From 63d0ca8879edad50321be9f9a92aa9a25073d4be Mon Sep 17 00:00:00 2001 From: Erik Godding Boye Date: Tue, 14 Nov 2023 10:43:51 +0100 Subject: [PATCH] chore(helm): allow CRDs to be templated with Helm --- .gitattributes | 1 - Makefile | 5 +++- charts/accurate/MIGRATION.md | 2 +- charts/accurate/README.md | 26 ++++++++++++++++--- .../generated/crds.yaml} | 5 ++++ charts/accurate/values.yaml | 2 ++ .../common-labels/kustomization.yaml | 8 ++++++ .../common-labels}/label-transformer.yaml | 0 .../overlays/crds/kustomization.yaml | 3 +++ .../overlays/templates/kustomization.yaml | 7 ++--- 10 files changed, 47 insertions(+), 12 deletions(-) rename charts/accurate/{crds/accurate.cybozu.com_subnamespaces.yaml => templates/generated/crds.yaml} (96%) create mode 100644 config/kustomize-to-helm/components/common-labels/kustomization.yaml rename config/kustomize-to-helm/{overlays/templates => components/common-labels}/label-transformer.yaml (100%) diff --git a/.gitattributes b/.gitattributes index 916467d..bc81144 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,4 +1,3 @@ -charts/accurate/crds/* linguist-generated=true charts/accurate/templates/generated/* linguist-generated=true config/crd/bases/* linguist-generated=true config/rbac/role.yaml linguist-generated=true diff --git a/Makefile b/Makefile index 002e15e..21c62cf 100644 --- a/Makefile +++ b/Makefile @@ -42,10 +42,13 @@ help: ## Display this help. ##@ Development +HELM_CRDS_FILE := charts/accurate/templates/generated/crds.yaml .PHONY: manifests manifests: setup ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects. controller-gen $(CRD_OPTIONS) rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=config/crd/bases - kustomize build config/kustomize-to-helm/overlays/crds | yq e "." -p yaml - > charts/accurate/crds/accurate.cybozu.com_subnamespaces.yaml + echo '{{- if .Values.installCRDs }}' > $(HELM_CRDS_FILE) + kustomize build config/kustomize-to-helm/overlays/crds | yq e "." -p yaml - >> $(HELM_CRDS_FILE) + echo '{{- end }}' >> $(HELM_CRDS_FILE) kustomize build config/kustomize-to-helm/overlays/templates | yq e "." -p yaml - > charts/accurate/templates/generated/generated.yaml .PHONY: generate diff --git a/charts/accurate/MIGRATION.md b/charts/accurate/MIGRATION.md index 4ae0126..edc761b 100644 --- a/charts/accurate/MIGRATION.md +++ b/charts/accurate/MIGRATION.md @@ -4,7 +4,7 @@ This document describes the steps to migrate from kustomize to Helm. ## Install Helm chart -There is no significant difference between the manifests installed by kusomize and those installed by Helm. +There is no significant difference between the manifests installed by kustomize and those installed by Helm. If a resource with the same name already exists in the Cluster, Helm will not be able to create the resource. diff --git a/charts/accurate/README.md b/charts/accurate/README.md index 9b48a2f..71b02f2 100644 --- a/charts/accurate/README.md +++ b/charts/accurate/README.md @@ -17,6 +17,20 @@ helm repo update $ curl -fsL https://github.com/jetstack/cert-manager/releases/latest/download/cert-manager.yaml | kubectl apply -f - ``` +### Installing CustomResourceDefinitions (optional) + +You must now decide if Accurate CRDs are to be managed by Helm or not. Please read +[CRD considerations](#crd-considerations) and make sure you understand the pros and cons with the different approaches. + +The Accurate Helm chart default is to install and manage CRDs with Helm, but if you want to manage them yourself, +now is the time. + +```console +$ kubectl apply -k https://github.com/cybozu-go/accurate//config/crd/ +``` + +If you decided to manage CRDs outside of Helm, make sure you set the `installCRDs` Helm value to `false`. + ### Installing the Chart > NOTE: @@ -53,6 +67,7 @@ $ helm install --create-namespace --namespace accurate accurate -f values.yaml a | image.pullPolicy | string | `nil` | Accurate image pullPolicy. | | image.repository | string | `"ghcr.io/cybozu-go/accurate"` | Accurate image repository to use. | | image.tag | string | `{{ .Chart.AppVersion }}` | Accurate image tag to use. | +| installCRDs | bool | `true` | Controls if CRDs are automatically installed and managed as part of your Helm release. | ## Generate Manifests @@ -62,9 +77,12 @@ You can use the `helm template` command to render manifests. $ helm template --namespace accurate accurate accurate/accurate ``` -## Upgrade CRDs +## CRD considerations -There is no support at this time for upgrading or deleting CRDs using Helm. -Users must manually upgrade the CRD if there is a change in the CRD used by Accurate. +Accurate does not use the [official helm method](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/) of installing CRD resources. +This is because it makes upgrading CRDs impossible with helm CLI alone. +The helm team explain the limitations of their approach [here](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). -https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#install-a-crd-declaration-before-using-the-resource +Managing CRDs with Helm is probably the easiest, but also has some drawbacks. +The [cert-manager documentation](https://cert-manager.io/docs/installation/helm/#crd-considerations) +debates some pros and cons that are worth reading. diff --git a/charts/accurate/crds/accurate.cybozu.com_subnamespaces.yaml b/charts/accurate/templates/generated/crds.yaml similarity index 96% rename from charts/accurate/crds/accurate.cybozu.com_subnamespaces.yaml rename to charts/accurate/templates/generated/crds.yaml index 5a72b20..53d354a 100644 --- a/charts/accurate/crds/accurate.cybozu.com_subnamespaces.yaml +++ b/charts/accurate/templates/generated/crds.yaml @@ -1,10 +1,14 @@ +{{- if .Values.installCRDs }} apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.12.0 labels: + app.kubernetes.io/managed-by: '{{ .Release.Service }}' app.kubernetes.io/name: accurate + app.kubernetes.io/version: '{{ .Chart.AppVersion }}' + helm.sh/chart: '{{ include "accurate.chart" . }}' name: subnamespaces.accurate.cybozu.com spec: group: accurate.cybozu.com @@ -138,3 +142,4 @@ spec: storage: false subresources: status: {} +{{- end }} diff --git a/charts/accurate/values.yaml b/charts/accurate/values.yaml index f01e24c..45e57a9 100644 --- a/charts/accurate/values.yaml +++ b/charts/accurate/values.yaml @@ -1,3 +1,5 @@ +installCRDs: true + image: # image.repository -- Accurate image repository to use. repository: ghcr.io/cybozu-go/accurate diff --git a/config/kustomize-to-helm/components/common-labels/kustomization.yaml b/config/kustomize-to-helm/components/common-labels/kustomization.yaml new file mode 100644 index 0000000..f37f1d6 --- /dev/null +++ b/config/kustomize-to-helm/components/common-labels/kustomization.yaml @@ -0,0 +1,8 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +commonLabels: + app.kubernetes.io/name: '{{ include "accurate.name" . }}' + +transformers: + - label-transformer.yaml diff --git a/config/kustomize-to-helm/overlays/templates/label-transformer.yaml b/config/kustomize-to-helm/components/common-labels/label-transformer.yaml similarity index 100% rename from config/kustomize-to-helm/overlays/templates/label-transformer.yaml rename to config/kustomize-to-helm/components/common-labels/label-transformer.yaml diff --git a/config/kustomize-to-helm/overlays/crds/kustomization.yaml b/config/kustomize-to-helm/overlays/crds/kustomization.yaml index eb831ac..c85884a 100644 --- a/config/kustomize-to-helm/overlays/crds/kustomization.yaml +++ b/config/kustomize-to-helm/overlays/crds/kustomization.yaml @@ -3,3 +3,6 @@ resources: commonLabels: app.kubernetes.io/name: accurate + +components: + - ../../components/common-labels diff --git a/config/kustomize-to-helm/overlays/templates/kustomization.yaml b/config/kustomize-to-helm/overlays/templates/kustomization.yaml index adeb7eb..a503044 100644 --- a/config/kustomize-to-helm/overlays/templates/kustomization.yaml +++ b/config/kustomize-to-helm/overlays/templates/kustomization.yaml @@ -6,11 +6,8 @@ namespace: '{{ .Release.Namespace }}' namePrefix: '{{ template "accurate.fullname" . }}-' -commonLabels: - app.kubernetes.io/name: '{{ include "accurate.name" . }}' - patchesStrategicMerge: - webhookcainjection_patch.yaml -transformers: - - label-transformer.yaml +components: + - ../../components/common-labels