feat: Execute helm dependency build #154
Conversation
fritzduchardt
requested review from
kbudde and
Zebradil
and removed request for
kbudde
fritzduchardt
changed the title
There was a problem hiding this comment.
I dug around a little and bumped into helm/helm#7214.
Can we just use helm template --dependency-update instead of manually downloading dependencies?
|
The flag seems to work perfectly. Here is how I tested: cd $(mktemp -d)
cat <<EOF > Chart.yaml
apiVersion: v2
name: webserver
description: A Helm chart for Kubernetes
type: application
version: 0.1.0
appVersion: 1.16.0
dependencies:
- name: mysql
version: 9.3.4
repository: https://charts.bitnami.com/bitnami
EOF
helm template . --dependency-updateResult:
|
This is a pretty good find I was not ware of. Nevertheless, dependency build would still be my preference, since it respects the Chart.lock file. Dependency update would always renegotiate dependencies and lose the ability to pin Chart dependencies. |
Codecov ReportAttention:
Additional details and impacted files@@ Coverage Diff @@
## dev #154 +/- ##
==========================================
- Coverage 48.16% 47.54% -0.62%
==========================================
Files 26 26
Lines 2448 2509 +61
==========================================
+ Hits 1179 1193 +14
- Misses 1085 1131 +46
- Partials 184 185 +1 ☔ View full report in Codecov by Sentry. |
That makes sense. I only wonder if the situations when there is a lock file but dependencies aren't built are frequent. |
|
I dug a bit deeper into helm and figured out another question: in which cases we would want to prioritize dependencies in Chart.lock over dependencies in Chart.yaml? Here is an example Chart.lock with two dependencies: dependencies:
- name: nginx
repository: oci://registry-1.docker.io/bitnamicharts
version: 14.2.2
- name: grafana
repository: oci://registry-1.docker.io/bitnamicharts
version: 9.6.5
digest: sha256:10d0bbd5014ddd04b24fa3311741326d6ddf992dff864b5a84b24bf564e3afbf
generated: "2023-12-26T13:33:52.347539414+01:00"As you can see, dependencies don't carry any identification information apart from their versions. The When I run
So, |
Good catch about oci registries, I should add that to the logic. Regarding the build vs update questions, have you considered that Helm also support semver wildcards in the Chart.yaml? |
Actually, in my tests, there was no need to add OCI registries separately. They just worked with
I didn't, but now I've checked that as well. I see that only But can you maybe clarify your existing case a little more? In which case you'd have a lock file but no dependencies built? What's the workflow there? |
The workflow is as follows: we pull in a chart from git that is provided by another team. The chart is still in development and changes constantly. We use git instead of a helm registry, because we can create feature changes and tweak the chart. At the end we create a PR to submit the tweaks we require. This would have also have been a useful workflow for the platform components in the old days. Thinking forward, we might want to support local charts as discussed during the last community meeting. This would also require correct support of Helms locking mechanism. |
There was a problem hiding this comment.
To move things forward, I reverted ArgoCD-related changes.
I'm still not sure if handling OCI registries the same way as usual HTTP registries is the best solution. As I wrote:
Actually, in my tests, there was no need to add OCI registries separately. They just worked with helm dependency build.
But if it works, I'm fine with that.
You are right. Oci registries don't require registration. I have taken them out again. |
Thanks. Got lost a bit in the tangle of my open MR a while back. |
# [3.1.0](v3.0.4...v3.1.0) (2023-12-29) ### Bug Fixes * **deps:** update golang.org/x/exp digest to 02704c9 ([#160](#160)) ([e9fe05e](e9fe05e)) * **plugins:** improve logging ([#190](#190)) ([ba31a3b](ba31a3b)) * **smart_mode:** add static files directory ([#193](#193)) ([3f52709](3f52709)) ### Features * Execute helm dependency build ([#154](#154)) ([c2c0baa](c2c0baa)), closes [#146](#146)
# [3.1.0](v3.0.4...v3.1.0) (2023-12-29) ### Bug Fixes * **deps:** update golang.org/x/exp digest to 02704c9 ([#160](#160)) ([e9fe05e](e9fe05e)) * **plugins:** improve logging ([#190](#190)) ([ba31a3b](ba31a3b)) * **smart_mode:** add static files directory ([#193](#193)) ([3f52709](3f52709)) ### Features * Execute helm dependency build ([#154](#154)) ([c2c0baa](c2c0baa)), closes [#146](#146)
# [3.1.0](v3.0.4...v3.1.0) (2023-12-29) ### Bug Fixes * **deps:** update golang.org/x/exp digest to 02704c9 ([#160](#160)) ([e9fe05e](e9fe05e)) * **plugins:** improve logging ([#190](#190)) ([ba31a3b](ba31a3b)) * **smart_mode:** add static files directory ([#193](#193)) ([3f52709](3f52709)) ### Features * Execute helm dependency build ([#154](#154)) ([c2c0baa](c2c0baa)), closes [#146](#146)
Closes #146
Can be activated in app-data.ytt.yaml with: