append non-template crd objects

go.sum

@@ -549,6 +549,7 @@ github.com/performancecopilot/speed v3.0.0+incompatible/go.mod h1:/CLtqpZ5gBg1M9
 github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU=
 github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2/go.mod h1:iIss55rKnNBTvrwdmkUpLnDpZoAHvWaiq5+iMmen4AE=
 github.com/pierrec/lz4 v1.0.2-0.20190131084431-473cd7ce01a1/go.mod h1:3/3N9NVKO0jef7pBehbT1qWhCMrIgbYNnFAZCqQ5LRc=
+github.com/pierrec/lz4 v2.0.5+incompatible h1:2xWsjqPFWcplujydGg4WmhC/6fZqK42wMM8aXeqhl0I=
 github.com/pierrec/lz4 v2.0.5+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY=
 github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.8.1-0.20171018195549-f15c970de5b7/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=

pkg/helm/helm.go → pkg/helm/render.go

@@ -23,6 +23,7 @@ import (
 
 	"emperror.dev/errors"
 	"github.com/ghodss/yaml"
+	"helm.sh/helm/v3/pkg/chart"
 	"helm.sh/helm/v3/pkg/releaseutil"
 
 	"helm.sh/helm/v3/pkg/chart/loader"
@@ -83,6 +84,11 @@ func Render(fs http.FileSystem, values map[string]interface{}, releaseOptions Re
 		return nil, err
 	}
 
+	crds := make(map[string]*chart.File)
+	for _, crd := range chrt.CRDObjects() {
+		crds[crd.Filename] = crd.File
+	}
+
 	// Merge templates and inject
 	var objects []runtime.Object
 	for _, tmpl := range files {
@@ -91,41 +97,55 @@ func Render(fs http.FileSystem, values map[string]interface{}, releaseOptions Re
 		}
 		t := path.Join(chartName, tmpl.Name)
 		if renderedTemplate, ok := renderedTemplates[t]; ok {
-			renderedTemplate = strings.TrimSpace(renderedTemplate)
-			if renderedTemplate == "" {
-				continue
+			objects, err = appendObjects(objects, renderedTemplate, t)
+			if err != nil {
+				return nil, err
 			}
-
-			manifests := releaseutil.SplitManifests(renderedTemplate)
-			for _, manifest := range manifests {
-				yamlDoc := strings.TrimSpace(manifest)
-				if yamlDoc == "" {
-					continue
-				}
-
-				// convert yaml to json
-				json, err := yaml.YAMLToJSON([]byte(yamlDoc))
-				if err != nil {
-					return nil, errors.WrapIfWithDetails(err, "unable to convert yaml to json", map[string]interface{}{"templatePath": t})
-				}
-
-				if string(json) == "null" {
-					continue
-				}
-
-				// deserialize json into unstructured
-				o, _, err := unstructured.UnstructuredJSONScheme.Decode(json, nil, nil)
-				if err != nil {
-					return nil, errors.WrapIfWithDetails(err, "unable to create unstructured", map[string]interface{}{"templatePath": t})
-				}
-				objects = append(objects, o)
+		} else if crd, ok := crds[t]; ok {
+			objects, err = appendObjects(objects, string(crd.Data), t)
+			if err != nil {
+				return nil, err
 			}
 		}
 	}
 
 	return objects, nil
 }
 
+func appendObjects(objects []runtime.Object, renderedTemplate, path string) ([]runtime.Object, error) {
+	renderedTemplate = strings.TrimSpace(renderedTemplate)
+	if renderedTemplate == "" {
+		return objects, nil
+	}
+
+	manifests := releaseutil.SplitManifests(renderedTemplate)
+	for _, manifest := range manifests {
+		yamlDoc := strings.TrimSpace(manifest)
+		if yamlDoc == "" {
+			continue
+		}
+
+		// convert yaml to json
+		json, err := yaml.YAMLToJSON([]byte(yamlDoc))
+		if err != nil {
+			return nil, errors.WrapIfWithDetails(err, "unable to convert yaml to json", map[string]interface{}{"templatePath": path})
+		}
+
+		if string(json) == "null" {
+			continue
+		}
+
+		// deserialize json into unstructured
+		o, _, err := unstructured.UnstructuredJSONScheme.Decode(json, nil, nil)
+		if err != nil {
+			return nil, errors.WrapIfWithDetails(err, "unable to create unstructured", map[string]interface{}{"templatePath": path})
+		}
+
+		objects = append(objects, o)
+	}
+	return objects, nil
+}
+
 func getFiles(fs http.FileSystem) ([]*loader.BufferedFile, error) {
 	files := []*loader.BufferedFile{
 		{

pkg/helm/render_test.go

@@ -0,0 +1,77 @@
+// Copyright © 2020 Banzai Cloud
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//    http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package helm
+
+import (
+	"net/http"
+	"testing"
+
+	"github.com/ghodss/yaml"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+)
+
+func TestRenderChartWithCrdsAndTemplates(t *testing.T) {
+	chart := http.Dir("testdata/crds-and-templates/logging-operator")
+
+	defaultValues, err := GetDefaultValues(chart)
+	require.NoError(t, err)
+
+	valuesMap := map[string]interface{}{}
+	err = yaml.Unmarshal(defaultValues, &valuesMap)
+	require.NoError(t, err)
+
+	// custom resources in templates must be disabled explicitly
+	valuesMap["createCustomResource"] = false
+
+	objects, err := Render(chart, valuesMap, ReleaseOptions{
+		Name:      "release-name",
+		Namespace: "release-namespace",
+	}, "logging-operator")
+	require.NoError(t, err)
+
+	assert.Len(t, objects, 1)
+
+	o, ok := objects[0].(*unstructured.Unstructured)
+	assert.True(t, ok, "object should be unstructured")
+
+	assert.Equal(t, "loggings.logging.banzaicloud.io", o.GetName())
+}
+
+
+func TestRenderChartWithCrdsOnly(t *testing.T) {
+	chart := http.Dir("testdata/crds-only/logging-operator")
+
+	defaultValues, err := GetDefaultValues(chart)
+	require.NoError(t, err)
+
+	valuesMap := map[string]interface{}{}
+	err = yaml.Unmarshal(defaultValues, &valuesMap)
+	require.NoError(t, err)
+
+	objects, err := Render(chart, valuesMap, ReleaseOptions{
+		Name:      "release-name",
+		Namespace: "release-namespace",
+	}, "logging-operator")
+	require.NoError(t, err)
+
+	assert.Len(t, objects, 1)
+
+	o, ok := objects[0].(*unstructured.Unstructured)
+	assert.True(t, ok, "object should be unstructured")
+
+	assert.Equal(t, "loggings.logging.banzaicloud.io", o.GetName())
+}

pkg/helm/testdata/crds-and-templates/logging-operator/.helmignore

@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

pkg/helm/testdata/crds-and-templates/logging-operator/Chart.yaml

@@ -0,0 +1,5 @@
+apiVersion: v1
+appVersion: "3.7.1"
+description: A Helm chart to install Banzai Cloud logging-operator
+name: logging-operator
+version: 3.7.1

pkg/helm/testdata/crds-and-templates/logging-operator/README.md

@@ -0,0 +1,129 @@
+
+# Logging operator Chart
+
+[Logging operator](https://github.com/banzaicloud/logging-operator) Managed centralized logging component fluentd and fluent-bit instance on cluster.
+
+## tl;dr:
+
+```bash
+$ helm repo add banzaicloud-stable https://kubernetes-charts.banzaicloud.com
+$ helm repo update
+$ helm install banzaicloud-stable/logging-operator
+```
+
+## Introduction
+
+This chart bootstraps a [Logging Operator](https://github.com/banzaicloud/logging-operator) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
+
+## Prerequisites
+
+- Kubernetes 1.8+ with Beta APIs enabled
+
+## Installing the Chart
+
+To install the chart with the release name `my-release`:
+
+```bash
+$ helm install --name my-release banzaicloud-stable/logging-operator
+```
+
+### CRDs
+Use `createCustomResource=false` with Helm v3 to avoid trying to create CRDs from the `crds` folder and from templates at the same time.
+
+The command deploys **Logging operator** on the Kubernetes cluster with the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation.
+
+## Uninstalling the Chart
+
+To uninstall/delete the `my-release` deployment:
+
+```bash
+$ helm delete my-release
+```
+
+The command removes all Kubernetes components associated with the chart and deletes the release.
+
+## Configuration
+
+The following tables lists the configurable parameters of the logging-operator chart and their default values.
+
+|                      Parameter                      |                        Description                     |             Default            |
+| --------------------------------------------------- | ------------------------------------------------------ | ------------------------------ |
+| `image.repository`                                  | Container image repository                             | `ghcr.io/banzaicloud/logging-operator` |
+| `image.tag`                                         | Container image tag                                    | `3.7.1`                        |
+| `image.pullPolicy`                                  | Container pull policy                                  | `IfNotPresent`                 |
+| `nameOverride`                                      | Override name of app                                   | ``                             |
+| `fullnameOverride`                                  | Override full name of app                              | ``                             |
+| `namespaceOverride`                                 | Override namespace of app                              | ``                             |
+| `watchNamespace`                                    | Namespace to watch for LoggingOperator CRD             | ``                             |
+| `rbac.enabled`                                      | Create rbac service account and roles                  | `true`                         |
+| `rbac.psp.enabled`                                  | Must be used with `rbac.enabled` true. If true, creates & uses RBAC resources required in the cluster with [Pod Security Policies](https://kubernetes.io/docs/concepts/policy/pod-security-policy/) enabled.    | `false`                        |
+| `priorityClassName`                                 | Operator priorityClassName                             | `{}`                           |
+| `affinity`                                          | Node Affinity                                          | `{}`                           |
+| `resources`                                         | CPU/Memory resource requests/limits                    | `{}`                           |
+| `tolerations`                                       | Node Tolerations                                       | `[]`                           |
+| `nodeSelector`                                      | Define which Nodes the Pods are scheduled on.          | `{}`                           |
+| `annotations`                                       | Define annotations for logging-operator pods           | `{}`                           |
+| `podSecurityContext`                                | Pod SecurityContext for Logging operator. [More info](https://kubernetes.io/docs/concepts/policy/security-context/)                                                                                             | `{"runAsNonRoot": true, "runAsUser": 1000, "fsGroup": 2000}` |
+| `securityContext`                                   | Container SecurityContext for Logging operator. [More info](https://kubernetes.io/docs/concepts/policy/security-context/) | `{"allowPrivilegeEscalation": false, "readOnlyRootFilesystem": true}` |
+| `createCustomResource`                              | Create CRDs. | `true` |
+| `monitoring.serviceMonitor.enabled`                 | Create Prometheus Operator servicemonitor. | `false` |
+
+Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example:
+
+```bash
+$ helm install --name my-release -f values.yaml banzaicloud-stable/logging-operator
+```
+
+> **Tip**: You can use the default [values.yaml](values.yaml)
+
+## Installing Fluentd and Fluent-bit via logging
+
+The previous chart does **not** install `logging` resource to deploy Fluentd and Fluent-bit on cluster. To install them please use the [Logging Operator Logging](https://github.com/banzaicloud/logging-operator/tree/master/charts/logging-operator-logging) chart.
+
+## tl;dr:
+
+```bash
+$ helm repo add banzaicloud-stable https://kubernetes-charts.banzaicloud.com
+$ helm repo update
+$ helm install banzaicloud-stable/logging-operator-logging
+```
+
+## Configuration
+
+The following tables lists the configurable parameters of the logging-operator-logging chart and their default values.
+## tl;dr:
+
+```bash
+$ helm repo add banzaicloud-stable https://kubernetes-charts.banzaicloud.com
+$ helm repo update
+$ helm install banzaicloud-stable/logging-operator-logging
+```
+
+## Configuration
+
+The following tables lists the configurable parameters of the logging-operator-logging chart and their default values.
+
+|                      Parameter                      |                        Description                     |             Default            |
+| --------------------------------------------------- | ------------------------------------------------------ | ------------------------------ |
+| `tls.enabled`                                       | Enabled TLS communication between components           | true                           |
+| `tls.fluentdSecretName`                                    | Specified secret name, which contain tls certs         | This will overwrite automatic Helm certificate generation. |
+| `tls.fluentbitSecretName`                                    | Specified secret name, which contain tls certs         | This will overwrite automatic Helm certificate generation. |
+| `tls.sharedKey`                                     | Shared key between nodes (fluentd-fluentbit)           | [autogenerated]                |
+| `fluentbit.enabled`                                 | Install fluent-bit                                     | true                           |
+| `fluentbit.namespace`                               | Specified fluentbit installation namespace             | same as operator namespace     |
+| `fluentbit.image.tag`                               | Fluentbit container image tag                          | `1.6.1`                        |
+| `fluentbit.image.repository`                        | Fluentbit container image repository                   | `fluent/fluent-bit`            |
+| `fluentbit.image.pullPolicy`                        | Fluentbit container pull policy                        | `IfNotPresent`                 |
+| `fluentd.enabled`                                   | Install fluentd                                        | true                           |
+| `fluentd.image.tag`                                 | Fluentd container image tag                            | `v1.11.4-alpine-1`              |
+| `fluentd.image.repository`                          | Fluentd container image repository                     | `ghcr.io/banzaicloud/fluentd`          |
+| `fluentd.image.pullPolicy`                          | Fluentd container pull policy                          | `IfNotPresent`                 |
+| `fluentd.volumeModImage.tag`                        | Fluentd volumeModImage container image tag             | `latest`                       |
+| `fluentd.volumeModImage.repository`                 | Fluentd volumeModImage container image repository      | `busybox`                      |
+| `fluentd.volumeModImage.pullPolicy`                 | Fluentd volumeModImage container pull policy           | `IfNotPresent`                 |
+| `fluentd.configReloaderImage.tag`                   | Fluentd configReloaderImage container image tag        | `v0.2.2`                       |
+| `fluentd.configReloaderImage.repository`            | Fluentd configReloaderImage container image repository | `jimmidyson/configmap-reload`  |
+| `fluentd.configReloaderImage.pullPolicy`            | Fluentd configReloaderImage container pull policy      | `IfNotPresent`                 |
+| `fluentd.fluentdPvcSpec.accessModes`                | Fluentd persistence volume access modes                | `[ReadWriteOnce]`              |
+| `fluentd.fluentdPvcSpec.resources.requests.storage` | Fluentd persistence volume size                        | `21Gi`                         |
+| `fluentd.fluentdPvcSpec.storageClassName`           | Fluentd persistence volume storageclass                | `"""`                          |