Improve flyte-core helm chart

[mvaalexp]

Fixed flyte-core helm chart where ServiceAccounts were missing, incorrect typing, and some naming inconsistencies

Tracking issue

Closes #5361

Why are the changes needed?

Removes error messages in when running the chart

coalesce.go:286: warning: cannot overwrite table with non table for flyte-core.flyteagent.podEnv (map[])

Adds missing ServiceAccounts to services.

• This default service account has limited permissions and is generally not recommended for use in production environments
  In our production clusters, we have governance that requires all Deployments must have an associated SA, this is currently preventing us from using the chart.

Adds the ability to override the service names.

• This makes it consistent with other charts like flyteagent
  • https://github.com/flyteorg/flyte/blob/master/charts/flyteagent/templates/_helpers.tpl#L17
• Our cluster governance has naming restrictions and this will allow us to use this chart

Changed FlyteClusterResourceSync Deployment name

• The names were hard coded
• There existed a template already in the _helpers file
• Labels did not match the resource names
• This allows for consistency across the services
• Note: Will delete and recreate the Deployment (not backwards compatible)

What changes were proposed in this pull request?

Helper methods refactored to allow nameOverride.
Service Accounts added and applied to Deployments.
values.yaml default values updated to array from map as that is what is expected

How was this patch tested?

Hand tested, I didn't see unit tests for the helm chart.

Setup process

Screenshots

Check all the applicable boxes

• I updated the documentation accordingly.
• All new and existing tests passed.
• All commits are signed-off.

Related PRs

Docs link

[welcome]

Thank you for opening this pull request! 🙌

These tips will help get your PR across the finish line:

• Most of the repos have a PR template; if not, fill it out to the best of your knowledge.
• Sign off your commits (Reference: DCO Guide).

[mvaalexp]

Attempted to keep backwards compatibility here.

[mvaalexp]

This will technically recreate the deployment when it renames, not sure if that is an issue.

[wild-endeavor]

does this re-create the deployment? or does this create a new deployment?

[mvaalexp]

new, it will tear down the old deployment and make a new one. it renames this to flyteclusterresourcesync

https://github.com/flyteorg/flyte/blob/master/charts/flyte-core/templates/_helpers.tpl#L62

[mvaalexp]

These are mapped to arrays, so it gives a warning when you set them in the values.yaml.

[ddl-ebrown]

Ah thanks! 👍

That's my mistake and I probably missed this when I added it because we're setting podEnv values.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 60.99%. Comparing base (653ca85) to head (9e3e27c).
Report is 12 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #5362      +/-   ##
==========================================
+ Coverage   60.97%   60.99%   +0.02%     
==========================================
  Files         793      793              
  Lines       51331    51346      +15     
==========================================
+ Hits        31299    31319      +20     
+ Misses      17147    17141       -6     
- Partials     2885     2886       +1     

Flag	Coverage Δ
unittests-datacatalog	69.31% <ø> (ø)
unittests-flyteadmin	58.70% <ø> (+0.03%)	⬆️
unittests-flytecopilot	17.79% <ø> (ø)
unittests-flytectl	67.97% <ø> (ø)
unittests-flyteidl	79.04% <ø> (ø)
unittests-flyteplugins	61.84% <ø> (+0.05%)	⬆️
unittests-flytepropeller	57.32% <ø> (-0.01%)	⬇️
unittests-flytestdlib	65.82% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[wild-endeavor]

sorry it's taken a long time to get to this @mvaalexp - would you mind taking one more look and regenerating the generated files to fix the conflicts please?

Only flyte console and the cluster resource controller are getting new service accounts correct? The others already have them? Also the cluster controller deployment will get recreated? Or will there be a duplicate one?

If you think it would be helpful to the community, could you also write a tiny blurb please that we can include on the release notes when this goes out? Just so there are no surprises for anyone using this helm chart. Would be most helpful.

[mvaalexp]

No problem. I will take a look tomorrow and see what I am missing and write the blurb.

As I mentioned in the comment it will be new as a rename is basically a delete and create (as k8s can't rename a resource as far as I know). it renames this to flyteclusterresourcesync which is what was defined in the helpers file. If we can't afford to risk a rename here, we can probably work around it with a ternary or a new helper function, but it seems reasonable to keep it consistent if its not going to be a problem.

https://github.com/flyteorg/flyte/blob/master/charts/flyte-core/templates/_helpers.tpl#L62

[mvaalexp]

📝 Description

• Made the resource naming more configurable in case there is governance in place in the cluster that requires certain naming conventions on resources
• Added ServiceAccounts to Deployments that were missing them (this is in general best practice)
  • flyteclusterresourcesync, flyteconsole and flyte-core
• Renamed a few files to follow the standards from other charts (mostly sa.yaml -> rbac.yaml)
• Changed default helm values that were supposed to be arrays from objects to arrays (this was causing warnings in helm)

📝 User Notes

• syncresources was renamed to flyteclusterresourcesync to follow the values found in the helper class rather than it being hard coded
  • This will delete and recreate the deployment
• clusterresourcesync now uses its own ServiceAccount instead of sharing flyteadmin's
  • If users changed cluster_resource_manager, this may cause some backwards compatibility issue