#1993 : Pass big bang values through to package charts
General MR
Summary
This MR duplicates the logic currently present in the wrapper chart for presenting bigbang variables in the wrapped package's value space, and provides the same functionality to user defined or community supported packages that do not use the wrapper.
Before this patch, this (intentionally simple and contrived) test case would technically succeed when not using the wrapper:
networkPolicies:
enabled: true
controlPlaneCidr: 192.168.254.0/24
packages:
jira:
wrapper: false
enabled: true
values:
networkPolicies:
controlPlaneCidr: "{{ .Values.networkPolicies.controlPlaneCidr }}" ... The chart will successfully render, but deployment will fail because the value is empty:
NetworkPolicy.networking.k8s.io "egress-kube-api" is invalid: spec.egress[0].to[0].ipBlock.cidr: Required valueThis is because (as pointed out in #1993 (closed)) the wrapper chart has logic to merge bigbang values into the package values under a toplevel bigbang: key, while the bare package chart does not. By updating the package {{ $pkg }}-values and {{ $pkg }}-wrapper-values secret generators, and abstracting the wrapper value generation logic into a helm template that we can re-use in the package generator, we can get the same behavior in both locations, so that now we can:
networkPolicies:
enabled: true
controlPlaneCidr: 192.168.254.0/24
packages:
jira:
wrapper: false
enabled: true
values:
networkPolicies:
controlPlaneCidr: "{{ .Values.bigbang.networkPolicies.controlPlaneCidr }}" The discussion of "why use a toplevel bigbang key, why not just merge the roots together?" has already been discussed when this functionality was built into the wrapper chart and so isn't debated here. TLDR - because there are things in the toplevel of the package value space and the bigbang value space (like openshift) that are incompatible in type and usage pattern. Separation is necessary.
Relevant logs/screenshots
This is proven effective with a chart generation using my jira override from my dotfiles and comparing the results. Here is a summary of the test results:
| branch | wrapper? | result file | result md5sum |
|---|---|---|---|
| master | no | master-nowrapper-values.yaml | e9bf50493dd13d50ac7b2f37ac048e54 |
| 1993_package_bbvars_passthrough_opt2 | no | 1993-nowrapper-values.yaml | 72f5fc5de7f4e5d4a4b69bb1e82d827e |
| master | yes | master-wrapper-values.yaml | 5da70c0350bd5686dfde934c54b978da |
| 1993_package_bbvars_passthrough_opt2 | yes | 1993-wrapper-values.yaml | 5da70c0350bd5686dfde934c54b978da |
This tells us that the new code produces identical values for the wrapper as the master branch. This proves that the new values-bigbang helper method produces identical output to the previous version.
However we need to prove that the output of the new toplevel bigbang: map entry is identical in the wrapper and non-wrapper versions. We can use yq to extract the bigbang data, sort it, and md5sum it from both versions:
$ cat 1993-nowrapper-values.yaml | yq '.stringData.*' | yq -P '.bigbang | sort_keys(..)' | md5sum
02bde2050f9a6933f4b2b980de9fb777 -
$ cat 1993-wrapper-values.yaml | yq '.stringData.*' | yq -P '.bigbang | sort_keys(..)' | md5sum
02bde2050f9a6933f4b2b980de9fb777 -Linked Issue
Closes #1993 (closed)
Upgrade Notices
N/A
Merge request reports
Activity
assigned to @akesterson
changed milestone to %2.27.0
requested review from @michaelmartin, @chris.oconnell, and @ryan.thompson.44
mentioned in issue #1993 (closed)
mentioned in merge request !4257 (closed)
added 1 commit
- f890f087 - #1993 (closed) : Pass big bang values through to package charts
added 3 commits
-
f890f087...75e9ff05 - 2 commits from branch
master - 868fa493 - #1993 (closed) : Pass big bang values through to package charts
-
f890f087...75e9ff05 - 2 commits from branch
@akesterson This merge request is unlabelled and not marked as draft. Please add one or more labels.
To mark as draft prefix this merge request title with
Draft:If this merge request is ready for review remove
Draft:and label statusreviewMR Title Keywords
To easily adjust the pipeline behavior without a commit, keywords can be placed in the title of Merge Requests.
Supported keywords:
-
DEBUG-- Enables debug mode. This will set -x in shell scripts so each command is printed before it runs, and dumps information such as the networking configuration (virtual services, gateways, dns, /etc/hosts files), cluster information (kustomize, cluster resources, memory and cpu usage), and dumps the cluster logs. -
SKIP UPGRADE-- Skips the upgrade test stage of a pipeline. -
SKIP UPDATE CHECK-- Skips the check in the configuration validation stage to see if the chart version was incremented. -
SKIP INTEGRATION-- Skips the integration stage which is used in the third-party and sandbox pipelines. -
SKIP SUMMARY CHECK-- Skips the MR body validation pipelines.
MR Labels
Similar to the MR title keywords described above, gitlab labels can be added to Merge Requests to adjust CI pipeline behavior.
Labels for BigBang MRs
- all-packages -- Enables all BigBang packages. This will typically cause the cluster to run slower due to the increased resource usage, so it can be helpful in making sure any timeouts you've set aren't too short or check for any conflicts between packages, etc.
-
<package-name>-- Adding a package name as a label will enable that package. - test-ciinfra -- Add stages to provision and destroy the cloud infrastructure where the tests will run.
Labels for BigBang and package MRs
- test-cirelease -- Test the release CI, which includes the package and release stages.
- disable-ci -- Disables all pipeline runs.
- kinddocs -- For MRs with only document changes. Won't run any pipelines.
- skip-bb-mr -- Will skip the auto-creation of a merge request into BigBang.
-
added needs-labels label
added statusreview label
removed needs-labels label
added 1 commit
- 4e1313fb - #1993 (closed) : Pass big bang values through to package charts
added all-packages label
Resolved by Michael Martin@michaelmartin is it common for
all-packagesto timeout waiting for helm releases to come up, or does this likely represent a bug I need to pursue? Seems like I'll have to attempt to individually test every chart that uses the package chart or the wrapper to figure out what's causing this. Trying to confirm what I'm seeing before dumping a bunch of time into testing all packages.- Last reply by Michael Martin
added 25 commits
-
4e1313fb...9ea29ce5 - 24 commits from branch
master - d75152c4 - #1993 (closed) : Pass big bang values through to package charts
-
4e1313fb...9ea29ce5 - 24 commits from branch
added 5 commits
-
d75152c4...d6bee478 - 2 commits from branch
master - 4e1313fb - #1993 (closed) : Pass big bang values through to package charts
- ba60c779 - Merge branch '1993_package_bbvars_passthrough_opt2' of...
- cda3781d - Merge remote-tracking branch 'origin/master' into 1993_package_bbvars_passthrough_opt2
Toggle commit list-
d75152c4...d6bee478 - 2 commits from branch
added 11 commits
-
cda3781d...b10b990b - 10 commits from branch
master - 77054cc1 - #1993 (closed) : Pass big bang values through to package charts
-
cda3781d...b10b990b - 10 commits from branch
added 1 commit
- 08bb96af - #1993 (closed) : Pass big bang values through to package charts
added 1 commit
- 12962998 - #1993 (closed) : Pass big bang values through to package charts
added 19 commits
-
12962998...ac95d389 - 18 commits from branch
master - 1cfb71a3 - #1993 (closed) : Pass big bang values through to package charts
-
12962998...ac95d389 - 18 commits from branch
added 3 commits
-
1cfb71a3...309edcd8 - 2 commits from branch
master - 2a1f061a - #1993 (closed) : Pass big bang values through to package charts
-
1cfb71a3...309edcd8 - 2 commits from branch
added debug label
added 15 commits
-
2a1f061a...a46ddbb2 - 14 commits from branch
master - 32eb6849 - #1993 (closed) : Pass big bang values through to package charts
-
2a1f061a...a46ddbb2 - 14 commits from branch
added 13 commits
-
32eb6849...9372b8de - 12 commits from branch
master - 8f6b6b5c - #1993 (closed) : Pass big bang values through to package charts
-
32eb6849...9372b8de - 12 commits from branch
changed milestone to %2.28.0
added 17 commits
-
8f6b6b5c...a42fc4ff - 16 commits from branch
master - a7faefe6 - #1993 (closed) : Pass big bang values through to package charts
-
8f6b6b5c...a42fc4ff - 16 commits from branch
added 9 commits
-
a7faefe6...0393ee6e - 8 commits from branch
master - 3a483ce1 - #1993 (closed) : Pass big bang values through to package charts
-
a7faefe6...0393ee6e - 8 commits from branch
added 43 commits
-
3a483ce1...d57cec57 - 42 commits from branch
master - b1509179 - #1993 (closed) : Pass big bang values through to package charts
-
3a483ce1...d57cec57 - 42 commits from branch
-
@andrewshoell : You have been tagged in this merge request for the purpose of conducting secondary review.
- Resolved by Michael Martin
I don't think this is working. Also, the code examples commented above are not entirely syntax-correct in regards to disabling the wrapper.
Using a default
controlPlaneCidr:of10.19.71.0/24, if I run thison master branch:packages: jira: enabled: true wrapper: enabled: false values: networkPolicies: enabled: true git: repo: https://repo1.dso.mil/big-bang/product/community/jira.git tag: "1.19.0-bb.3" path: "./chart"I get this generated in
jira-valuessecret:values.yaml: | networkPolicies: enabled: trueThis produces the error, since I turned on
networkPolicies, butcontrolPlaneCidris not passed through -- the crux of the issue.
On this MR branch, I still set the original error, and the generated
jira-valuessecret is this which doesn't appear to merge stuff in correctly, since it's (1) passing more key/values pairs than necessary and (2) everything is nested under thebigbangkey which the package won't recognize.values.yaml: | bigbang: domain: dev.bigbang.mil openshift: false addons: anchore: enabled: false argocd: enabled: false authservice: enabled: false eckOperator: enabled: false fortify: enabled: false gitlab: enabled: false gitlabRunner: enabled: false harbor: enabled: false holocron: enabled: false keycloak: enabled: false mattermost: enabled: false mattermostOperator: enabled: false metricsServer: enabled: auto minio: enabled: false minioOperator: enabled: true nexusRepositoryManager: enabled: false sonarqube: enabled: false thanos: enabled: false vault: enabled: false velero: enabled: false clusterAuditor: enabled: false eckOperator: enabled: true elasticsearchKibana: enabled: true fluentbit: enabled: true gatekeeper: enabled: false grafana: enabled: true istio: enabled: true istioOperator: enabled: true jaeger: enabled: true kiali: enabled: true kyverno: enabled: true kyvernoPolicies: enabled: false kyvernoReporter: enabled: true loki: enabled: false monitoring: enabled: true networkPolicies: controlPlaneCidr: 10.19.71.0/24 enabled: true nodeCidr: "" vpcCidr: 0.0.0.0/0 neuvector: enabled: false promtail: enabled: false tempo: enabled: true twistlock: enabled: false networkPolicies: enabled: trueReach out on MM, and I can help out. I think we want to make sure this is clean in passing values through--we won't want to pass through unneeded values if possible.
I removed
all-packages, since we really need to manually test this outside of CI to make sure thepackages:addons values are merged correctly.Edited by Michael Martin - Last reply by Michael Martin
added statusdoing label and removed statusreview label
removed all-packages label
added 27 commits
-
b1509179...de995e70 - 26 commits from branch
master - 7a571ff5 - #1993 (closed) : Pass big bang values through to package charts
-
b1509179...de995e70 - 26 commits from branch
requested review from @michaelmartin
removed statusdoing label
added statusreview label
added 36 commits
-
7a571ff5...604fe512 - 34 commits from branch
master - f647494c - Merge remote-tracking branch 'origin/master' into 1993_package_bbvars_passthrough_opt2
- 815314cc - Merge remote-tracking branch 'origin/master' into 1993_package_bbvars_passthrough_opt2
-
7a571ff5...604fe512 - 34 commits from branch
enabled an automatic merge when the pipeline for 815314cc succeeds