Skip to content

Commit 0013c75

Browse files
a-hilalya-hilaly
authored
Resolve conflicts in helm templates/values (#504)
Fixes: aws-controllers-k8s/community#2014 Prior to this patch, we observed some weird conflicts when installing multiple ACK helm charts (as sub charts), e.g `ack-chart`, where the last controller installation would override values/templates from the previous ones. This issue stemmed from the asumption that helm "template" names are unique across installations, which was a miss from the ACK team. This patch addresses the conflict by prefixing all the helm template variables with a `ack-$SERVICE-controller` string. This solution comes with the cost of adding complexity to the already complex helm "templates templates generator"... However the least we could do is to leverage Go template "Funcs" to reduce the complexity of writing those templates. For example instead of writing something like `{{ "{{ \"define \"ack- }}" }}{{ .ServicePackageName }}{{ "-controller.rbac-rules\"" }}`, we could "simply" write a `{{ DefineTemplate "rbac-rules" }}` Signed-off-by: Amine Hilaly <[email protected]> By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
1 parent 3b621aa commit 0013c75

12 files changed

+310
-284
lines changed

pkg/generate/ack/release.go

Lines changed: 39 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@
1414
package ack
1515

1616
import (
17+
"fmt"
1718
"strings"
1819
ttpl "text/template"
1920

@@ -27,6 +28,7 @@ var (
2728
"config/controller/kustomization.yaml.tpl",
2829
"helm/templates/cluster-role-binding.yaml.tpl",
2930
"helm/templates/cluster-role-controller.yaml.tpl",
31+
"helm/templates/_helpers.tpl.tpl",
3032
"helm/Chart.yaml.tpl",
3133
"helm/values.yaml.tpl",
3234
"helm/values.schema.json",
@@ -37,24 +39,48 @@ var (
3739
"helm/templates/caches-role-binding.yaml.tpl",
3840
"helm/templates/leader-election-role.yaml.tpl",
3941
"helm/templates/leader-election-role-binding.yaml.tpl",
42+
"helm/templates/deployment.yaml.tpl",
43+
"helm/templates/metrics-service.yaml.tpl",
44+
"helm/templates/service-account.yaml.tpl",
4045
}
4146
releaseIncludePaths = []string{
4247
"config/controller/kustomization_def.yaml.tpl",
4348
}
44-
releaseCopyPaths = []string{
45-
"helm/templates/_helpers.tpl",
46-
"helm/templates/deployment.yaml",
47-
"helm/templates/metrics-service.yaml",
48-
"helm/templates/service-account.yaml",
49-
}
50-
releaseFuncMap = ttpl.FuncMap{
51-
"ToLower": strings.ToLower,
52-
"Empty": func(subject string) bool {
53-
return strings.TrimSpace(subject) == ""
54-
},
49+
releaseCopyPaths = []string{}
50+
releaseFuncMap = func(serviceName string) ttpl.FuncMap {
51+
return ttpl.FuncMap{
52+
"ToLower": strings.ToLower,
53+
"Empty": func(subject string) bool {
54+
return strings.TrimSpace(subject) == ""
55+
},
56+
"DefineTemplate": func(templateName string) string {
57+
// Returnes a statement that defines a new template name with unique
58+
// prefix for the ACK controller.
59+
// For example, if serviceName is "s3" and templateName is "app.name"
60+
// it will return {{- define "ack-s3-controller.app.name" -}}
61+
return fmt.Sprintf("{{- define \"%s\" -}}", prefixServiceTemplateName(serviceName, templateName))
62+
},
63+
"IncludeTemplate": func(templateName string) string {
64+
// Returns a statement that includes a template defined with DefineTemplate.
65+
// For example, if serviceName is "s3" and templateName is "app.name"
66+
// it will return {{- include "ack-s3-controller.app.name" . -}}
67+
return fmt.Sprintf("{{ include \"%s\" . }}", prefixServiceTemplateName(serviceName, templateName))
68+
},
69+
"VarIncludeTemplate": func(variableName, templateName string) string {
70+
// Returns a statement that declares a variable and includes a template defined with
71+
// DefineTemplate.
72+
// For example, if variableName is appName, serviceName is "s3", and templateName is "app.name"
73+
// it will return {{- $variable := include "ack-s3-controller.app.name" .app.name -}}
74+
return fmt.Sprintf("{{ $%s := include \"%s\" . }}", variableName, prefixServiceTemplateName(serviceName, templateName))
75+
},
76+
}
5577
}
5678
)
5779

80+
func prefixServiceTemplateName(serviceName, templateName string) string {
81+
return fmt.Sprintf("ack-%s-controller.%s", serviceName, templateName)
82+
}
83+
5884
// Release returns a pointer to a TemplateSet containing all the templates for
5985
// generating an ACK service controller release (Helm artifacts, etc)
6086
func Release(
@@ -74,10 +100,10 @@ func Release(
74100
templateBasePaths,
75101
releaseIncludePaths,
76102
releaseCopyPaths,
77-
releaseFuncMap,
103+
releaseFuncMap(m.MetaVars().ServicePackageName),
78104
)
79-
80105
metaVars := m.MetaVars()
106+
81107
releaseVars := &templateReleaseVars{
82108
metaVars,
83109
ImageReleaseVars{

templates/helm/templates/_helpers.tpl

Lines changed: 0 additions & 53 deletions
This file was deleted.

templates/helm/templates/_helpers.tpl.tpl

Lines changed: 53 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,53 @@
1+
{{ "{{/* The name of the application this chart installs */}}" }}
2+
{{ DefineTemplate "app.name" }}
3+
{{ "{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix \"-\" -}}" }}
4+
{{ "{{- end -}}" }}
5+
6+
{{ "{{/*" }}
7+
{{ "Create a default fully qualified app name." }}
8+
{{ "We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec)." }}
9+
{{ "If release name contains chart name it will be used as a full name." }}
10+
{{ "*/}}" }}
11+
{{ DefineTemplate "app.fullname" }}
12+
{{ "{{- if .Values.fullnameOverride -}}" }}
13+
{{ "{{- .Values.fullnameOverride | trunc 63 | trimSuffix \"-\" -}}" }}
14+
{{ "{{- else -}}" }}
15+
{{ "{{- $name := default .Chart.Name .Values.nameOverride -}}" }}
16+
{{ "{{- if contains $name .Release.Name -}}" }}
17+
{{ "{{- .Release.Name | trunc 63 | trimSuffix \"-\" -}}" }}
18+
{{ "{{- else -}}" }}
19+
{{ "{{- printf \"%s-%s\" .Release.Name $name | trunc 63 | trimSuffix \"-\" -}}" }}
20+
{{ "{{- end -}}" }}
21+
{{ "{{- end -}}" }}
22+
{{ "{{- end -}}" }}
23+
24+
{{ "{{/* The name and version as used by the chart label */}}" }}
25+
{{ DefineTemplate "chart.name-version" }}
26+
{{ "{{- printf \"%s-%s\" .Chart.Name .Chart.Version | replace \"+\" \"_\" | trunc 63 | trimSuffix \"-\" -}}" }}
27+
{{ "{{- end -}}" }}
28+
29+
{{ "{{/* The name of the service account to use */}}" }}
30+
{{ DefineTemplate "service-account.name" }}
31+
{{ "{{ default \"default\" .Values.serviceAccount.name }}" }}
32+
{{ "{{- end -}}" }}
33+
34+
{{ DefineTemplate "watch-namespace" }}
35+
{{ "{{- if eq .Values.installScope \"namespace\" -}}" }}
36+
{{ "{{ .Values.watchNamespace | default .Release.Namespace }}" }}
37+
{{ "{{- end -}}" }}
38+
{{ "{{- end -}}" }}
39+
40+
{{ "{{/* The mount path for the shared credentials file */}}" }}
41+
{{ DefineTemplate "aws.credentials.secret_mount_path" }}
42+
{{ "{{- \"/var/run/secrets/aws\" -}}" }}
43+
{{ "{{- end -}}" }}
44+
45+
{{ "{{/* The path the shared credentials file is mounted */}}" }}
46+
{{ DefineTemplate "aws.credentials.path" }}
47+
{{ "{{- printf \"%s/%s\" (include \"aws.credentials.secret_mount_path\" .) .Values.aws.credentials.secretKey -}}" }}
48+
{{ "{{- end -}}" }}
49+
50+
{{ "{{/* The rules a of ClusterRole or Role */}}" }}
51+
{{ DefineTemplate "rbac-rules" }}
52+
SEDREPLACERULES
53+
{{ "{{- end }}" }}

templates/helm/templates/cluster-role-binding.yaml.tpl

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -2,21 +2,21 @@
22
apiVersion: rbac.authorization.k8s.io/v1
33
kind: ClusterRoleBinding
44
metadata:
5-
name: {{ "{{ include \"app.fullname\" . }}" }}
5+
name: {{ IncludeTemplate "app.fullname" }}
66
roleRef:
77
kind: ClusterRole
88
apiGroup: rbac.authorization.k8s.io
99
name: ack-{{ .ServicePackageName }}-controller
1010
subjects:
1111
- kind: ServiceAccount
12-
name: {{ "{{ include \"service-account.name\" . }}" }}
12+
name: {{ IncludeTemplate "service-account.name" }}
1313
namespace: {{ "{{ .Release.Namespace }}" }}
1414
{{ "{{ else if eq .Values.installScope \"namespace\" }}" }}
15-
{{ "{{ $wn := include \"watch-namespace\" . }}" }}
15+
{{ VarIncludeTemplate "wn" "watch-namespace" }}
1616
{{ "{{ $namespaces := split \",\" $wn }}" }}
17-
{{ "{{ $fullname := include \"app.fullname\" . }}" }}
17+
{{ VarIncludeTemplate "fullname" "app.fullname" }}
1818
{{ "{{ $releaseNamespace := .Release.Namespace }}" }}
19-
{{ "{{ $serviceAccountName := include \"service-account.name\" . }}" }}
19+
{{ VarIncludeTemplate "serviceAccountName" "service-account.name" }}
2020
{{ "{{ range $namespaces }}" }}
2121
---
2222
apiVersion: rbac.authorization.k8s.io/v1

templates/helm/templates/cluster-role-controller.yaml.tpl

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
{{ "{{ $labels := .Values.role.labels }}" }}
2-
{{ "{{ $rules := include \"controller-role-rules\" . }}" }}
2+
{{ VarIncludeTemplate "rbacRules" "rbac-rules" }}
33
{{ "{{ if eq .Values.installScope \"cluster\" }}" }}
44
apiVersion: rbac.authorization.k8s.io/v1
55
kind: ClusterRole
@@ -9,9 +9,9 @@ metadata:
99
{{ "{{- range $key, $value := $labels }}" }}
1010
{{ "{{ $key }}: {{ $value | quote }}" }}
1111
{{ "{{- end }}" }}
12-
{{ "{{- $rules }}" }}
12+
{{ "{{$rbacRules }}" }}
1313
{{ "{{ else if eq .Values.installScope \"namespace\" }}" }}
14-
{{ "{{ $wn := include \"watch-namespace\" . }}" }}
14+
{{ VarIncludeTemplate "wn" "watch-namespace" }}
1515
{{ "{{ $namespaces := split \",\" $wn }}" }}
1616
{{ "{{ range $namespaces }}" }}
1717
---
@@ -24,6 +24,6 @@ metadata:
2424
{{ "{{- range $key, $value := $labels }}" }}
2525
{{ "{{ $key }}: {{ $value | quote }}" }}
2626
{{ "{{- end }}" }}
27-
{{ "{{- $rules }}" }}
27+
{{ "{{ $rbacRules }}" }}
2828
{{ "{{ end }}" }}
2929
{{ "{{ end }}" }}

0 commit comments

Comments
 (0)