The primary reason for this is the alphabetical ordering of `kubectl
describe`, which caused the fields to be listed in separate places
instead of a bundle.
From a programmatic perspective, it is also great because it is now much
easier to reset any previous state when e.g. uninstalling a release. As
we can simply write an empty struct to erase any memory of a previous
release, instead of having to deal with multiple fields.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This will allow the controller to pick the right method for digest
calculations when we for example add new data into the calculation.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This adds the base wiring to get the controller to work with the
v2beta2 API and the newly introduced packages in `internal/`.
In essence, this means that from now on the controller will utilize all
new code for the reconciliation of the HelmRelease resource.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This adds a `--interval-jitter-percentage` flag to the controller to
add a +/- percentage jitter to the interval defined in a HelmRelease
(defaults to 5%).
Effectively, this results in a reconciliation every 9.5 - 10.5 minutes
for a resource with an interval of 10 minutes.
Main reason to add this change is to mitigate spikes in memory and
CPU usage caused by many resources being configured with the same
interval.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
In some controller we already support multiple API versions at the
same time. In order to streamline the docs structure, the necessary
changes to do the same in this repo are applied here as well.
refs fluxcd/website#1577
Signed-off-by: Max Jonas Werner <mail@makk.es>
This adds a `PersistentClient` flag which should be consumed by the
controller while initializing the Kubernetes client used by Helm
actions.
This to allow the controller to work with certain charts which do
require a client which does not persist, as they create Custom Resource
Definitions on demand during e.g. install, which then later aren't
observed by Helm as it does not reset the REST mapper between successive
action steps.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
- Assing `ObjectMeta` field in Helm chart template.
- Ensure things are at least lightly mentioned in spec documentation.
- Add two simple test cases.
- Fix broken links to Kubernetes documentation.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This is backwards compatible, as it only changes the type without the
further requirements around the YAML declaration.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Formalises the API requirements around TargetPath and ValuesKey,
which were the two fields missing validation within ValuesReference.
In both cases the validation was introduced at CRD level, so that
the apiserver will enforce it.
ValuesKey must be a valid Data Key. Therefore the same logic used by
upstream Kubernetes is reused here to ensure a valid key is being used.
For TargetPath a loose regex is being used to largely represent the
expected format. A max length of 250 is now being enforced.
This is a breaking change, as invalid TargetPath and ValuesKey will now
be rejected by the apiserver, instead of being accepted and potentially
failing at reconciliation time.
Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
When the flag --default-service-account was added it changed
slightly the behaviour of the spec.KubeConfig field. It forces
the impersonation to always take place, either via the contents
of spec.ServiceAccountName or its fallback at controller level.
Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
This includes an update of the source-controller to v0.22.0, to pull in
the v1beta2 API which makes use of the same packages.
Signed-off-by: Sunny <darkowlzz@protonmail.com>
This commit changes the default behavior of the Helm uninstall action
to wait for all resources to be deleted, and introduces a
`.spec.uninstall.disableWait` flag to disable this behavior.
Signed-off-by: Samuel Torres <samuelpirestorres@gmail.com>
This adds support for creating the target release namespace if it is not
present which can be be useful in certain scenarios.
Note that when the release is uninstalled, the namespace is not removed
and remains on the cluster, and managing your namespace _outside_ of
the HelmRelease is advised.
Signed-off-by: Hidde Beydals <hello@hidde.co>
Changes the condition type to the one introduced in k8s 1.19, including
the newly introduced helpers in place of the old pkg/apis/meta types.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This is an initial implementation for cross-cluster Helm release
support that relies on a KubeConfig secret, and a reference to it in
the HelmRelease resource.
If set, all actions taken by the Helm runner are executed using the
KubeConfig from the secret. The Helm storage is stored on the remote
cluster in a namespace that equals to the namespace of the HelmRelease
in the managing cluster, the release itself is made in either this
namespace, or the configured TargetNamespace. In any case, both are
expected to exist and/or created beforehand.
Other references to Kubernetes resources in the HelmRelease, like
ValuesReference resources, are expected to exist on the managing
cluster.
This makes it possible for e.g. the GOTK CLI to observe if the
controller has handled the resource since the manual reconciliation
request was made. It replaces the `LastObservedTime` status field,
as this was prone to time skew issues and does not offer much additional
value over the timestamps of the conditions.
This commit adds support for optional values references, as discussions
have brought to light that there are some valid use cases in which
having this option is desirable. For example to allow a user to extend
behaviour at a later date with their own repository without modifying
the HelmRelease object.
When a values reference is marked as optional, not found errors for the
value reference are ignored, but any ValuesKey, TargetPath or transient
error will still result in a reconciliation failure.
This also removes the sorting from the `HelmChartWatcher`, as with
the current `HelmChartTemplateSpec` a chart is only used by a single
`HelmRelease`. Rendering the action obsolete.
This removes:
- Installed, Upgraded, RolledBack, and Uninstalled status conditions
since they did not represent current state, but rather actions
taken, which are already recorded by events.
- status.observedStateReconciled since it solved the problem of
remembering past release (install/upgrade/test) success, but not
past release failures, after other subsequent failures such as
dependency failures, k8s API failures, etc.
This adds:
- Remediated status condition which records whether the release is
currently in a remediated state. It is used to prevent release retries
after remediation failures. We were previously not doing this for
rollback failures.
- Released status condition which records whether the current state
has been successfully released (install/upgrade/test). This is used to
remember the last release attempt status, regardless of any subsequent
other failures such as dependency failures, k8s API failures, etc.
This renames:
- Tested > TestsSuccess status condition, for forward compatibility
with interval based helm tests.
This adds a .status.lastObservedTime field which records when the
HelmRelease was last observed by the controller. This allows the user
to observe whether the spec.interval and reconcileAt annotations are
triggering reconciliation attempts as desired.
- Ensure upgrade actually occurs if known state was not reached
for any reason (other than install failure).
- After transient failures not tied to new state application, ensure
spurious upgrades do not occur and ready state is again reached,
by remembering that the known state was already successfully applied.
- Reset failure counts after success so they're not stale.
- Only lookup post-deployment release revision on remediation,
since otherwise we already have it.
- Push status update after finding new state so user can observe.
Hidde Beydals
Jiri Tyr
Max Jonas Werner
Martin Hoffmann
Raffael Sahli
Soule BA
Paulo Gomes
Nick Stogner
Sunny
Tomek Rękawek
Samuel Torres
Hidde Beydals
Santosh Kewat
Alexander Berger
Dylan Arbour
gtracer
Stefan Prodan
Michael Bridgen
Sean Eagan
Sean Eagan