - [Job namespace](#job-namespace)
+  - [Specify annotations for Job](#specify-annotations-for-job)
+  - [Job security context](#job-security-context)
+  - [Job Image Pull Policy](#job-image-pull-policy)
+  - [Job service account](#job-service-account)
+  - [Restrict job images](#restrict-job-images)
+  - [Limit network access](#limit-network-access)
+    - [Enabling the network-policies when installing/upgrading job-executor-service](#enabling-the-network-policies-when-installingupgrading-job-executor-service)
+      - [Ingress policy](#ingress-policy)
+      - [Egress policy](#egress-policy)
+    - [Network policy for jobs](#network-policy-for-jobs)
+  - [Send start/finished event if the job config.yaml can't be found](#send-startfinished-event-if-the-job-configyaml-cant-be-found)
+  - [Additional Event Data](#additional-event-data)
+  - [Remote Control Plane](#remote-control-plane)
+  - [Job clean-up](#job-clean-up)
 
 
 ### Getting started
@@ -425,6 +431,19 @@ tasks:
     namespace: carts
 ```
 
+### Specify annotations for Job
+
+Custom annotations can be added to Job definitions which can be used by third-party tools to inject secrets into jobs or execute other functionality on jobs.
+
+```yaml
+tasks:
+  - name: "Greet the world"
+    ...
+    annotations:
+      - key1: value1
+      - key2: value2
+```
+
 ### Job security context
 
 By default the jobs will use the default security context, which was specified at the time of the installation of the 

pkg/config/config.go

@@ -39,20 +39,21 @@ type JSONPath struct {
 
 // Task this is the actual task which can be triggered within an Action
 type Task struct {
-	Name                    string          `yaml:"name"`
-	Files                   []string        `yaml:"files"`
-	Image                   string          `yaml:"image"`
-	ImagePullPolicy         string          `yaml:"imagePullPolicy"`
-	Cmd                     []string        `yaml:"cmd"`
-	Args                    []string        `yaml:"args"`
-	Env                     []Env           `yaml:"env"`
-	Resources               *Resources      `yaml:"resources"`
-	WorkingDir              string          `yaml:"workingDir"`
-	MaxPollDuration         *int            `yaml:"maxPollDuration"`
-	Namespace               string          `yaml:"namespace"`
-	TTLSecondsAfterFinished *int32          `yaml:"ttlSecondsAfterFinished"`
-	SecurityContext         SecurityContext `yaml:"securityContext,omitempty"`
-	ServiceAccount          *string         `yaml:"serviceAccount,omitempty"`
+	Name                    string            `yaml:"name"`
+	Files                   []string          `yaml:"files"`
+	Image                   string            `yaml:"image"`
+	ImagePullPolicy         string            `yaml:"imagePullPolicy"`
+	Cmd                     []string          `yaml:"cmd"`
+	Args                    []string          `yaml:"args"`
+	Env                     []Env             `yaml:"env"`
+	Resources               *Resources        `yaml:"resources"`
+	WorkingDir              string            `yaml:"workingDir"`
+	MaxPollDuration         *int              `yaml:"maxPollDuration"`
+	Namespace               string            `yaml:"namespace"`
+	TTLSecondsAfterFinished *int32            `yaml:"ttlSecondsAfterFinished"`
+	SecurityContext         SecurityContext   `yaml:"securityContext,omitempty"`
+	ServiceAccount          *string           `yaml:"serviceAccount,omitempty"`
+	Annotations             map[string]string `yaml:"annotations,omitempty"`
 }
 
 // Env value from the event which will be added as env to the job

pkg/k8sutils/job.go

@@ -200,9 +200,10 @@ func (k8s *K8sImpl) CreateK8sJob(
 
 	jobSpec := &batchv1.Job{
 		ObjectMeta: metav1.ObjectMeta{
-			Name:      jobName,
-			Namespace: namespace,
-			Labels:    mergedJobLabels,
+			Name:        jobName,
+			Namespace:   namespace,
+			Labels:      mergedJobLabels,
+			Annotations: task.Annotations,
 		},
 		Spec: batchv1.JobSpec{
 			Template: v1.PodTemplateSpec{

pkg/k8sutils/job_test.go

@@ -1254,6 +1254,68 @@ func TestK8sImpl_CreateK8sJobWithUserDefinedLabels(t *testing.T) {
 	assert.Equal(t, expectedLabels, job.Labels)
 }
 
+func TestK8sImpl_CreateK8sJobWithUserDefinedAnnotations(t *testing.T) {
+	k8sClientSet := k8sfake.NewSimpleClientset()
+	k8s := K8sImpl{clientset: k8sClientSet}
+
+	userDefinedAnnotation := map[string]string{
+		"TestKey": "TestValue",
+		"SomeKey": "Some Value",
+	}
+
+	eventData := keptnv2.EventData{
+		Project: "sockshop",
+		Stage:   "dev",
+		Service: "carts",
+	}
+
+	var event map[string]interface{}
+	err := json.Unmarshal([]byte(testTriggeredEvent), &event)
+	require.NoError(t, err)
+
+	err = k8s.CreateK8sJob(
+		"job-1-2-3-1",
+		JobDetails{
+			Action: &config.Action{
+				Name: "Test Action",
+			},
+			Task: &config.Task{
+				Name:        "Test Job",
+				Image:       "alpine",
+				Cmd:         []string{"ls"},
+				Annotations: userDefinedAnnotation,
+			},
+			ActionIndex:   0,
+			TaskIndex:     0,
+			JobConfigHash: "",
+		},
+		&eventData,
+		JobSettings{
+			JobNamespace: testNamespace,
+			DefaultResourceRequirements: &corev1.ResourceRequirements{
+				Limits:   make(corev1.ResourceList),
+				Requests: make(corev1.ResourceList),
+			},
+			DefaultPodSecurityContext: new(corev1.PodSecurityContext),
+			DefaultSecurityContext:    new(corev1.SecurityContext),
+			JesDeploymentName:         "job-executor-service",
+		},
+		event,
+		testNamespace,
+	)
+	require.NoError(t, err)
+
+	job, err := k8sClientSet.BatchV1().Jobs(testNamespace).Get(context.TODO(), "job-1-2-3-1", metav1.GetOptions{})
+	require.NoError(t, err)
+
+	expectedAnnotations := map[string]string{}
+	for key, value := range userDefinedAnnotation {
+		expectedAnnotations[key] = value
+	}
+
+	assert.Equal(t, userDefinedAnnotation, job.Annotations)
+}
+
 func TestK8sImpl_CreateK8sJobPodLabels(t *testing.T) {
 	k8sClientSet := k8sfake.NewSimpleClientset()
 	k8s := K8sImpl{clientset: k8sClientSet}