Allow patching default Helm values

[janpieper]

Description

Problem

The default value for the nginx_values local is based on a ton of locals and variables:

terraform-hcloud-kube-hetzner/locals.tf

Lines 546 to 574 in dbcf426

	nginx_values = var.nginx_values != "" ? var.nginx_values : <<EOT
	controller:
	watchIngressWithoutClass: "true"
	kind: "Deployment"
	replicaCount: ${local.ingress_replica_count}
	config:
	"use-forwarded-headers": "true"
	"compute-full-forwarded-for": "true"
	"use-proxy-protocol": "${!local.using_klipper_lb}"
	%{if !local.using_klipper_lb~}
	service:
	annotations:
	"load-balancer.hetzner.cloud/name": "${local.load_balancer_name}"
	"load-balancer.hetzner.cloud/use-private-ip": "true"
	"load-balancer.hetzner.cloud/disable-private-ingress": "true"
	"load-balancer.hetzner.cloud/disable-public-network": "${var.load_balancer_disable_public_network}"
	"load-balancer.hetzner.cloud/ipv6-disabled": "${var.load_balancer_disable_ipv6}"
	"load-balancer.hetzner.cloud/location": "${var.load_balancer_location}"
	"load-balancer.hetzner.cloud/type": "${var.load_balancer_type}"
	"load-balancer.hetzner.cloud/uses-proxyprotocol": "${!local.using_klipper_lb}"
	"load-balancer.hetzner.cloud/algorithm-type": "${var.load_balancer_algorithm_type}"
	"load-balancer.hetzner.cloud/health-check-interval": "${var.load_balancer_health_check_interval}"
	"load-balancer.hetzner.cloud/health-check-timeout": "${var.load_balancer_health_check_timeout}"
	"load-balancer.hetzner.cloud/health-check-retries": "${var.load_balancer_health_check_retries}"
	%{if var.lb_hostname != ""~}
	"load-balancer.hetzner.cloud/hostname": "${var.lb_hostname}"
	%{endif~}
	%{endif~}
	EOT

Same goes for haproxy_values and traefik_values, etc.

To add a custom value, I am currently forced to copy the default value to my Terraform code, which could then cause inconsistencies when I change e.g. load_balancer_algorithm_type but forget to also update my custom nginx_values.

Example

module "kube-hetzner" {
  # ...

  load_balancer_algorithm_type = "least_connections"

  nginx_values = <<EOT
# ...
service:
  annotations:
    "load-balancer.hetzner.cloud/algorithm-type": "round_robin"
# ...
  EOT

  # ...
}

As you can see load_balancer_algorithm_type is set to least_connections, but the load-balancer.hetzner.cloud/algorithm-type annotation is set to round_robin.

To avoid this, one can add a local and use it for the module-variable and for the custom nginx_value:

locals {
  load_balancer_algorithm_type = "least_connections"
}

module "kube-hetzner" {
  # ...

  load_balancer_algorithm_type = local.load_balancer_algorithm_type

  nginx_values = <<EOT
# ...
service:
  annotations:
    "load-balancer.hetzner.cloud/algorithm-type": "${local.load_balancer_algorithm_type}"
# ...
  EOT

  # ...
}

That works, but it's quite some work, because tons of variables are used and they also use some locals that are based on calculations:

terraform-hcloud-kube-hetzner/locals.tf

Line 230 in dbcf426

using_klipper_lb = var.enable_klipper_metal_lb || local.is_single_node_cluster

terraform-hcloud-kube-hetzner/locals.tf

Line 233 in dbcf426

load_balancer_name = "${var.cluster_name}-${var.ingress_controller}"

Idea

It would be cool to have a way to add custom options to the default values (e.g. some kind of merging strategy?) without being forced to copy the default value.

[mysticaltech]

@janpieper Makes me think of kustomizations, it uses that kind of merging strategies. Have a look and PRs are most welcome 🙏