UNCLASSIFIED - NO CUI

Recent flux versions do not include correct values.yaml

Bug

Description

We are back at 1.10.0 currently and trying to get caught up. We noticed we were having some issues with CRD's and such, so we updated flux to the version in bigbang d35aae0a026ed31cebf6628d601900f2c866cf8b

When big-bang deployed, we saw the following HelmRelease information:

> flux -n bigbang get hr
NAME               READY    MESSAGE                                                                                    REVISION        SUSPENDED
authservice        True     Release reconciliation succeeded                                                           0.4.0-bb.8      False
bigbang            True     Release reconciliation succeeded                                                           1.11.0          False
cluster-auditor    True     Release reconciliation succeeded                                                           0.3.0-bb.4      False
eck-operator       True     Release reconciliation succeeded                                                           1.6.0-bb.1      False
ek                 True     Release reconciliation succeeded                                                           0.1.17-bb.0     False
fluent-bit         True     Release reconciliation succeeded                                                           0.15.15-bb.0    False
gatekeeper         True     Release reconciliation succeeded                                                           3.5.1           False
haproxy-sso        True     Release reconciliation succeeded                                                           1.1.2-bb.0      False
istio              True     Release reconciliation succeeded                                                           1.8.4-bb.6      False
istio-operator     True     Release reconciliation succeeded                                                           1.8.4-bb.2      False
kiali              True     Release reconciliation succeeded                                                           1.36.0-bb.3     False
monitoring         True     Release reconciliation succeeded                                                           14.0.0-bb.1     False
twistlock          True     Release reconciliation succeeded                                                           0.0.6-bb.0      False

The Helm versions being pulled all track to what is currently on bigbang master not 1.11.0. This can be verified by looking at the flux source-controller in /data/gitrepository/bigbang/bigbang/ac3d07ac0a5206b74478f6e41c58afa99363fa00.tar.gz. You'll see that:

  • chart/Chart.yml contains 1.11.1
  • chart/values.yml is identical to the one on master

Possible Diagnosis

Looking through the Flux CRD documentation, it seems that recent versions of Flux do not automatically include values.yaml in the HelmRelease: https://github.com/fluxcd/helm-controller/blob/main/config/crd/bases/helm.toolkit.fluxcd.io_helmreleases.yaml#L85-L92

We haven't dug into the source-controller deeply enough to grok why it's pulling the default branch values.yaml and including it, but this also happens with upstream flux 0.16.1 so this could be a bug there, or intentional.

Workaround

We were able to get things working correctly via the following patch:

patchesStrategicMerge:
  - |-
    apiVersion: helm.toolkit.fluxcd.io/v2beta1
    kind: HelmRelease
    metadata:
      name: bigbang
    spec:
      chart:
        spec:
          valuesFiles:
            - values.yaml

BigBang Version

1.11.0

Edited by Taylor Mitchell

UNCLASSIFIED - NO CUI