fix: git credential scoping issue for `packages`
Description
Fixes logic for generating git credential secrets for packages. There is a scoping issue in the gitcredential secret template that currently breaks the BigBang helm chart when attempting to supply .git.credentials. See #1712 (closed) for more details
This also fixes another bug where the secretRef in packages git repo's did not match the secret name generated for the package
Tests
Reproducing error found in issue
Using code found on master branch and using default values from chart along with the following packages-values:
packages:
podinfo:
git:
repo: https://github.com/stefanprodan/podinfo.git
tag: 6.3.4
path: charts/podinfo
flux:
timeout: 5m
postRenderers: []
dependsOn:
- name: monitoring
namespace: bigbang
values:
replicaCount: 3
git:
credentials:
password: somepass
username: someuser
registryCredentials:
password: somepass
registry: someregistry
username: someuserI receive the following error as expected:
Error: template: bigbang/templates/secrets/gitcredential.yaml:13:8: executing "bigbang/templates/secrets/gitcredential.yaml" at <include "commonLabels" .>: error calling include: template: bigbang/templates/_helpers.tpl:86:39: executing "commonLabels" at <.Release.Name>: can't evaluate field Release in type string
Negative Test Case (Without supplying .git.credentials)
Using default values from chart along with the following packages-values:
packages:
podinfo:
git:
repo: https://github.com/stefanprodan/podinfo.git
tag: 6.3.4
path: charts/podinfo
flux:
timeout: 5m
postRenderers: []
dependsOn:
- name: monitoring
namespace: bigbang
values:
replicaCount: 3
registryCredentials:
password: somepass
registry: someregistry
username: someuserSuccessfully generates the following git repo (did not generate secret as expected):
---
# Source: bigbang/templates/package/gitrepository.yaml
apiVersion: source.toolkit.fluxcd.io/v1
kind: GitRepository
metadata:
name: podinfo
namespace: podinfo
labels:
app.kubernetes.io/name: podinfo
app.kubernetes.io/instance: bb
app.kubernetes.io/version: 2.10.0
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: "bigbang"
helm.sh/chart: bigbang-2.10.0
spec:
interval: 2m
url: https://github.com/stefanprodan/podinfo.git
ref:
tag: 6.3.4Positive Test Case
Using default values from chart along with the following packages-values:
packages:
podinfo:
git:
repo: https://github.com/stefanprodan/podinfo.git
tag: 6.3.4
path: charts/podinfo
flux:
timeout: 5m
postRenderers: []
dependsOn:
- name: monitoring
namespace: bigbang
values:
replicaCount: 3
git:
credentials:
password: somepass
username: someuser
registryCredentials:
password: somepass
registry: someregistry
username: someuserSuccessfully generates the following git repo with secretref and the associated secret:
---
# Source: bigbang/templates/package/gitrepository.yaml
apiVersion: source.toolkit.fluxcd.io/v1
kind: GitRepository
metadata:
name: podinfo
namespace: podinfo
labels:
app.kubernetes.io/name: podinfo
app.kubernetes.io/instance: bb
app.kubernetes.io/version: 2.10.0
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: "bigbang"
helm.sh/chart: bigbang-2.10.0
spec:
interval: 2m
url: https://github.com/stefanprodan/podinfo.git
ref:
tag: 6.3.4
secretRef:
name: bb-git-credentials
---
# Source: bigbang/templates/secrets/gitcredential.yaml
apiVersion: v1
kind: Secret
metadata:
name: bb-git-credentials
namespace: podinfo
labels:
app.kubernetes.io/name: bb-git-credentials
app.kubernetes.io/instance: bb
app.kubernetes.io/version: 2.10.0
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/part-of: "bigbang"
helm.sh/chart: bigbang-2.10.0
type: Opaque
data:
username: c29tZXVzZXI=
password: c29tZXBhc3M=Package Changes
None
Package MR
None
For Issue
Closes #1712 (closed)