Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Helm nightly release #345

Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -36,3 +36,9 @@ operator/tests/e2e-v2-helm/

# Go releaser artifacts
dist/

# Dep Chart Lock file
Chart.lock
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Didn't we determine that we need Chart.lock to be checked in? https://github.com/redpanda-data/helm-charts/blob/main/charts/redpanda/Chart.lock

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good question. I'm going back and fourth with this. Our tests in redpanda repo requires Chart.lock to have stable input. I didn't want operator helm chart lock as I feel like it's not required. Never the less if .helmignore will exclude Chart.lock I can commit Chart.lock.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We don't currently have Chart.lock in our .helmignore either. That also caused problems.


# Ignore chart depedencies
charts/*/charts/*.tgz
2 changes: 1 addition & 1 deletion charts/connectors/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ kubeVersion: "^1.21.0-0"

icon: https://images.ctfassets.net/paqvtpyf8rwu/3cYHw5UzhXCbKuR24GDFGO/73fb682e6157d11c10d5b2b5da1d5af0/skate-stand-panda.svg
sources:
- https://github.com/redpanda-data/helm-charts
- https://github.com/redpanda-data/redpanda-operator/charts
annotations:
artifacthub.io/license: Apache-2.0
artifacthub.io/links: |
Expand Down
2 changes: 1 addition & 1 deletion charts/console/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ kubeVersion: ">= 1.25.0-0"

icon: https://images.ctfassets.net/paqvtpyf8rwu/3cYHw5UzhXCbKuR24GDFGO/73fb682e6157d11c10d5b2b5da1d5af0/skate-stand-panda.svg
sources:
- https://github.com/redpanda-data/helm-charts
- https://github.com/redpanda-data/redpanda-operator/charts
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These links don't resolve as they need the ref set. https://github.com/redpanda-data/redpanda-operator/tree/main/charts

Should we go ahead and link to the specific folder or the chart as well? e.g. https://github.com/redpanda-data/redpanda-operator/tree/main/charts/console

annotations:
artifacthub.io/license: Apache-2.0
artifacthub.io/links: |
Expand Down
2 changes: 1 addition & 1 deletion charts/operator/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ appVersion: v2.3.2-24.3.1
kubeVersion: ">= 1.25.0-0"

sources:
- https://github.com/redpanda-data/helm-charts
- https://github.com/redpanda-data/redpanda-operator/charts
icon: https://go.redpanda.com/hubfs/Redpandas/operator-panda.png
maintainers:
- name: redpanda-data
Expand Down
73 changes: 39 additions & 34 deletions charts/operator/chart.go
Original file line number Diff line number Diff line change
Expand Up @@ -15,12 +15,11 @@ import (

certmanagerv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1"
monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1"
"github.com/redpanda-data/redpanda-operator/pkg/gotohelm"
"github.com/redpanda-data/redpanda-operator/pkg/gotohelm/helmette"
"github.com/redpanda-data/redpanda-operator/pkg/helm"
"github.com/redpanda-data/redpanda-operator/pkg/kube"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/client-go/kubernetes/scheme"
"sigs.k8s.io/yaml"
)

var (
Expand All @@ -34,53 +33,59 @@ var (
//go:embed values.yaml
defaultValuesYAML []byte

chartMeta helmette.Chart
// Chart is the go version of the operator helm chart.
Chart = gotohelm.MustLoad(chartYAML, defaultValuesYAML, render)
)

func init() {
must(scheme.AddToScheme(Scheme))
must(certmanagerv1.AddToScheme(Scheme))
must(monitoringv1.AddToScheme(Scheme))
}

// NB: We can't directly unmarshal into a helmette.Chart as adding json
// tags to it breaks gotohelm.
var chart map[string]any
must(yaml.Unmarshal(chartYAML, &chart))

chartMeta = helmette.Chart{
Name: chart["name"].(string),
Version: chart["version"].(string),
AppVersion: chart["appVersion"].(string),
func must(err error) {
if err != nil {
panic(err)
}
}

// ChartMeta returns a parsed version of redpanda's Chart.yaml.
func ChartMeta() helmette.Chart {
return chartMeta
}
// render is the entrypoint to both the go and helm versions of the redpanda
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd prefer to not merge changes to the charts until we have CI running generation and unit tests for them. It's too easy for something to accidentally slip in and not get caught until MUCH later.

// helm chart.
// In helm, _shims.render-manifest is used to call and filter the output of
// this function.
// In go, this function should be call by executing [Chart.Render], which will
// handle construction of [helmette.Dot], subcharting, and output filtering.
func render(dot *helmette.Dot) []kube.Object {
manifests := []kube.Object{
Certificate(dot),
ConfigMap(dot),
Deployment(dot),
WebhookService(dot),
MetricsService(dot),
ServiceAccount(dot),
ServiceMonitor(dot),
}

func Dot(release helmette.Release, values PartialValues, kubeConfig kube.Config) (*helmette.Dot, error) {
valuesYaml, err := yaml.Marshal(values)
if err != nil {
return nil, err
// NB: gotohelm doesn't currently have a way to handle casting from
// []Instance -> []Interface as doing so generally requires some go
// helpers.
// Instead, it's easiest (though painful to read and write) to iterate over
// all functions that return slices and append them one at a time.
for _, obj := range ClusterRole(dot) {
manifests = append(manifests, obj)
}

// NB: err1 is working around an issue in gotohelm's ASTs rewrites
merged, err1 := helm.MergeYAMLValues("", defaultValuesYAML, valuesYaml)
if err1 != nil {
return nil, err1
for _, obj := range ClusterRoleBindings(dot) {
manifests = append(manifests, obj)
}

return &helmette.Dot{
Values: merged,
Chart: ChartMeta(),
Release: release,
KubeConfig: kubeConfig,
}, nil
}
for _, obj := range Roles(dot) {
manifests = append(manifests, obj)
}

func must(err error) {
if err != nil {
panic(err)
for _, obj := range RoleBindings(dot) {
manifests = append(manifests, obj)
}

return manifests
}
4 changes: 2 additions & 2 deletions charts/operator/helpers.go
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ func Fullname(dot *helmette.Dot) string {
}

// Create chart name and version as used by the chart label.
func Chart(dot *helmette.Dot) string {
func ChartLabel(dot *helmette.Dot) string {
chart := fmt.Sprintf("%s-%s", dot.Chart.Name, dot.Chart.Version)
return cleanForK8s(strings.ReplaceAll(chart, "+", "_"))
}
Expand All @@ -56,7 +56,7 @@ func Labels(dot *helmette.Dot) map[string]string {
values := helmette.Unwrap[Values](dot.Values)

labels := map[string]string{
"helm.sh/chart": Chart(dot),
"helm.sh/chart": ChartLabel(dot),
"app.kubernetes.io/managed-by": dot.Release.Service,
}

Expand Down
36 changes: 18 additions & 18 deletions charts/operator/rbac.go
Original file line number Diff line number Diff line change
Expand Up @@ -16,14 +16,14 @@ import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)

func ClusterRole(dot *helmette.Dot) []rbacv1.ClusterRole {
func ClusterRole(dot *helmette.Dot) []*rbacv1.ClusterRole {
values := helmette.Unwrap[Values](dot.Values)

if !values.RBAC.Create {
return nil
}

clusterRoles := []rbacv1.ClusterRole{
clusterRoles := []*rbacv1.ClusterRole{
{
TypeMeta: metav1.TypeMeta{
APIVersion: "rbac.authorization.k8s.io/v1",
Expand Down Expand Up @@ -67,7 +67,7 @@ func ClusterRole(dot *helmette.Dot) []rbacv1.ClusterRole {
}

if values.Scope == Cluster {
return append(clusterRoles, []rbacv1.ClusterRole{
return append(clusterRoles, []*rbacv1.ClusterRole{
{
TypeMeta: metav1.TypeMeta{
APIVersion: "rbac.authorization.k8s.io/v1",
Expand Down Expand Up @@ -210,7 +210,7 @@ func ClusterRole(dot *helmette.Dot) []rbacv1.ClusterRole {
}

if values.Scope == Namespace && values.RBAC.CreateRPKBundleCRs {
clusterRoles = append(clusterRoles, []rbacv1.ClusterRole{
clusterRoles = append(clusterRoles, []*rbacv1.ClusterRole{
{
TypeMeta: metav1.TypeMeta{
APIVersion: "rbac.authorization.k8s.io/v1",
Expand Down Expand Up @@ -243,7 +243,7 @@ func ClusterRole(dot *helmette.Dot) []rbacv1.ClusterRole {
}

if values.Scope == Namespace && values.RBAC.CreateAdditionalControllerCRs {
clusterRoles = append(clusterRoles, []rbacv1.ClusterRole{
clusterRoles = append(clusterRoles, []*rbacv1.ClusterRole{
{
TypeMeta: metav1.TypeMeta{
APIVersion: "rbac.authorization.k8s.io/v1",
Expand Down Expand Up @@ -282,7 +282,7 @@ func ClusterRole(dot *helmette.Dot) []rbacv1.ClusterRole {
}...)
}

return append(clusterRoles, rbacv1.ClusterRole{
return append(clusterRoles, &rbacv1.ClusterRole{
TypeMeta: metav1.TypeMeta{
APIVersion: "rbac.authorization.k8s.io/v1",
Kind: "ClusterRole",
Expand All @@ -300,14 +300,14 @@ func ClusterRole(dot *helmette.Dot) []rbacv1.ClusterRole {
})
}

func ClusterRoleBindings(dot *helmette.Dot) []rbacv1.ClusterRoleBinding {
func ClusterRoleBindings(dot *helmette.Dot) []*rbacv1.ClusterRoleBinding {
values := helmette.Unwrap[Values](dot.Values)

if !values.RBAC.Create {
return nil
}

binding := []rbacv1.ClusterRoleBinding{
binding := []*rbacv1.ClusterRoleBinding{
{
TypeMeta: metav1.TypeMeta{
APIVersion: "rbac.authorization.k8s.io/v1",
Expand All @@ -334,7 +334,7 @@ func ClusterRoleBindings(dot *helmette.Dot) []rbacv1.ClusterRoleBinding {
}

if values.Scope == Cluster {
return append(binding, rbacv1.ClusterRoleBinding{
return append(binding, &rbacv1.ClusterRoleBinding{
TypeMeta: metav1.TypeMeta{
APIVersion: "rbac.authorization.k8s.io/v1",
Kind: "ClusterRoleBinding",
Expand All @@ -360,7 +360,7 @@ func ClusterRoleBindings(dot *helmette.Dot) []rbacv1.ClusterRoleBinding {
}

if values.Scope == Namespace && values.RBAC.CreateAdditionalControllerCRs {
binding = append(binding, rbacv1.ClusterRoleBinding{
binding = append(binding, &rbacv1.ClusterRoleBinding{
TypeMeta: metav1.TypeMeta{
APIVersion: "rbac.authorization.k8s.io/v1",
Kind: "ClusterRoleBinding",
Expand All @@ -386,7 +386,7 @@ func ClusterRoleBindings(dot *helmette.Dot) []rbacv1.ClusterRoleBinding {
}

if values.Scope == Namespace && values.RBAC.CreateRPKBundleCRs {
binding = append(binding, rbacv1.ClusterRoleBinding{
binding = append(binding, &rbacv1.ClusterRoleBinding{
TypeMeta: metav1.TypeMeta{
APIVersion: "rbac.authorization.k8s.io/v1",
Kind: "ClusterRoleBinding",
Expand All @@ -411,7 +411,7 @@ func ClusterRoleBindings(dot *helmette.Dot) []rbacv1.ClusterRoleBinding {
})
}

return append(binding, rbacv1.ClusterRoleBinding{
return append(binding, &rbacv1.ClusterRoleBinding{
TypeMeta: metav1.TypeMeta{
APIVersion: "rbac.authorization.k8s.io/v1",
Kind: "ClusterRoleBinding",
Expand All @@ -436,14 +436,14 @@ func ClusterRoleBindings(dot *helmette.Dot) []rbacv1.ClusterRoleBinding {
})
}

func Roles(dot *helmette.Dot) []rbacv1.Role {
func Roles(dot *helmette.Dot) []*rbacv1.Role {
values := helmette.Unwrap[Values](dot.Values)

if !values.RBAC.Create {
return nil
}

role := []rbacv1.Role{
role := []*rbacv1.Role{
{
TypeMeta: metav1.TypeMeta{
APIVersion: "rbac.authorization.k8s.io/v1",
Expand Down Expand Up @@ -485,7 +485,7 @@ func Roles(dot *helmette.Dot) []rbacv1.Role {
}

if values.Scope == Namespace {
role = append(role, rbacv1.Role{
role = append(role, &rbacv1.Role{
TypeMeta: metav1.TypeMeta{
APIVersion: "rbac.authorization.k8s.io/v1",
Kind: "Role",
Expand Down Expand Up @@ -689,14 +689,14 @@ func Roles(dot *helmette.Dot) []rbacv1.Role {
return role
}

func RoleBindings(dot *helmette.Dot) []rbacv1.RoleBinding {
func RoleBindings(dot *helmette.Dot) []*rbacv1.RoleBinding {
values := helmette.Unwrap[Values](dot.Values)

if !values.RBAC.Create {
return nil
}

binding := []rbacv1.RoleBinding{
binding := []*rbacv1.RoleBinding{
{
TypeMeta: metav1.TypeMeta{
APIVersion: "rbac.authorization.k8s.io/v1",
Expand Down Expand Up @@ -748,7 +748,7 @@ func RoleBindings(dot *helmette.Dot) []rbacv1.RoleBinding {
}

if values.Scope == Namespace {
binding = append(binding, rbacv1.RoleBinding{
binding = append(binding, &rbacv1.RoleBinding{
TypeMeta: metav1.TypeMeta{
APIVersion: "rbac.authorization.k8s.io/v1",
Kind: "RoleBinding",
Expand Down
2 changes: 1 addition & 1 deletion charts/redpanda/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ dependencies:

icon: https://images.ctfassets.net/paqvtpyf8rwu/3cYHw5UzhXCbKuR24GDFGO/73fb682e6157d11c10d5b2b5da1d5af0/skate-stand-panda.svg
sources:
- https://github.com/redpanda-data/helm-charts
- https://github.com/redpanda-data/redpanda-operator/charts
annotations:
artifacthub.io/license: Apache-2.0
artifacthub.io/links: |
Expand Down
1 change: 1 addition & 0 deletions go.work
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ use (
./charts
./harpoon
./licenseupdater
./nightly-malformer
./operator
./pkg
./pkg/gotohelm/testdata/src/example
Expand Down
Loading