Skip to content

Commit

Permalink
Part of the fix for a flux app in failed install state, deleted via U…
Browse files Browse the repository at this point in the history 
…X, stays around in k8s flux HelmRelease CR #5577  (#5584)

fixed an inconsistency between GetInstalledPackageSummaries() and
GetInstalledPackageDetail() in one corner case.
Main fix is dependent on flux
fluxcd/helm-controller#554

There is only one small change to production code. The rest is
test-related code. Also,

+ added a few integration tests.
+ bump flux version in tests
+ fix for available package handling with flux in multi-tenant mode
#5541
  • Loading branch information
@gfichtenholt
gfichtenholt committed Nov 5, 2022
1 parent a3385a2 commit c160190
Show file tree
Hide file tree
Showing 15 changed files with 499 additions and 120 deletions.
1 change: 1 addition & 0 deletions chart/kubeapps/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -470,6 +470,7 @@ Once you have installed Kubeapps follow the [Getting Started Guide](https://gith
| `kubeappsapis.pluginConfig.kappController.packages.v1alpha1.globalPackagingNamespace` | Default global packaging namespace | `kapp-controller-packaging-global` |
| `kubeappsapis.pluginConfig.flux.packages.v1alpha1.defaultUpgradePolicy` | Default upgrade policy generating version constraints | `none` |
| `kubeappsapis.pluginConfig.flux.packages.v1alpha1.userManagedSecrets` | Default policy for handling repository secrets, either managed by the user or by kubeapps-apis | `false` |
| `kubeappsapis.pluginConfig.flux.packages.v1alpha1.noCrossNamespaceRefs` | Enable this flag to disallow cross-namespace references, useful when running Flux on multi-tenant clusters | `false` |
| `kubeappsapis.pluginConfig.resources.packages.v1alpha1.trustedNamespaces.headerName` | Optional header name for trusted namespaces | `""` |
| `kubeappsapis.pluginConfig.resources.packages.v1alpha1.trustedNamespaces.headerPattern` | Optional header pattern for trusted namespaces | `""` |
| `kubeappsapis.image.registry` | Kubeapps-APIs image registry | `docker.io` |
Expand Down
2 changes: 2 additions & 0 deletions chart/kubeapps/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1541,6 +1541,8 @@ kubeappsapis:
defaultUpgradePolicy: none
## @param kubeappsapis.pluginConfig.flux.packages.v1alpha1.userManagedSecrets Default policy for handling repository secrets, either managed by the user or by kubeapps-apis
userManagedSecrets: false
## @param kubeappsapis.pluginConfig.flux.packages.v1alpha1.noCrossNamespaceRefs Enable this flag to disallow cross-namespace references, useful when running Flux on multi-tenant clusters
noCrossNamespaceRefs: false
resources:
packages:
v1alpha1:
Expand Down
4 changes: 4 additions & 0 deletions cmd/kubeapps-apis/plugins/fluxv2/packages/v1alpha1/common/utils.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -453,6 +453,8 @@ type FluxPluginConfig struct {
// see comments in design spec under AddPackageRepository.
// false (i.e. kubeapps manages secrets) by default
UserManagedSecrets bool
// ref https://github.com/vmware-tanzu/kubeapps/issues/5541
NoCrossNamespaceRefs bool
}

// ParsePluginConfig parses the input plugin configuration json file and return the
Expand All @@ -476,6 +478,7 @@ func ParsePluginConfig(pluginConfigPath string) (*FluxPluginConfig, error) {
V1alpha1 struct {
DefaultUpgradePolicy string `json:"defaultUpgradePolicy"`
UserManagedSecrets bool `json:"userManagedSecrets"`
NoCrossNamespaceRefs bool `json:"noCrossNamespaceRefs"`
} `json:"v1alpha1"`
} `json:"packages"`
} `json:"flux"`
Expand All @@ -502,6 +505,7 @@ func ParsePluginConfig(pluginConfigPath string) (*FluxPluginConfig, error) {
TimeoutSeconds: config.Core.Packages.V1alpha1.TimeoutSeconds,
DefaultUpgradePolicy: defaultUpgradePolicy,
UserManagedSecrets: config.Flux.Packages.V1alpha1.UserManagedSecrets,
NoCrossNamespaceRefs: config.Flux.Packages.V1alpha1.NoCrossNamespaceRefs,
}, nil
}
}
Expand Down
60 changes: 60 additions & 0 deletions cmd/kubeapps-apis/plugins/fluxv2/packages/v1alpha1/common/utils_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -275,3 +275,63 @@ flux:
})
}
}

func TestParsePluginConfigNoCrossNamespaceRefs(t *testing.T) {
testCases := []struct {
name string
pluginYAMLConf []byte
exp_flag bool
exp_error_str string
}{
{
name: "no policy specified in plugin config",
pluginYAMLConf: nil,
exp_flag: false,
exp_error_str: "",
},
{
name: "specific policy in plugin config",
pluginYAMLConf: []byte(`
flux:
packages:
v1alpha1:
noCrossNamespaceRefs: true
`),
exp_flag: true,
exp_error_str: "",
},
}
opts := cmpopts.IgnoreUnexported(pkgutils.VersionsInSummary{})
for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
filename := ""
if tc.pluginYAMLConf != nil {
pluginJSONConf, err := yaml.YAMLToJSON(tc.pluginYAMLConf)
if err != nil {
log.Fatalf("%s", err)
}
f, err := os.CreateTemp(".", "plugin_json_conf")
if err != nil {
log.Fatalf("%s", err)
}
defer os.Remove(f.Name()) // clean up
if _, err := f.Write(pluginJSONConf); err != nil {
log.Fatalf("%s", err)
}
if err := f.Close(); err != nil {
log.Fatalf("%s", err)
}
filename = f.Name()
}
config, err := ParsePluginConfig(filename)
if err != nil && !strings.Contains(err.Error(), tc.exp_error_str) {
t.Errorf("err got %q, want to find %q", err.Error(), tc.exp_error_str)
}
if err == nil {
if got, want := config.NoCrossNamespaceRefs, tc.exp_flag; !cmp.Equal(want, got, opts) {
t.Errorf("mismatch (-want +got):\n%s", cmp.Diff(want, got, opts))
}
}
})
}
}
Loading

0 comments on commit c160190

Please sign in to comment.