Add a Helm chart for the operator deployment

[liyinan926]

No description provided.

[skonto]

Should be added here: https://github.com/kubernetes/charts?

[liyinan926]

Yeah, it could potentially be the place. I guess it will start as an incubator chart?

[skonto]

Ok will have a look, thanx.

[yuchaoran2011]

A PR is now available at Kubernetes charts repo.

[liyinan926]

Thanks, @yuchaoran2011!

[mrow4a]

It would be interesting to use sth like this for webhooks https://github.com/kubernetes/charts/blob/37bf2e2867a124219ce844fd9645fd8f73816583/stable/dex/templates/job.yaml in future Helm Chart. Thoughts?

[liyinan926]

@mrow4a Just saw your comment on using a Job to generate the certificate. I like the idea. @yuchaoran2011 it would be awesome if you can add it into your PR. Thanks!

[yuchaoran2011]

@liyinan926 Ah that's a good idea! I'm on vacation now but I'll update the PR when I'm back.

[mrow4a]

@liyinan926 I can also try to figure that out - lets maybe merge what is there first, the other PR is already quite fat.

[mrow4a]

@yuchaoran2011 perfect!

[mrow4a]

@liyinan926 In fact we can add it as another YAML in manifest right?

[liyinan926]

@mrow4a @yuchaoran2011

I can also try to figure that out - lets maybe merge what is there first, the other PR is already quite fat.

Sounds good.

In fact we can add it as another YAML in manifest right?

Yes, I think so.

[yuchaoran2011]

@mrow4a @liyinan926 Now I have a Docker image that bundles a customized version of gencerts.sh. Then I define a k8s Job in YAML that runs the custom gencerts.sh to generate and install the secret. But the problem is that Helm does not enforce a particular order in which the YAML files are applied, so k8s resources that require the webhook secret can be applied before the secret is created, causing a failure in the chart installation process. I tried making the Job a pre-install hook. But that didn't work because the Job relies on the sparkoperator serviceAccount defined in another YAML file (it uses the token corresponding to the serviceAccount to talk to the API server to install the secret). Any suggestions how I should approach this issue?

[mrow4a]

@yuchaoran2011 I think it has to somehow, since you cannot e.g. create spark operator without e.g. sparkoperator namespace. Could you share your progress (changed files) so we could review (WIP)?

[yuchaoran2011]

@mrow4a Sure. I'll clean up things and make a PR today for you guys to review.

[yuchaoran2011]

@mrow4a @liyinan926 The PR is now ready. I also made changes to the Helm chart PR. Please review both places when you get time. Thanks!

[yuchaoran2011]

@liyinan926 Now that the PR is merged, would you want me to update the operator doc to point to the chart as the way to install? Do we still want to keep the /manifest directory?

[liyinan926]

Yes, plase open a PR to update the doc. Thanks! Let's keep the manifest/ directory for now.