helmCharts doesn't support --include-crds

[drivelikebrazil]

Just to add onto the chain for #3816 and #3815:

The new Helm chart inflator implementation should provide a way to set the --include-crds flag for the helm template step

[monopole]

Can you add some more justification for this? Does helm squash crds by default?

See also #3815 (comment)

[ChristianCiach]

I think the CRDs are just part of the helm chart and should not be omitted. When you execute helm install, helm will also install the CRDs if they are not already present.

Our CI pipeline takes a single kustomization.yaml as input and outputs a single kubernetes manifest (as a single file) that must include everything that is necessary to deploy the application. For this example, we try to deploy Traefik. Obviously, Traefik (when using the IngressRoute provider) doesn't work without CRDs, so there is currently no way to build a complete kubernetes manifest using Kustomize when using helm charts as sources.

By the way, our CI system is not connected to the internet. The chart file charts/traefik-9.18.3.tgz is committed to the repo, so there are no security implications to consider.

[ChristianCiach]

I tried to use helmChartInflationGenerator instead, but the extraArgs seem to be ignored completely:

helmChartInflationGenerator:
- chartName: traefik
  #valuesInline: {}
  releaseName: traefik
  chartVersion: 9.18.3
  chartRepoUrl: https://helm.traefik.io/traefik
  extraArgs: 
    - '--include-crds'

No matter what I specify as extraArgs, there is no error.

Using kustomize v4.1.2 and Helm v3.5.4.

EDIT: Sorry, I've just noticed that extraArgs is ignored intentionally, according to the release notes.

[drivelikebrazil]

Helm v3 changed how CRDs are installed. Helm v3 charts now have a crds directory that helm applies when you run helm install. Since they are applied as-is and not templated, helm template doesn't generate them unless you use the new --install-crds flag that adds them to the templated output.

See helm docs: https://helm.sh/docs/chart_best_practices/custom_resource_definitions/

[KnVerey]

Under what circumstances will folks using these charts via Kustomize (so not running helm install) want to exclude CRDs that the chart includes? In other words, do we need to expose the option to enable them, or do we just need to enable them globally in the generator?

[dmizelle]

hey @monopole, thinking about submitting a PR for this. saw on the contributor's guide for kustomize that the process was to e-mail sig-cli and join the biweekly Zoom call. For something like this that's not a big feature, would you still like me to do that? Or is it safe to submit the PR and have the review / discussion happen there?

[dmizelle]

@KnVerey -- I was thinking about having it set to false by default, just so when / if we enable this, it doesn't cause surprises for users. It'd be a new field on the HelmChart struct so that users can set it like:

apiVersion: builtin
kind: HelmChartInflationGenerator
metadata:
  name: argo-applicationset
name: argo-applicationset
version: 3.1.3
repo: https://argoproj.github.io/argo-helm
releaseName: octopus
includeCRDs: true # <--- here
valuesInline:
  pspEnabled: false
  serviceAccount:
    create: false

Thoughts?

[dmizelle]

/assign

[dmizelle]

Opened up #3898 . If you'd like me to go through the more formal process for this, please let me know! I have some further comments in here.

[hans-d]

Seeing that #3898 has been merged in late may, and the (current) latest release kustomize/v4.1.3
was released this on 20 May (just 8 days before the merge): when can we expect a new release that includes this?

[natasha41575]

@hans-d We are trying to do a release this week. Fingers crossed that it goes well!

[natasha41575]

I am also closing this issue because #3898 has been merged.

[rkulow]

Is there already any update on when this feature will be released or what release number will contain it?

[natasha41575]

The most recent release should have the feature (v4.2.0).

[rkulow]

All right, thanks - I was just wondering because the release notes didn't say anything specifically about this feature.

[natasha41575]

api/v0.8.11 has a release note about it and kustomize v4.2.0 has a release note that it depends on api v0.8.11. This is very confusing and unintuitive so I don't blame you for not seeing it, we are hoping to improve our release process.