Merge pull request #108 from erikgb/template-crds

chore(helm): allow CRDs to be templated with Helm
cybozu-go · Nov 15, 2023 · 5e3cfbd · 5e3cfbd
2 parents 07b61c1 + 63d0ca8
commit 5e3cfbd
Show file tree

Hide file tree

Showing 10 changed files with 47 additions and 12 deletions.
diff --git a/.gitattributes b/.gitattributes
@@ -1,4 +1,3 @@
-charts/accurate/crds/* linguist-generated=true
 charts/accurate/templates/generated/* linguist-generated=true
 config/crd/bases/* linguist-generated=true
 config/rbac/role.yaml linguist-generated=true

diff --git a/Makefile b/Makefile
@@ -42,10 +42,13 @@ help: ## Display this help.
 
 ##@ Development
 
+HELM_CRDS_FILE := charts/accurate/templates/generated/crds.yaml
 .PHONY: manifests
 manifests: setup ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects.
 	controller-gen $(CRD_OPTIONS) rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=config/crd/bases
-	kustomize build config/kustomize-to-helm/overlays/crds | yq e "." -p yaml - > charts/accurate/crds/accurate.cybozu.com_subnamespaces.yaml
+	echo '{{- if .Values.installCRDs }}' > $(HELM_CRDS_FILE)
+	kustomize build config/kustomize-to-helm/overlays/crds | yq e "." -p yaml - >> $(HELM_CRDS_FILE)
+	echo '{{- end }}' >> $(HELM_CRDS_FILE)
 	kustomize build config/kustomize-to-helm/overlays/templates | yq e "."  -p yaml - > charts/accurate/templates/generated/generated.yaml
 
 .PHONY: generate

diff --git a/charts/accurate/MIGRATION.md b/charts/accurate/MIGRATION.md
@@ -4,7 +4,7 @@ This document describes the steps to migrate from kustomize to Helm.
 
 ## Install Helm chart
 
-There is no significant difference between the manifests installed by kusomize and those installed by Helm.
+There is no significant difference between the manifests installed by kustomize and those installed by Helm.
 
 If a resource with the same name already exists in the Cluster, Helm will not be able to create the resource.
 

diff --git a/charts/accurate/README.md b/charts/accurate/README.md
@@ -17,6 +17,20 @@ helm repo update
 $ curl -fsL https://github.com/jetstack/cert-manager/releases/latest/download/cert-manager.yaml | kubectl apply -f -
 ```
 
+### Installing CustomResourceDefinitions (optional)
+
+You must now decide if Accurate CRDs are to be managed by Helm or not. Please read
+[CRD considerations](#crd-considerations) and make sure you understand the pros and cons with the different approaches.
+
+The Accurate Helm chart default is to install and manage CRDs with Helm, but if you want to manage them yourself,
+now is the time.
+
+```console
+$  kubectl apply -k https://github.com/cybozu-go/accurate//config/crd/
+```
+
+If you decided to manage CRDs outside of Helm, make sure you set the `installCRDs` Helm value to `false`.
+
 ### Installing the Chart
 
 > NOTE:
@@ -53,6 +67,7 @@ $ helm install --create-namespace --namespace accurate accurate -f values.yaml a
 | image.pullPolicy                         | string | `nil`                                                                                                                                                                             | Accurate image pullPolicy.                                                                                                                                                                                                    |
 | image.repository                         | string | `"ghcr.io/cybozu-go/accurate"`                                                                                                                                                    | Accurate image repository to use.                                                                                                                                                                                             |
 | image.tag                                | string | `{{ .Chart.AppVersion }}`                                                                                                                                                         | Accurate image tag to use.                                                                                                                                                                                                    |
+| installCRDs                              | bool   | `true`                                                                                                                                                                            | Controls if CRDs are automatically installed and managed as part of your Helm release.                                                                                                                                        |
 
 ## Generate Manifests
 
@@ -62,9 +77,12 @@ You can use the `helm template` command to render manifests.
 $ helm template --namespace accurate accurate accurate/accurate
 ```
 
-## Upgrade CRDs
+## CRD considerations
 
-There is no support at this time for upgrading or deleting CRDs using Helm.
-Users must manually upgrade the CRD if there is a change in the CRD used by Accurate.
+Accurate does not use the [official helm method](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/) of installing CRD resources.
+This is because it makes upgrading CRDs impossible with helm CLI alone.
+The helm team explain the limitations of their approach [here](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations).
 
-https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#install-a-crd-declaration-before-using-the-resource
+Managing CRDs with Helm is probably the easiest, but also has some drawbacks.
+The [cert-manager documentation](https://cert-manager.io/docs/installation/helm/#crd-considerations)
+debates some pros and cons that are worth reading.
diff --git a/...ds/accurate.cybozu.com_subnamespaces.yaml → ...ts/accurate/templates/generated/crds.yaml b/...ds/accurate.cybozu.com_subnamespaces.yaml → ...ts/accurate/templates/generated/crds.yaml
diff --git a/charts/accurate/values.yaml b/charts/accurate/values.yaml
@@ -1,3 +1,5 @@
+installCRDs: true
+
 image:
   # image.repository -- Accurate image repository to use.
   repository: ghcr.io/cybozu-go/accurate

diff --git a/config/kustomize-to-helm/components/common-labels/kustomization.yaml b/config/kustomize-to-helm/components/common-labels/kustomization.yaml
@@ -0,0 +1,8 @@
+apiVersion: kustomize.config.k8s.io/v1alpha1
+kind: Component
+
+commonLabels:
+  app.kubernetes.io/name: '{{ include "accurate.name" . }}'
+
+transformers:
+  - label-transformer.yaml
diff --git a/...overlays/templates/label-transformer.yaml → ...ents/common-labels/label-transformer.yaml b/...overlays/templates/label-transformer.yaml → ...ents/common-labels/label-transformer.yaml
diff --git a/config/kustomize-to-helm/overlays/crds/kustomization.yaml b/config/kustomize-to-helm/overlays/crds/kustomization.yaml
@@ -3,3 +3,6 @@ resources:
 
 commonLabels:
   app.kubernetes.io/name: accurate
+
+components:
+  - ../../components/common-labels
diff --git a/config/kustomize-to-helm/overlays/templates/kustomization.yaml b/config/kustomize-to-helm/overlays/templates/kustomization.yaml
@@ -6,11 +6,8 @@ namespace: '{{ .Release.Namespace }}'
 
 namePrefix: '{{ template "accurate.fullname" . }}-'
 
-commonLabels:
-  app.kubernetes.io/name: '{{ include "accurate.name" . }}'
-
 patchesStrategicMerge:
   - webhookcainjection_patch.yaml
 
-transformers:
-  - label-transformer.yaml
+components:
+  - ../../components/common-labels