reimplement list of kustomizations to avoid conflicts between two way…

…s to do it Signed-off-by: Daniel Werdermann <daniel.werdermann@gmail.com>
fluxcd-community · Dec 23, 2021 · d59d3bd · d59d3bd
1 parent a3cad31
commit d59d3bd
Show file tree

Hide file tree

Showing 7 changed files with 71 additions and 138 deletions.
diff --git a/.github/workflows/e2e-sync.yaml b/.github/workflows/e2e-sync.yaml
@@ -40,10 +40,10 @@ jobs:
           --create-namespace \
           --set gitRepository.spec.url=https://github.com/stefanprodan/podinfo.git \
           --set gitRepository.spec.ref.branch=master \
-          --set kustomization.spec.path=kustomize \
-          --set kustomization.spec.targetNamespace=podinfo \
-          --set kustomization.spec.wait=true \
-          --set kustomization.spec.timeout=2m
+          --set kustomizations[0].spec.path=kustomize \
+          --set kustomizations[0].spec.targetNamespace=podinfo \
+          --set kustomizations[0].spec.wait=true \
+          --set kustomizations[0].spec.timeout=2m
       - name: Check sync
         run: |
           flux reconcile kustomization podinfo --with-source --namespace podinfo

diff --git a/charts/flux2-sync/Chart.yaml b/charts/flux2-sync/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
 name: flux2-sync
-version: 0.3.6
+version: 0.4.0
 
 description: A Helm chart for flux2 GitRepository to sync with
 sources:

diff --git a/charts/flux2-sync/README.md b/charts/flux2-sync/README.md
@@ -1,6 +1,6 @@
 # flux2-sync
 
-![Version: 0.3.6](https://img.shields.io/badge/Version-0.3.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
+![Version: 0.4.0](https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
 
 A Helm chart for flux2 GitRepository to sync with
 
@@ -25,23 +25,22 @@ This helm chart is maintain and released by the fluxcd-community on a best effor
 | gitRepository.spec.timeout | string | `""` | (Optional) The timeout for remote Git operations like cloning, defaults to 20s. |
 | gitRepository.spec.url | string | `""` | The repository URL, can be an HTTP/S or SSH address. |
 | gitRepository.spec.verify | object | `{}` | (Optional) Verify OpenPGP signature for the Git commit HEAD points to. |
-| kustomization.spec.decryption | object | `{}` | (Optional) Decrypt Kubernetes secrets before applying them on the cluster. |
-| kustomization.spec.dependsOn | list | `[]` | (Optional) DependsOn may contain a dependency.CrossNamespaceDependencyReference slice with references to Kustomization resources that must be ready before this Kustomization can be reconciled. |
-| kustomization.spec.force | bool | `false` | (Optional) Force instructs the controller to recreate resources when patching fails due to an immutable field change. Defaults to false. |
-| kustomization.spec.healthChecks | list | `[]` | (Optional) A list of resources to be included in the health assessment. |
-| kustomization.spec.images | list | `[]` | (Optional) Images is a list of (image name, new name, new tag or digest) for changing image names, tags or digests. This can also be achieved with a patch, but this operator is simpler to specify. |
-| kustomization.spec.interval | string | `"5m"` | The interval at which to reconcile the Kustomization. |
-| kustomization.spec.kubeConfig | object | `{}` | (Optional) The KubeConfig for reconciling the Kustomization on a remote cluster. When specified, KubeConfig takes precedence over ServiceAccountName. |
-| kustomization.spec.patches | list | `[]` | (Optional) Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting objects based on kind, label and annotation selectors. |
-| kustomization.spec.path | string | `""` | (Optional) Path to the directory containing the kustomization.yaml file, or the set of plain YAMLs a kustomization.yaml should be generated for. Defaults to ‘None’, which translates to the root path of the SourceRef. |
-| kustomization.spec.postBuild | object | `{}` | (Optional) PostBuild describes which actions to perform on the YAML manifest generated by building the kustomize overlay. |
-| kustomization.spec.prune | bool | `true` | Prune enables garbage collection. Defaults to true. |
-| kustomization.spec.retryInterval | string | `""` | (Optional) The interval at which to retry a previously failed reconciliation. When not specified, the controller uses the KustomizationSpec.Interval value to retry failures. |
-| kustomization.spec.serviceAccountName | string | `""` | (Optional) The name of the Kubernetes service account to impersonate when reconciling this Kustomization. |
-| kustomization.spec.suspend | string | `""` | (Optional) This flag tells the controller to suspend subsequent kustomize executions, it does not apply to already started executions. Defaults to false. |
-| kustomization.spec.targetNamespace | string | `""` | (Optional) TargetNamespace sets or overrides the namespace in the kustomization.yaml file. |
-| kustomization.spec.timeout | string | `""` | (Optional) Timeout for validation, apply and health checking operations. Defaults to ‘Interval’ duration |
-| kustomization.spec.wait | bool | `false` | (Optional) Wait instructs the controller to check the health of all the reconciled resources. When enabled, the HealthChecks are ignored. Defaults to false. |
-| kustomizationlist | object | `{}` | (Optional) If you want multiple subdirectories which depend on each other in the same repo. Their name is derived from their path. |
+| kustomizations[0].spec.decryption | object | `{}` | (Optional) Decrypt Kubernetes secrets before applying them on the cluster. |
+| kustomizations[0].spec.dependsOn | list | `[]` | (Optional) DependsOn may contain a dependency.CrossNamespaceDependencyReference slice with references to Kustomization resources that must be ready before this Kustomization can be reconciled. |
+| kustomizations[0].spec.force | bool | `false` | (Optional) Force instructs the controller to recreate resources when patching fails due to an immutable field change. Defaults to false. |
+| kustomizations[0].spec.healthChecks | list | `[]` | (Optional) A list of resources to be included in the health assessment. |
+| kustomizations[0].spec.images | list | `[]` | (Optional) Images is a list of (image name, new name, new tag or digest) for changing image names, tags or digests. This can also be achieved with a patch, but this operator is simpler to specify. |
+| kustomizations[0].spec.interval | string | `"5m"` | The interval at which to reconcile the Kustomization. |
+| kustomizations[0].spec.kubeConfig | object | `{}` | (Optional) The KubeConfig for reconciling the Kustomization on a remote cluster. When specified, KubeConfig takes precedence over ServiceAccountName. |
+| kustomizations[0].spec.patches | list | `[]` | (Optional) Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting objects based on kind, label and annotation selectors. |
+| kustomizations[0].spec.path | string | `""` | (Optional) Path to the directory containing the kustomization.yaml file, or the set of plain YAMLs a kustomization.yaml should be generated for. Defaults to ‘None’, which translates to the root path of the SourceRef. |
+| kustomizations[0].spec.postBuild | object | `{}` | (Optional) PostBuild describes which actions to perform on the YAML manifest generated by building the kustomize overlay. |
+| kustomizations[0].spec.prune | bool | `true` | Prune enables garbage collection. Defaults to true. |
+| kustomizations[0].spec.retryInterval | string | `""` | (Optional) The interval at which to retry a previously failed reconciliation. When not specified, the controller uses the KustomizationSpec.Interval value to retry failures. |
+| kustomizations[0].spec.serviceAccountName | string | `""` | (Optional) The name of the Kubernetes service account to impersonate when reconciling this Kustomization. |
+| kustomizations[0].spec.suspend | string | `""` | (Optional) This flag tells the controller to suspend subsequent kustomize executions, it does not apply to already started executions. Defaults to false. |
+| kustomizations[0].spec.targetNamespace | string | `""` | (Optional) TargetNamespace sets or overrides the namespace in the kustomization.yaml file. |
+| kustomizations[0].spec.timeout | string | `""` | (Optional) Timeout for validation, apply and health checking operations. Defaults to ‘Interval’ duration |
+| kustomizations[0].spec.wait | bool | `false` | (Optional) Wait instructs the controller to check the health of all the reconciled resources. When enabled, the HealthChecks are ignored. Defaults to false. |
 | secret.create | bool | `false` | Create a secret for the git repository. Defaults to false. |
 | secret.data | object | `{}` | Data of the secret. For HTTPS repositories the secret must contain username and password fields. For SSH repositories the secret must contain identity, identity.pub and known_hosts fields. Values will be encoded to base64 by the helm chart. |
diff --git a/charts/flux2-sync/templates/_helpers.tpl b/charts/flux2-sync/templates/_helpers.tpl
@@ -1,3 +1,3 @@
 {{- define "pathToKustomizationName" -}}
-{{ print .releasename "-" ( regexReplaceAll "\\W+" (clean .pathtoconvert ) "-" ) }}
+{{ print "flux-kustomization-" ( regexReplaceAll "\\W+" (clean .pathtoconvert ) "-" | sha256sum | trunc 10  ) }}
 {{- end -}}
diff --git a/charts/flux2-sync/templates/kustomization.yaml b/charts/flux2-sync/templates/kustomization.yaml
@@ -1,68 +1,4 @@
-{{- if .Values.kustomization }}
-apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
-kind: Kustomization
-metadata:
-  labels:
-    app.kubernetes.io/instance: {{ .Release.Namespace | quote }}
-    app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
-    app.kubernetes.io/part-of: flux
-    helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-  name:  {{ .Release.Name }}
-  namespace: {{ .Release.Namespace }}
-spec:
-  {{- with .Values.kustomization.spec.dependsOn }}
-  dependsOn: {{ toYaml . | nindent 4 }}
-  {{- end }}
-  {{- with .Values.kustomization.spec.decryption }}
-  decryption: {{ toYaml . | nindent 4 }}
-  {{- end }}
-  interval: {{ .Values.kustomization.spec.interval }}
-  {{- if .Values.kustomization.spec.retryInterval }}
-  retryInterval: {{ .Values.kustomization.spec.retryInterval }}
-  {{- end }}
-  {{- if .Values.kustomization.spec.kubeConfig }}
-  kubeConfig: {{ toYaml . | nindent 4 }}
-  {{- end }}
-  {{- if .Values.kustomization.spec.path }}
-  path: {{ .Values.kustomization.spec.path }}
-  {{- end }}
-  {{- with .Values.kustomization.spec.postBuild }}
-  postBuild: {{ toYaml . | nindent 4 }}
-  {{- end }}
-  prune: {{ .Values.kustomization.spec.prune }}
-  {{- with .Values.kustomization.spec.healthChecks }}
-  healthChecks: {{ toYaml . | nindent 4 }}
-  {{- end }}
-  {{- with .Values.kustomization.spec.patches }}
-  patches: {{ toYaml . | nindent 4 }}
-  {{- end }}
-  {{- with .Values.kustomization.spec.images }}
-  images: {{ toYaml . | nindent 4 }}
-  {{- end }}
-  {{- if .Values.kustomization.spec.serviceAccountName }}
-  serviceAccountName: {{ .Values.kustomization.spec.serviceAccountName }}
-  {{- end }}
-  sourceRef:
-    kind: GitRepository
-    name: {{ .Release.Name }}
-  {{- if .Values.kustomization.spec.suspend }}
-  suspend: {{ .Values.kustomization.spec.suspend }}
-  {{- end }}
-  {{- if .Values.kustomization.spec.targetNamespace }}
-  targetNamespace: {{ .Values.kustomization.spec.targetNamespace }}
-  {{- end }}
-  {{- if .Values.kustomization.spec.timeout }}
-  timeout: {{ .Values.kustomization.spec.timeout }}
-  {{- end }}
-  {{- if .Values.kustomization.spec.force }}
-  force: {{ .Values.kustomization.spec.force }}
-  {{- end }}
-  {{- if .Values.kustomization.spec.wait }}
-  wait: {{ .Values.kustomization.spec.wait }}
-  {{- end }}
-{{- end }}
-{{- if .Values.kustomizationlist}}
-{{- range $key, $kust := .Values.kustomizationlist }}
+{{- range $key, $kust := .Values.kustomizations }}
 ---
 apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
 kind: Kustomization
@@ -129,4 +65,3 @@ spec:
   wait: {{ $kust.spec.wait }}
   {{- end }}
 {{- end }}
-{{- end }}
diff --git a/charts/flux2-sync/tests/__snapshot__/secret_test.yaml.snap b/charts/flux2-sync/tests/__snapshot__/secret_test.yaml.snap
@@ -10,7 +10,7 @@ should match snapshot of default values:
         app.kubernetes.io/instance: NAMESPACE
         app.kubernetes.io/managed-by: Helm
         app.kubernetes.io/part-of: flux
-        helm.sh/chart: flux2-sync-0.3.6
+        helm.sh/chart: flux2-sync-0.4.0
       name: RELEASE-NAME
       namespace: NAMESPACE
     type: Opaque
diff --git a/charts/flux2-sync/values.yaml b/charts/flux2-sync/values.yaml
@@ -48,69 +48,68 @@ gitRepository:
     include: []
 
 
-kustomization:
-  spec:
-    # -- (Optional) DependsOn may contain a dependency.CrossNamespaceDependencyReference slice with references to Kustomization resources that must be ready before this Kustomization can be reconciled.
-    dependsOn: []
+kustomizations:
+  - spec:
+      # -- (Optional) DependsOn may contain a dependency.CrossNamespaceDependencyReference slice with references to Kustomization resources that must be ready before this Kustomization can be reconciled.
+      dependsOn: []
 
-    # -- (Optional) Decrypt Kubernetes secrets before applying them on the cluster.
-    decryption: {}
+      # -- (Optional) Decrypt Kubernetes secrets before applying them on the cluster.
+      decryption: {}
 
-    # -- The interval at which to reconcile the Kustomization.
-    interval: 5m
+      # -- The interval at which to reconcile the Kustomization.
+      interval: 5m
 
-    # -- (Optional) The interval at which to retry a previously failed reconciliation. When not specified, the controller uses the KustomizationSpec.Interval value to retry failures.
-    retryInterval: ""
+      # -- (Optional) The interval at which to retry a previously failed reconciliation. When not specified, the controller uses the KustomizationSpec.Interval value to retry failures.
+      retryInterval: ""
 
-    # -- (Optional) The KubeConfig for reconciling the Kustomization on a remote cluster. When specified, KubeConfig takes precedence over ServiceAccountName.
-    kubeConfig: {}
+      # -- (Optional) The KubeConfig for reconciling the Kustomization on a remote cluster. When specified, KubeConfig takes precedence over ServiceAccountName.
+      kubeConfig: {}
 
-    # -- (Optional) Path to the directory containing the kustomization.yaml
-    # file, or the set of plain YAMLs a kustomization.yaml should
-    # be generated for. Defaults to ‘None’, which translates to
-    # the root path of the SourceRef.
-    path: ""
+      # -- (Optional) Path to the directory containing the kustomization.yaml
+      # file, or the set of plain YAMLs a kustomization.yaml should
+      # be generated for. Defaults to ‘None’, which translates to
+      # the root path of the SourceRef.
+      path: ""
 
-    # -- (Optional) PostBuild describes which actions to perform on the YAML manifest generated by building the kustomize overlay.
-    postBuild: {}
+      # -- (Optional) PostBuild describes which actions to perform on the YAML manifest generated by building the kustomize overlay.
+      postBuild: {}
 
-    # -- Prune enables garbage collection. Defaults to true.
-    prune: true
+      # -- Prune enables garbage collection. Defaults to true.
+      prune: true
 
-    # -- (Optional) A list of resources to be included in the health assessment.
-    healthChecks: []
+      # -- (Optional) A list of resources to be included in the health assessment.
+      healthChecks: []
 
-    # -- (Optional) Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting objects based on kind, label and annotation selectors.
-    patches: []
+      # -- (Optional) Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting objects based on kind, label and annotation selectors.
+      patches: []
 
-    # -- (Optional) Images is a list of (image name, new name, new tag or digest) for changing image names, tags or digests. This can also be achieved with a patch, but this operator is simpler to specify.
-    images: []
+      # -- (Optional) Images is a list of (image name, new name, new tag or digest) for changing image names, tags or digests. This can also be achieved with a patch, but this operator is simpler to specify.
+      images: []
 
-    # -- (Optional) The name of the Kubernetes service account to impersonate when reconciling this Kustomization.
-    serviceAccountName: ""
+      # -- (Optional) The name of the Kubernetes service account to impersonate when reconciling this Kustomization.
+      serviceAccountName: ""
 
-    # -- (Optional) This flag tells the controller to suspend subsequent kustomize executions, it does not apply to already started executions. Defaults to false.
-    suspend: ""
+      # -- (Optional) This flag tells the controller to suspend subsequent kustomize executions, it does not apply to already started executions. Defaults to false.
+      suspend: ""
 
-    # -- (Optional) TargetNamespace sets or overrides the namespace in the kustomization.yaml file.
-    targetNamespace: ""
+      # -- (Optional) TargetNamespace sets or overrides the namespace in the kustomization.yaml file.
+      targetNamespace: ""
 
-    # -- (Optional) Timeout for validation, apply and health checking operations. Defaults to ‘Interval’ duration
-    timeout: ""
+      # -- (Optional) Timeout for validation, apply and health checking operations. Defaults to ‘Interval’ duration
+      timeout: ""
 
-    # -- (Optional) Force instructs the controller to recreate resources when patching fails due to an immutable field change. Defaults to false.
-    force: false
+      # -- (Optional) Force instructs the controller to recreate resources when patching fails due to an immutable field change. Defaults to false.
+      force: false
 
-    # -- (Optional) Wait instructs the controller to check the health of all the reconciled resources. When enabled, the HealthChecks are ignored. Defaults to false.
-    wait: false
+      # -- (Optional) Wait instructs the controller to check the health of all the reconciled resources. When enabled, the HealthChecks are ignored. Defaults to false.
+      wait: false
 
-# -- (Optional) If you want multiple subdirectories which depend on each other in the same repo. Their name is derived from their path.
-kustomizationlist: {}
-# - spec:
-#     interval: 5m
-#     path: ./base
-#     prune: true
-#     timeout: 5m
+# Add more kustomizations, which depend on each other
+#  - spec:
+#      interval: 5m
+#      path: ./base
+#      prune: true
+#      timeout: 5m
 # - spec:
 #     dependsOn:
 #     - path: ./base