Add Experimental HelmOps controller. #3092
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
0xavi0
force-pushed
the
2962-helm-charts
branch
7 times, most recently
from
5324f8f to
4ad653a
Compare
weyfonk
reviewed
Dec 3, 2024
There was a problem hiding this comment.
Thanks for this! Leaving a few comments, many of which are just nitpicks.
This new feature creates bundles synchronously, which may be fine for now as they are more lightweight, without resources, than in the gitOps case. But I wonder if that may become an issue on larger setups (although worker counts will soon be configurable even in the agent).
0xavi0
force-pushed
the
2962-helm-charts
branch
4 times, most recently
from
fc68a6c to
55f7216
Compare
weyfonk
reviewed
Dec 9, 2024
internal/cmd/controller/helmops/reconciler/fleethelm_controller.go
Outdated
Show resolved
Hide resolved
internal/cmd/controller/helmops/reconciler/fleethelm_controller.go
Outdated
Show resolved
Hide resolved
0xavi0
force-pushed
the
2962-helm-charts
branch
from
bc8fb2c to
33e5ff9
Compare
weyfonk
reviewed
Dec 10, 2024
weyfonk
reviewed
Dec 10, 2024
0xavi0
force-pushed
the
2962-helm-charts
branch
3 times, most recently
from
f3fc4b6 to
9f1850c
Compare
weyfonk
approved these changes
Dec 11, 2024
manno
reviewed
Dec 12, 2024
Comment on lines
14
to
15
| fleet "github.com/rancher/fleet/pkg/apis/fleet.cattle.io/v1alpha1" | ||
| v1alpha1 "github.com/rancher/fleet/pkg/apis/fleet.cattle.io/v1alpha1" |
There was a problem hiding this comment.
Suggested change
| fleet "github.com/rancher/fleet/pkg/apis/fleet.cattle.io/v1alpha1" | |
| v1alpha1 "github.com/rancher/fleet/pkg/apis/fleet.cattle.io/v1alpha1" | |
| fleetv1 "github.com/rancher/fleet/pkg/apis/fleet.cattle.io/v1alpha1" |
There was a problem hiding this comment.
I've deleted the v1alpha1 one
It adds a new custom resource `HelmApp` (resource name open to debate) that describes a helm chart to be deployed.
The resource contains all the fealds from the classic `fleet.yaml` file plus a few new from the `GitRepo`
resource.
`HelmApp` yaml example:
```yaml
apiVersion: fleet.cattle.io/v1alpha1
kind: HelmApp
metadata:
name: sample1
namespace: fleet-local
spec:
helm:
releaseName: testhelm
repo: https://charts.bitnami.com/bitnami
chart: postgresql
version: 16.2.1
insecureSkipTLSVerify: true
```
The implementation tries to share as much as possible from a `Bundle` spec inside the new resource, because it helps
to "transform" the `HelmApp` into a deployment (no coversion is needed for most of the spec).
The new controller was also implemented splitting the functionality into 2 controllers (similar to what we did for the `GitRepo` controller). This allows us to reuse most of the status handling code, as display fields in the status of the new resource are as similar as possible to have consistent user experience and to integrate with the UI in the same way the `GitRepo` does.
When a new `HelmApp` resource is applied it is transformed into a single `Bundle`, adding some extra fields to let the `Bundle` reconciler know that this is not a regular `Bundle` coming from a `GitRepo`.
Similar as we did for OCI storage, the `Bundle` created from a `HelmApp` does not contain resources. The helm chart to be deployed is downloaded by the agent.
Code for downloading the helm chart is reused from gitops, so the same formats are supported.
Insecure TLS skipping was added the the ChartURL and LoadDirectory functions in order to support this for gitops and helmops.
If we need a secret to access the helm repository we can use the `helmSecretName` field. This secret will be cloned to secrets under the `BundleDeployment` namespace (same as we did for the OCI storage secret handling).
The PR includes unit, integration (most of code is tested this way) and just one single e2e test so far just to test the whole feature together in a real cluster.
Note: This is an experimental feature. In order to activate the `HelmApp` reconciling and `Bundle` deployment you need to the the environment variable: `EXPERIMENTAL_HELM_OPS=true`
Refers to: rancher#2962
Signed-off-by: Xavi Garcia <[email protected]>
This is so we can enable the UI and browse artifacts Signed-off-by: Xavi Garcia <[email protected]>
Signed-off-by: Xavi Garcia <[email protected]>
Signed-off-by: Xavi Garcia <[email protected]>
Signed-off-by: Xavi Garcia <[email protected]>
Signed-off-by: Xavi Garcia <[email protected]>
Signed-off-by: Xavi Garcia <[email protected]>
Signed-off-by: Xavi Garcia <[email protected]>
Signed-off-by: Xavi Garcia <[email protected]>
Signed-off-by: Xavi Garcia <[email protected]>
Signed-off-by: Xavi Garcia <[email protected]>
Signed-off-by: Xavi Garcia <[email protected]>
Signed-off-by: Xavi Garcia <[email protected]>
0xavi0
force-pushed
the
2962-helm-charts
branch
from
dc32344 to
6a2d48a
Compare
Signed-off-by: Xavi Garcia <[email protected]>
0xavi0
force-pushed
the
2962-helm-charts
branch
from
6a2d48a to
c082cf8
Compare
manno
changed the title
manno
changed the title
manno
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This adds a new custom resource
HelmApp(resource name open to debate) that describes a helm chart to be deployed.The resource contains all the fields from the classic
fleet.yamlfile plus a few new from theGitReporesource.HelmAppyaml example:The implementation tries to share as much as possible from a
Bundlespec inside the new resource, because it helps to "transform" theHelmAppinto a deployment (no conversion is needed for most of the spec).The new controller was also implemented splitting the functionality into 2 controllers (similar to what we did for the
GitRepocontroller). This allows us to reuse most of the status handling code, as display fields in the status of the new resource are as similar as possible to have consistent user experience and to integrate with the UI in the same way theGitRepodoes.When a new
HelmAppresource is applied it is transformed into a singleBundle, adding some extra fields to let theBundlereconciler know that this is not a regularBundlecoming from aGitRepo.Similar as we did for OCI storage, the
Bundlecreated from aHelmAppdoes not contain resources. The helm chart to be deployed is downloaded by the agent.Code for downloading the helm chart is reused from gitops, so the same formats are supported. Insecure TLS skipping was added the the ChartURL and LoadDirectory functions in order to support this for gitops and helmops.
If we need a secret to access the helm repository we can use the
helmSecretNamefield. This secret will be cloned to secrets under theBundleDeploymentnamespace (same as we did for the OCI storage secret handling).The PR includes unit, integration (most of code is tested this way) and just one single e2e test so far just to test the whole feature together in a real cluster.
The following image describes how Spec fields are shared between
BundleandHelmAppand how the Status fields are shared betweenGitRepoandHelmApp:Note: This is an experimental feature. In order to activate the
HelmAppreconciling andBundledeployment you need to set the following environment variable:EXPERIMENTAL_HELM_OPS=trueRefers to: #2962