Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Handle unknowns in Helm Release #2822

Merged
merged 8 commits into from
Feb 16, 2024
Merged

Handle unknowns in Helm Release #2822

merged 8 commits into from
Feb 16, 2024

Conversation

EronWright
Copy link
Contributor

@EronWright EronWright commented Feb 14, 2024
edited
Loading

Proposed changes

This PR improves support for preview mode in the Helm Release, specifically the handling of unknown inputs.

The specific improvements are:

  1. Ensure that the Helm provider handles the RPC requests (Check, Diff, Create, Update, and Read); previously, when unknowns were present, the kube provider itself handled some requests (with undefined behavior, see Helm Release skips preview logic during Update #2679).
  2. When decoding the inputs into an internal Release struct for further processing, render the unknown values as null. Previously, decodeRelease would panic.
  3. When encoding the Release back to a property map, recover the unknownness of the properties.
  4. In Check, perform the roundtrip of inputs-to-Release-to-outputs in all cases. This has the effect of stabilizing the checked inputs.
  5. In Diff, detect the edge case of a property becoming a computed value.
  6. In preview mode, emit unknown values for the output-only properties status and resourceNames.

Some focus areas for testing:

  1. Roundtrip of unknown properties, e.g. description.
  2. Roundtrip of unknown values in the values property.
  3. Handling of an unknown name (i.e. the release name), which should cause replacement.
  4. Cluster-unreachable mode, including skip-update. The main provider handled some of the logic.
  5. Handling of values.yaml files.

Note: the handling of unknowns works best with allowNullValues: true.

Related issues (optional)

Closes #2660
Closes #2679

Demos

Based on the following program:

import * as pulumi from "@pulumi/pulumi";
import * as kubernetes from "@pulumi/kubernetes";
import * as random from "@pulumi/random";
import {FileAsset} from "@pulumi/pulumi/asset";

const someNamespace = new kubernetes.core.v1.Namespace('some-namespace', {
    metadata: {
        name: 'some-namespace'
    }
});

const name = new random.RandomString("name", {length: 8, special: false, upper: false, numeric: false});
const desc = new random.RandomString("desc", {length: 200, special: false});
const replicas = new random.RandomInteger("replicas", {min: 1, max: 5});

const release = new kubernetes.helm.v3.Release('some-chart', {
    allowNullValues: true,
    chart: pulumi.secret('oci://ghcr.io/dirien/charts/minecraft-exporter'),
    version: '0.11.1',
    name: name.result,
    namespace: someNamespace.metadata.name,
    description: pulumi.secret(desc.result),
    values: {
        replicaCount: replicas.result,
        dsd: 1,
        sds: 12,
    },
    valueYamlFiles: [new FileAsset("./metrics.yml")],
}, {});

export const helmChart = release.chart;
export const helmDescription = release.description;
export const helmStatus = release.status;

With metrics.yml:

metrics:
  enabled: true

Unknown Properties

In this case, the description (which was marked as a secret) is changing to an unknown value.

p up --replace 'urn:pulumi:dev2::issue-2660::random:index/randomString:RandomString::desc' --diff

Before:

    ~ kubernetes:helm.sh/v3:Release: (update)
        [id=some-namespace/oazlcjeb]
        [urn=urn:pulumi:dev2::issue-2660::kubernetes:helm.sh/v3:Release::some-chart]
        [provider=urn:pulumi:dev2::issue-2660::pulumi:providers:kubernetes::default_4_7_1::cf17d60b-0012-426e-85fe-d88f741df5bf]
      - apiVersion              : <null>
      + compat                  : "true"
      - createNamespace         : false
      - dependencyUpdate        : false
      ~ description             : [secret] => output<string>
      - devel                   : false
      - disableCRDHooks         : false
      - disableOpenapiValidation: false
      - disableWebhooks         : false
      - forceUpdate             : false
      - keyring                 : ""
      - kind                    : <null>
      - lint                    : false
      - postrender              : ""
      - recreatePods            : false
      - renderSubchartNotes     : false
      - replace                 : false
      - resetValues             : false
      - reuseValues             : false
      - skipAwait               : false
      - skipCrds                : false
      + valueYamlFiles          : [
      +     [0]: asset(file:88220c0) { /Users/eronwright/Pulumi/pulumi-hacking/kubernetes/issue-2660/metrics.yml }
        ]
      ~ values                  : {
          - metrics: {
              - enabled: true
            }
        }
      - verify                  : false
      - waitForJobs             : false

After:

    ~ kubernetes:helm.sh/v3:Release: (update)
        [id=some-namespace/oazlcjeb]
        [urn=urn:pulumi:dev2::issue-2660::kubernetes:helm.sh/v3:Release::some-chart]
        [provider=urn:pulumi:dev2::issue-2660::pulumi:providers:kubernetes::default_4_7_1::cf17d60b-0012-426e-85fe-d88f741df5bf]
      ~ description: [secret] => output<string>

Unknown Values

p up --replace 'urn:pulumi:dev2::issue-2660::random:index/randomInteger:RandomInteger::replicas' --diff

Before:

    ~ kubernetes:helm.sh/v3:Release: (update)
        [id=some-namespace/oazlcjeb]
        [urn=urn:pulumi:dev2::issue-2660::kubernetes:helm.sh/v3:Release::some-chart]
        [provider=urn:pulumi:dev2::issue-2660::pulumi:providers:kubernetes::default_4_7_1::cf17d60b-0012-426e-85fe-d88f741df5bf]
      - apiVersion              : <null>
      - atomic                  : false
      - cleanupOnFail           : false
      + compat                  : "true"
      - createNamespace         : false
      - dependencyUpdate        : false
      - devel                   : false
      - disableCRDHooks         : false
      - disableOpenapiValidation: false
      - disableWebhooks         : false
      - forceUpdate             : false
      - keyring                 : ""
      - kind                    : <null>
      - lint                    : false
      - postrender              : ""
      - recreatePods            : false
      - renderSubchartNotes     : false
      - replace                 : false
      - resetValues             : false
      - reuseValues             : false
      - skipAwait               : false
      - skipCrds                : false
      + valueYamlFiles          : [
      +     [0]: asset(file:88220c0) { ./metrics.yml }
        ]
      ~ values                  : {
          - metrics     : {
              - enabled: true
            }
          ~ replicaCount: 3 => output<string>
        }
      - verify                  : false
      - waitForJobs             : false

After:

    ~ kubernetes:helm.sh/v3:Release: (update)
        [id=some-namespace/oazlcjeb]
        [urn=urn:pulumi:dev2::issue-2660::kubernetes:helm.sh/v3:Release::some-chart]
        [provider=urn:pulumi:dev2::issue-2660::pulumi:providers:kubernetes::default_4_7_1::cf17d60b-0012-426e-85fe-d88f741df5bf]
      ~ values: {
          ~ replicaCount: 3 => output<string>
        }

Unknown Release Name

In this case, we expect replacement because the release name is changing.

p up --replace 'urn:pulumi:dev2::issue-2660::random:index/randomString:RandomString::name' --diff

Before:

    ~ kubernetes:helm.sh/v3:Release: (update)
        [id=some-namespace/oazlcjeb]
        [urn=urn:pulumi:dev2::issue-2660::kubernetes:helm.sh/v3:Release::some-chart]
        [provider=urn:pulumi:dev2::issue-2660::pulumi:providers:kubernetes::default_4_7_1::cf17d60b-0012-426e-85fe-d88f741df5bf]
      - apiVersion              : <null>
      + compat                  : "true"
      - createNamespace         : false
      - dependencyUpdate        : false
      - devel                   : false
      - disableCRDHooks         : false
      - disableOpenapiValidation: false
      - disableWebhooks         : false
      - forceUpdate             : false
      - keyring                 : ""
      - kind                    : <null>
      - lint                    : false
      ~ name                    : "oazlcjeb" => output<string>
      - postrender              : ""
      - recreatePods            : false
      - renderSubchartNotes     : false
      - replace                 : false
      - resetValues             : false
      - reuseValues             : false
      - skipAwait               : false
      - skipCrds                : false
      + valueYamlFiles          : [
      +     [0]: asset(file:88220c0) { /Users/eronwright/Pulumi/pulumi-hacking/kubernetes/issue-2660/metrics.yml }
        ]
      ~ values                  : {
          - metrics: {
              - enabled: true
            }
        }
      - verify                  : false
      - waitForJobs             : false

After:

    +-kubernetes:helm.sh/v3:Release: (replace)
        [id=some-namespace/oazlcjeb]
        [urn=urn:pulumi:dev2::issue-2660::kubernetes:helm.sh/v3:Release::some-chart]
        [provider=urn:pulumi:dev2::issue-2660::pulumi:providers:kubernetes::default_4_7_1::cf17d60b-0012-426e-85fe-d88f741df5bf]
      ~ name: "oazlcjeb" => output<string>

@EronWright EronWright requested review from rquitales and lblackstone and removed request for rquitales February 14, 2024 19:02
@EronWright EronWright added this to the 0.100 milestone Feb 14, 2024
@github-actions GitHub Actions
Copy link

Does the PR have any schema changes?

Looking good! No breaking changes found.
No new resources/functions.

@codecov Codecov
Copy link

codecov bot commented Feb 14, 2024
edited
Loading

Codecov Report

Attention: 43 lines in your changes are missing coverage. Please review.

Comparison is base (6370a3b) 24.64% compared to head (8da7d25) 25.48%.
Report is 1 commits behind head on master.

Files Patch % Lines
provider/pkg/provider/helm_release.go 0.00% 28 Missing ⚠️
provider/pkg/provider/provider.go 42.30% 14 Missing and 1 partial ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #2822      +/-   ##
==========================================
+ Coverage   24.64%   25.48%   +0.84%     
==========================================
  Files          48       48              
  Lines        9710     7526    -2184     
==========================================
- Hits         2393     1918     -475     
+ Misses       7160     5450    -1710     
- Partials      157      158       +1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@EronWright EronWright mentioned this pull request Feb 14, 2024
Closed
lblackstone
lblackstone approved these changes Feb 15, 2024
View reviewed changes
Copy link
Member

@lblackstone lblackstone left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a few small comments. This looks great, overall!

provider/pkg/provider/helm_release.go Outdated Show resolved Hide resolved
provider/pkg/provider/provider.go Outdated Show resolved Hide resolved
provider/pkg/provider/util.go Show resolved Hide resolved
provider/pkg/provider/util.go Outdated Show resolved Hide resolved
rquitales
rquitales approved these changes Feb 16, 2024
View reviewed changes
Copy link
Contributor

@rquitales rquitales left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@EronWright EronWright merged commit aea60a1 into master Feb 16, 2024
20 checks passed
@EronWright EronWright deleted the eronwright/issue-2660 branch February 16, 2024 18:19
lumiere-bot bot added a commit to coolguy1771/home-ops that referenced this pull request Feb 24, 2024
@lumiere-bot
fix(deps): update @pulumi/kubernetes to 4.8.0 (#4253)
50c1843 
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [@pulumi/kubernetes](https://pulumi.com)
([source](https://togithub.com/pulumi/pulumi-kubernetes)) | dependencies
| minor | [`4.7.1` ->
`4.8.0`](https://renovatebot.com/diffs/npm/@pulumi%2fkubernetes/4.7.1/4.8.0)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>pulumi/pulumi-kubernetes (@&#8203;pulumi/kubernetes)</summary>

###
[`v4.8.0`](https://togithub.com/pulumi/pulumi-kubernetes/blob/HEAD/CHANGELOG.md#480-February-22-2024)

[Compare
Source](https://togithub.com/pulumi/pulumi-kubernetes/compare/v4.7.1...v4.8.0)

- Fix DiffConfig issue when when provider's kubeconfig is set to file
path
([pulumi/pulumi-kubernetes#2771)
- Fix for replacement having incorrect status messages
([pulumi/pulumi-kubernetes#2810)
- Use output properties for await logic
([pulumi/pulumi-kubernetes#2790)
- Support for metadata.generateName (CSA)
([pulumi/pulumi-kubernetes#2808)
- Fix unmarshalling of Helm values yaml file
([pulumi/pulumi-kubernetes#2815)
- Handle unknowns in Helm Release resource
([pulumi/pulumi-kubernetes#2822)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://togithub.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yMTAuMCIsInVwZGF0ZWRJblZlciI6IjM3LjIxMC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: lumiere-bot[bot] <98047013+lumiere-bot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rquitales rquitales rquitales approved these changes

@lblackstone lblackstone lblackstone approved these changes

Assignees

@EronWright EronWright

Labels
None yet
Projects
None yet
Milestone
0.100
Development

Successfully merging this pull request may close these issues.

Helm Release skips preview logic during Update Helm Release shows spurious diff when inputs are unknown
3 participants
@EronWright @lblackstone @rquitales