From 2475e3ebc1f939a3a1b60a63bc67d9c7c1d67af7 Mon Sep 17 00:00:00 2001 From: Martin Hickey Date: Mon, 21 Jan 2019 11:49:43 +0000 Subject: [PATCH 01/28] Add content on how community members can help review PRs Updated text to better elaborate on he process and also some small other nits/updates. Signed-off-by: Martin Hickey Signed-off-by: Kevin Labesse --- CONTRIBUTING.md | 47 +++++++++++++++++++++++++++-------------------- 1 file changed, 27 insertions(+), 20 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index aba3388a6..7736cbd6b 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -84,12 +84,12 @@ your PR will be rejected by the automated DCO check. Whether you are a user or contributor, official support channels include: -- GitHub [issues](https://github.com/helm/helm/issues/new) -- Slack [Kubernetes Slack](http://slack.kubernetes.io/): - - User: #helm-users - - Contributor: #helm-dev +- [Issues](https://github.com/helm/helm/issues) +- Slack: + - User: [#helm-users](https://kubernetes.slack.com/messages/C0NH30761/details/) + - Contributor: [#helm-dev](https://kubernetes.slack.com/messages/C51E88VDG/) -Before opening a new issue or submitting a new pull request, it's helpful to search the project - it's likely that another user has already reported the issue you're facing, or it's a known issue that we're already aware of. +Before opening a new issue or submitting a new pull request, it's helpful to search the project - it's likely that another user has already reported the issue you're facing, or it's a known issue that we're already aware of. It is also worth asking on the Slack channels. ## Milestones @@ -180,33 +180,33 @@ contributing to Helm. All issue types follow the same general lifecycle. Differe Coding conventions and standards are explained in the official developer docs: [Developers Guide](docs/developers.md) -The next section contains more information on the workflow followed for PRs +The next section contains more information on the workflow followed for Pull Requests. ## Pull Requests -Like any good open source project, we use Pull Requests to track code changes +Like any good open source project, we use Pull Requests (PRs) to track code changes. ### PR Lifecycle 1. PR creation + - PRs are usually created to fix or else be a subset of other PRs that fix a particular issue. - We more than welcome PRs that are currently in progress. They are a great way to keep track of important work that is in-flight, but useful for others to see. If a PR is a work in progress, it **must** be prefaced with "WIP: [title]". Once the PR is ready for review, remove "WIP" from the title. - - It is preferred, but not required, to have a PR tied to a specific issue. + - It is preferred, but not required, to have a PR tied to a specific issue. There can be + circumstances where if it is a quick fix then an issue might be overkill. The details provided + in the PR description would suffice in this case. 2. Triage - The maintainer in charge of triaging will apply the proper labels for the issue. This should include at least a size label, `bug` or `feature`, and `awaiting review` once all labels are applied. - See the [Labels section](#labels) for full details on the definitions of labels + See the [Labels section](#labels) for full details on the definitions of labels. - Add the PR to the correct milestone. This should be the same as the issue the PR closes. 3. Assigning reviews - Once a review has the `awaiting review` label, maintainers will review them as schedule permits. The maintainer who takes the issue should self-request a review. - - Reviews from others in the community, especially those who have encountered a bug or have - requested a feature, are highly encouraged, but not required. Maintainer reviews **are** required - before any merge - Any PR with the `size/large` label requires 2 review approvals from maintainers before it can be - merged. Those with `size/medium` are per the judgement of the maintainers + merged. Those with `size/medium` or `size/small` are per the judgement of the maintainers. 4. Reviewing/Discussion - Once a maintainer begins reviewing a PR, they will remove the `awaiting review` label and add the `in progress` label so the person submitting knows that it is being worked on. This is @@ -214,17 +214,24 @@ Like any good open source project, we use Pull Requests to track code changes - All reviews will be completed using Github review tool. - A "Comment" review should be used when there are questions about the code that should be answered, but that don't involve code changes. This type of review does not count as approval. - - A "Changes Requested" review indicates that changes to the code need to be made before they will be merged. - - Reviewers should update labels as needed (such as `needs rebase`) -5. Address comments by answering questions or changing code + - A "Changes Requested" review indicates that changes to the code need to be made before they will be + merged. + - Reviewers (maintainers) should update labels as needed (such as `needs rebase`). + - Reviews are also welcome from others in the community, especially those who have encountered a bug or + have requested a feature. In the code review, a message can be added, as well as `LGTM` if the PR is + good to merge. It’s also possible to add comments to specific lines in a file, for giving context + to the comment. +5. PR owner should try to be responsive to comments by answering questions or changing code. If the + owner is unsure of any comment, reach out to the person who added the comment in + [#helm-dev](https://kubernetes.slack.com/messages/C51E88VDG/). Once all comments have been addressed, + the PR is ready to be merged. 6. Merge or close - PRs should stay open until merged or if they have not been active for more than 30 days. This will help keep the PR queue to a manageable size and reduce noise. Should the PR need to stay open (like in the case of a WIP), the `keep open` label can be added. - - If the owner of the PR is listed in `OWNERS`, that user **must** merge their own PRs - or explicitly request another OWNER do that for them. - - If the owner of a PR is _not_ listed in `OWNERS`, any core committer may - merge the PR once it is approved. + - If the owner of the PR is listed in `OWNERS`, that user **must** merge their own PRs or explicitly + request another OWNER do that for them. + - If the owner of a PR is _not_ listed in `OWNERS`, any maintainer may merge the PR once it is approved. #### Documentation PRs From 3dada94f972523d58f5b658fb3c86adc299e948e Mon Sep 17 00:00:00 2001 From: Koichi Shiraishi Date: Tue, 22 Jan 2019 08:58:07 +0900 Subject: [PATCH 02/28] Fix delete.go file permission (#5194) The 'cmd/helm/delete.go' file permission is 755, change to same as another file. Signed-off-by: Koichi Shiraishi Signed-off-by: Kevin Labesse --- cmd/helm/delete.go | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100755 => 100644 cmd/helm/delete.go diff --git a/cmd/helm/delete.go b/cmd/helm/delete.go old mode 100755 new mode 100644 From 92d3a5b08b797c1c519e1633580521bc9efa1c01 Mon Sep 17 00:00:00 2001 From: Matthew Fisher Date: Mon, 21 Jan 2019 15:58:57 -0800 Subject: [PATCH 03/28] fix: use RFC 1123 subdomains for name verification (#5132) As noted in Slack by a community member, release names with periods are considered usable. Switching to RFC 1123 subdomain verification continues to block bad release names like BAD_NAME, but allows names like good.name to continue working. Signed-off-by: Matthew Fisher Signed-off-by: Kevin Labesse --- cmd/helm/install.go | 4 ++-- cmd/helm/install_test.go | 1 - cmd/helm/template.go | 4 ++-- cmd/helm/template_test.go | 8 ++++---- 4 files changed, 8 insertions(+), 9 deletions(-) diff --git a/cmd/helm/install.go b/cmd/helm/install.go index f33747ac4..5ddb31054 100644 --- a/cmd/helm/install.go +++ b/cmd/helm/install.go @@ -251,8 +251,8 @@ func (i *installCmd) run() error { fmt.Printf("FINAL NAME: %s\n", i.name) } - if msgs := validation.IsDNS1123Label(i.name); i.name != "" && len(msgs) > 0 { - return fmt.Errorf("release name %s is not a valid DNS label: %s", i.name, strings.Join(msgs, ";")) + if msgs := validation.IsDNS1123Subdomain(i.name); i.name != "" && len(msgs) > 0 { + return fmt.Errorf("release name %s is invalid: %s", i.name, strings.Join(msgs, ";")) } // Check chart requirements to make sure all dependencies are present in /charts diff --git a/cmd/helm/install_test.go b/cmd/helm/install_test.go index 4a2055640..5f7ffdb50 100644 --- a/cmd/helm/install_test.go +++ b/cmd/helm/install_test.go @@ -169,7 +169,6 @@ func TestInstall(t *testing.T) { name: "install chart with release name using periods", args: []string{"testdata/testcharts/alpine"}, flags: []string{"--name", "foo.bar"}, - err: true, }, { name: "install chart with release name using underscores", diff --git a/cmd/helm/template.go b/cmd/helm/template.go index d776f2989..1838bb758 100644 --- a/cmd/helm/template.go +++ b/cmd/helm/template.go @@ -147,8 +147,8 @@ func (t *templateCmd) run(cmd *cobra.Command, args []string) error { } } - if msgs := validation.IsDNS1123Label(t.releaseName); t.releaseName != "" && len(msgs) > 0 { - return fmt.Errorf("release name %s is not a valid DNS label: %s", t.releaseName, strings.Join(msgs, ";")) + if msgs := validation.IsDNS1123Subdomain(t.releaseName); t.releaseName != "" && len(msgs) > 0 { + return fmt.Errorf("release name %s is invalid: %s", t.releaseName, strings.Join(msgs, ";")) } // Check chart requirements to make sure all dependencies are present in /charts diff --git a/cmd/helm/template_test.go b/cmd/helm/template_test.go index 98044eff0..3c5026b08 100644 --- a/cmd/helm/template_test.go +++ b/cmd/helm/template_test.go @@ -112,21 +112,21 @@ func TestTemplateCmd(t *testing.T) { desc: "verify the release name using capitals is invalid", args: []string{subchart1ChartPath, "--name", "FOO"}, expectKey: "subchart1/templates/service.yaml", - expectError: "is not a valid DNS label", + expectError: "is invalid", }, { name: "check_invalid_name_uppercase", desc: "verify the release name using periods is invalid", args: []string{subchart1ChartPath, "--name", "foo.bar"}, expectKey: "subchart1/templates/service.yaml", - expectError: "is not a valid DNS label", + expectValue: "release-name: \"foo.bar\"", }, { name: "check_invalid_name_uppercase", desc: "verify the release name using underscores is invalid", args: []string{subchart1ChartPath, "--name", "foo_bar"}, expectKey: "subchart1/templates/service.yaml", - expectError: "is not a valid DNS label", + expectError: "is invalid", }, { name: "check_release_is_install", @@ -160,7 +160,7 @@ func TestTemplateCmd(t *testing.T) { name: "check_invalid_name_template", desc: "verify the relase name generate by template is invalid", args: []string{subchart1ChartPath, "--name-template", "foobar-{{ b64enc \"abc\" }}-baz"}, - expectError: "is not a valid DNS label", + expectError: "is invalid", }, { name: "check_name_template", From 54bd5cca93b848a047322e9dcddeead928ff6e14 Mon Sep 17 00:00:00 2001 From: Patrick Lang Date: Mon, 21 Jan 2019 21:33:57 -0800 Subject: [PATCH 04/28] Update docs/examples to use multi-arch tagged images (#5099) * update nginx example to work multi-arch Signed-off-by: Patrick Lang * Fix alpine to use a multiarch tag Signed-off-by: Patrick Lang Signed-off-by: Kevin Labesse --- docs/examples/alpine/values.yaml | 2 +- docs/examples/nginx/templates/post-install-job.yaml | 2 +- docs/examples/nginx/values.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/examples/alpine/values.yaml b/docs/examples/alpine/values.yaml index afe8cc6c0..225e0472a 100644 --- a/docs/examples/alpine/values.yaml +++ b/docs/examples/alpine/values.yaml @@ -1,6 +1,6 @@ image: repository: alpine - tag: 3.3 + tag: latest pullPolicy: IfNotPresent restartPolicy: Never diff --git a/docs/examples/nginx/templates/post-install-job.yaml b/docs/examples/nginx/templates/post-install-job.yaml index 6e32086ab..3562e6cf5 100644 --- a/docs/examples/nginx/templates/post-install-job.yaml +++ b/docs/examples/nginx/templates/post-install-job.yaml @@ -32,6 +32,6 @@ spec: restartPolicy: {{ .Values.restartPolicy }} containers: - name: post-install-job - image: "alpine:3.3" + image: "alpine:latest" # All we're going to do is sleep for a while, then exit. command: ["/bin/sleep", "{{ .Values.sleepyTime }}"] diff --git a/docs/examples/nginx/values.yaml b/docs/examples/nginx/values.yaml index b40208cce..36f2505af 100644 --- a/docs/examples/nginx/values.yaml +++ b/docs/examples/nginx/values.yaml @@ -14,7 +14,7 @@ index: >- image: repository: nginx - tag: 1.11.0 + tag: alpine pullPolicy: IfNotPresent service: From 66cdae0bd03e36b8bd2f046d10442db80aa3950a Mon Sep 17 00:00:00 2001 From: Geoff Baskwill Date: Tue, 22 Jan 2019 10:03:01 -0500 Subject: [PATCH 05/28] fix: ignore pax header "file"s in chart validation Signed-off-by: Geoff Baskwill Signed-off-by: Kevin Labesse --- pkg/chartutil/load.go | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/pkg/chartutil/load.go b/pkg/chartutil/load.go index f4741516e..b0927a5cf 100644 --- a/pkg/chartutil/load.go +++ b/pkg/chartutil/load.go @@ -93,6 +93,12 @@ func loadArchiveFiles(in io.Reader) ([]*BufferedFile, error) { continue } + switch hd.Typeflag { + // We don't want to process these extension header files. + case tar.TypeXGlobalHeader, tar.TypeXHeader: + continue + } + // Archive could contain \ if generated on Windows delimiter := "/" if strings.ContainsRune(hd.Name, '\\') { From b9020d66cd1fc742ed23307e28edb04bdf593a51 Mon Sep 17 00:00:00 2001 From: JoeWrightss <42261994+JoeWrightss@users.noreply.github.com> Date: Sat, 26 Jan 2019 02:46:24 +0800 Subject: [PATCH 06/28] Fix some typos in comment (#5215) Signed-off-by: zhoulin xie Signed-off-by: Kevin Labesse --- pkg/helm/client.go | 2 +- pkg/helm/fake.go | 2 +- pkg/helm/option.go | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/pkg/helm/client.go b/pkg/helm/client.go index 771c7f3d1..0d4d16039 100644 --- a/pkg/helm/client.go +++ b/pkg/helm/client.go @@ -302,7 +302,7 @@ func (h *Client) RunReleaseTest(rlsName string, opts ...ReleaseTestOption) (<-ch return h.test(ctx, req) } -// PingTiller pings the Tiller pod and ensure's that it is up and running +// PingTiller pings the Tiller pod and ensures that it is up and running func (h *Client) PingTiller() error { ctx := NewContext() return h.ping(ctx) diff --git a/pkg/helm/fake.go b/pkg/helm/fake.go index 46be7d398..c8ce91f44 100644 --- a/pkg/helm/fake.go +++ b/pkg/helm/fake.go @@ -257,7 +257,7 @@ func (c *FakeClient) RunReleaseTest(rlsName string, opts ...ReleaseTestOption) ( return results, errc } -// PingTiller pings the Tiller pod and ensure's that it is up and running +// PingTiller pings the Tiller pod and ensures that it is up and running func (c *FakeClient) PingTiller() error { return nil } diff --git a/pkg/helm/option.go b/pkg/helm/option.go index 121f71c83..1f5cf6904 100644 --- a/pkg/helm/option.go +++ b/pkg/helm/option.go @@ -474,7 +474,7 @@ type VersionOption func(*options) // the defaults used when running the `helm upgrade` command. type UpdateOption func(*options) -// RollbackOption allows specififying various settings configurable +// RollbackOption allows specifying various settings configurable // by the helm client user for overriding the defaults used when // running the `helm rollback` command. type RollbackOption func(*options) From 3a0b0ef7dd6b4a932a943c0a1b723272a9486287 Mon Sep 17 00:00:00 2001 From: shibataka000 Date: Sun, 27 Jan 2019 02:54:12 +0900 Subject: [PATCH 07/28] Itemize text in docs/securing_installation.md (#5217) Signed-off-by: Takao Shibata Signed-off-by: Kevin Labesse --- docs/securing_installation.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/docs/securing_installation.md b/docs/securing_installation.md index d47a98bcc..56ebad62c 100644 --- a/docs/securing_installation.md +++ b/docs/securing_installation.md @@ -69,9 +69,10 @@ When Helm clients are connecting from outside of the cluster, the security betwe Contrary to the previous [Enabling TLS](#enabling-tls) section, this section does not involve running a tiller server pod in your cluster (for what it's worth, that lines up with the current [helm v3 proposal](https://github.com/helm/community/blob/master/helm-v3/000-helm-v3.md)), thus there is no gRPC endpoint (and thus there's no need to create & manage TLS certificates to secure each gRPC endpoint). Steps: - * Fetch the latest helm release tarball from the [GitHub release page](https://github.com/helm/helm/releases), and extract and move `helm` and `tiller` somewhere on your `$PATH`. - * "Server": Run `tiller --storage=secret`. (Note that `tiller` has a default value of ":44134" for the `--listen` argument.) - * Client: In another terminal (and on the same host that the aforementioned `tiller` command was run for the previous bullet): Run `export HELM_HOST=:44134`, and then run `helm` commands as usual. + +- Fetch the latest helm release tarball from the [GitHub release page](https://github.com/helm/helm/releases), and extract and move `helm` and `tiller` somewhere on your `$PATH`. +- "Server": Run `tiller --storage=secret`. (Note that `tiller` has a default value of ":44134" for the `--listen` argument.) +- Client: In another terminal (and on the same host that the aforementioned `tiller` command was run for the previous bullet): Run `export HELM_HOST=:44134`, and then run `helm` commands as usual. ### Tiller's Release Information From ef06ac7878842a21a6041193b75e6f3c0b6de955 Mon Sep 17 00:00:00 2001 From: Alexander Nesterenko Date: Wed, 9 Jan 2019 12:33:37 +0200 Subject: [PATCH 08/28] Implement "atomic" upgrade/install Add possibility to put "--safe" argument to install and upgrade command that restores the state of cluster in case of failed install/upgrade attempt Signed-off-by: Alexander Nesterenko Signed-off-by: Kevin Labesse --- cmd/helm/install.go | 18 ++++++++++++++++++ cmd/helm/upgrade.go | 26 ++++++++++++++++++++++++-- 2 files changed, 42 insertions(+), 2 deletions(-) diff --git a/cmd/helm/install.go b/cmd/helm/install.go index 5ddb31054..9e0b19487 100644 --- a/cmd/helm/install.go +++ b/cmd/helm/install.go @@ -131,6 +131,7 @@ type installCmd struct { version string timeout int64 wait bool + safe bool repoURL string username string password string @@ -190,6 +191,8 @@ func newInstallCmd(c helm.Interface, out io.Writer) *cobra.Command { } inst.chartPath = cp inst.client = ensureHelmClient(inst.client) + inst.wait = inst.wait || inst.safe + return inst.run() }, } @@ -212,6 +215,7 @@ func newInstallCmd(c helm.Interface, out io.Writer) *cobra.Command { f.StringVar(&inst.version, "version", "", "specify the exact chart version to install. If this is not specified, the latest version is installed") f.Int64Var(&inst.timeout, "timeout", 300, "time in seconds to wait for any individual Kubernetes operation (like Jobs for hooks)") f.BoolVar(&inst.wait, "wait", false, "if set, will wait until all Pods, PVCs, Services, and minimum number of Pods of a Deployment are in a ready state before marking the release as successful. It will wait for as long as --timeout") + f.BoolVar(&inst.safe, "safe", false, "if set, upgrade process rolls back changes made in case of failed upgrade") f.StringVar(&inst.repoURL, "repo", "", "chart repository url where to locate the requested chart") f.StringVar(&inst.username, "username", "", "chart repository username where to locate the requested chart") f.StringVar(&inst.password, "password", "", "chart repository password where to locate the requested chart") @@ -307,6 +311,20 @@ func (i *installCmd) run() error { helm.InstallWait(i.wait), helm.InstallDescription(i.description)) if err != nil { + if i.safe { + fmt.Fprintf(os.Stdout, "INSTALL FAILED\nPURGING CHART\nError: %v", prettyError(err)) + deleteSideEffects := &deleteCmd{ + name: i.name, + disableHooks: i.disableHooks, + purge: true, + timeout: i.timeout, + description: "", + dryRun: i.dryRun, + out: i.out, + client: i.client, + } + if err := deleteSideEffects.run(); err != nil { return err } + } return prettyError(err) } diff --git a/cmd/helm/upgrade.go b/cmd/helm/upgrade.go index d6c915c3a..a20a1003a 100644 --- a/cmd/helm/upgrade.go +++ b/cmd/helm/upgrade.go @@ -105,6 +105,7 @@ type upgradeCmd struct { resetValues bool reuseValues bool wait bool + safe bool repoURL string username string password string @@ -142,6 +143,7 @@ func newUpgradeCmd(client helm.Interface, out io.Writer) *cobra.Command { upgrade.release = args[0] upgrade.chart = args[1] upgrade.client = ensureHelmClient(upgrade.client) + upgrade.wait = upgrade.wait || upgrade.safe return upgrade.run() }, @@ -167,6 +169,7 @@ func newUpgradeCmd(client helm.Interface, out io.Writer) *cobra.Command { f.BoolVar(&upgrade.resetValues, "reset-values", false, "when upgrading, reset the values to the ones built into the chart") f.BoolVar(&upgrade.reuseValues, "reuse-values", false, "when upgrading, reuse the last release's values and merge in any overrides from the command line via --set and -f. If '--reset-values' is specified, this is ignored.") f.BoolVar(&upgrade.wait, "wait", false, "if set, will wait until all Pods, PVCs, Services, and minimum number of Pods of a Deployment are in a ready state before marking the release as successful. It will wait for as long as --timeout") + f.BoolVar(&upgrade.safe, "safe", false, "if set, upgrade process rolls back changes made in case of failed upgrade") f.StringVar(&upgrade.repoURL, "repo", "", "chart repository url where to locate the requested chart") f.StringVar(&upgrade.username, "username", "", "chart repository username where to locate the requested chart") f.StringVar(&upgrade.password, "password", "", "chart repository password where to locate the requested chart") @@ -191,6 +194,8 @@ func (u *upgradeCmd) run() error { return err } + releaseHistory, err := u.client.ReleaseHistory(u.release, helm.WithMaxHistory(1)) + if u.install { // If a release does not exist, install it. If another error occurs during // the check, ignore the error and continue with the upgrade. @@ -198,7 +203,6 @@ func (u *upgradeCmd) run() error { // The returned error is a grpc.rpcError that wraps the message from the original error. // So we're stuck doing string matching against the wrapped error, which is nested somewhere // inside of the grpc.rpcError message. - releaseHistory, err := u.client.ReleaseHistory(u.release, helm.WithMaxHistory(1)) if err == nil { if u.namespace == "" { @@ -232,6 +236,7 @@ func (u *upgradeCmd) run() error { timeout: u.timeout, wait: u.wait, description: u.description, + safe: u.safe, } return ic.run() } @@ -270,7 +275,24 @@ func (u *upgradeCmd) run() error { helm.UpgradeWait(u.wait), helm.UpgradeDescription(u.description)) if err != nil { - return fmt.Errorf("UPGRADE FAILED: %v", prettyError(err)) + fmt.Fprintf(u.out, "UPGRADE FAILED\nROLLING BACK\nError: %v", prettyError(err)) + if u.safe { + rollback := &rollbackCmd { + out: u.out, + client: u.client, + name: u.release, + dryRun: u.dryRun, + recreate: u.recreate, + force: u.force, + timeout: u.timeout, + wait: u.wait, + description: "", + revision: releaseHistory.Releases[0].Version, + disableHooks: u.disableHooks, + } + if err := rollback.run(); err != nil { return err } + } + return fmt.Errorf("UPGRADE FAILED: %v\n", prettyError(err)) } if settings.Debug { From 059decc9ef1494ad3a3e46faf8d428bc641a4d38 Mon Sep 17 00:00:00 2001 From: Alexander Nesterenko Date: Wed, 9 Jan 2019 13:39:09 +0200 Subject: [PATCH 09/28] Fix codestyle and update docs Signed-off-by: Alexander Nesterenko Signed-off-by: Kevin Labesse --- cmd/helm/install.go | 4 +++- cmd/helm/upgrade.go | 10 ++++++---- docs/helm/helm_install.md | 3 ++- docs/helm/helm_upgrade.md | 5 +++-- 4 files changed, 14 insertions(+), 8 deletions(-) diff --git a/cmd/helm/install.go b/cmd/helm/install.go index 9e0b19487..0316b14bf 100644 --- a/cmd/helm/install.go +++ b/cmd/helm/install.go @@ -323,7 +323,9 @@ func (i *installCmd) run() error { out: i.out, client: i.client, } - if err := deleteSideEffects.run(); err != nil { return err } + if err := deleteSideEffects.run(); err != nil { + return err + } } return prettyError(err) } diff --git a/cmd/helm/upgrade.go b/cmd/helm/upgrade.go index a20a1003a..527867e47 100644 --- a/cmd/helm/upgrade.go +++ b/cmd/helm/upgrade.go @@ -275,9 +275,9 @@ func (u *upgradeCmd) run() error { helm.UpgradeWait(u.wait), helm.UpgradeDescription(u.description)) if err != nil { - fmt.Fprintf(u.out, "UPGRADE FAILED\nROLLING BACK\nError: %v", prettyError(err)) + fmt.Fprintf(u.out, "UPGRADE FAILED\nROLLING BACK\nError: %v\n", prettyError(err)) if u.safe { - rollback := &rollbackCmd { + rollback := &rollbackCmd{ out: u.out, client: u.client, name: u.release, @@ -290,9 +290,11 @@ func (u *upgradeCmd) run() error { revision: releaseHistory.Releases[0].Version, disableHooks: u.disableHooks, } - if err := rollback.run(); err != nil { return err } + if err := rollback.run(); err != nil { + return err + } } - return fmt.Errorf("UPGRADE FAILED: %v\n", prettyError(err)) + return fmt.Errorf("UPGRADE FAILED: %v", prettyError(err)) } if settings.Debug { diff --git a/docs/helm/helm_install.md b/docs/helm/helm_install.md index 5406126fa..499e3222d 100644 --- a/docs/helm/helm_install.md +++ b/docs/helm/helm_install.md @@ -96,6 +96,7 @@ helm install [CHART] [flags] --render-subchart-notes render subchart notes along with the parent --replace re-use the given name, even if that name is already used. This is unsafe in production --repo string chart repository url where to locate the requested chart + --safe if set, upgrade process rolls back changes made in case of failed upgrade --set stringArray set values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2) --set-file stringArray set values from respective files specified via the command line (can specify multiple or separate values with commas: key1=path1,key2=path2) --set-string stringArray set STRING values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2) @@ -129,4 +130,4 @@ helm install [CHART] [flags] * [helm](helm.md) - The Helm package manager for Kubernetes. -###### Auto generated by spf13/cobra on 1-Nov-2018 +###### Auto generated by spf13/cobra on 9-Jan-2019 diff --git a/docs/helm/helm_upgrade.md b/docs/helm/helm_upgrade.md index df5bfe6ca..081123278 100644 --- a/docs/helm/helm_upgrade.md +++ b/docs/helm/helm_upgrade.md @@ -19,7 +19,7 @@ To customize the chart values, use any of - '--set-string' to provide key=val forcing val to be stored as a string, - '--set-file' to provide key=path to read a single large value from a file at path. -To edit or append to the existing customized values, add the +To edit or append to the existing customized values, add the '--reuse-values' flag, otherwise any existing customized values are ignored. If no chart value arguments are provided on the command line, any existing customized values are carried @@ -83,6 +83,7 @@ helm upgrade [RELEASE] [CHART] [flags] --repo string chart repository url where to locate the requested chart --reset-values when upgrading, reset the values to the ones built into the chart --reuse-values when upgrading, reuse the last release's values and merge in any overrides from the command line via --set and -f. If '--reset-values' is specified, this is ignored. + --safe if set, upgrade process rolls back changes made in case of failed upgrade --set stringArray set values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2) --set-file stringArray set values from respective files specified via the command line (can specify multiple or separate values with commas: key1=path1,key2=path2) --set-string stringArray set STRING values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2) @@ -116,4 +117,4 @@ helm upgrade [RELEASE] [CHART] [flags] * [helm](helm.md) - The Helm package manager for Kubernetes. -###### Auto generated by spf13/cobra on 1-Nov-2018 +###### Auto generated by spf13/cobra on 9-Jan-2019 From 03ebf3864b8756eb859bc9c5c6f522769a10e96e Mon Sep 17 00:00:00 2001 From: Alexander Nesterenko Date: Wed, 23 Jan 2019 17:24:51 +0200 Subject: [PATCH 10/28] [#3338] Rename "safe" to "atomic" which gives more clear understanding, what it does Signed-off-by: Alexander Nesterenko Signed-off-by: Kevin Labesse --- cmd/helm/install.go | 11 ++++++----- cmd/helm/upgrade.go | 12 ++++++------ docs/helm/helm_install.md | 4 ++-- docs/helm/helm_upgrade.md | 4 ++-- 4 files changed, 16 insertions(+), 15 deletions(-) diff --git a/cmd/helm/install.go b/cmd/helm/install.go index 0316b14bf..a6d6b0812 100644 --- a/cmd/helm/install.go +++ b/cmd/helm/install.go @@ -131,7 +131,7 @@ type installCmd struct { version string timeout int64 wait bool - safe bool + atomic bool repoURL string username string password string @@ -191,7 +191,7 @@ func newInstallCmd(c helm.Interface, out io.Writer) *cobra.Command { } inst.chartPath = cp inst.client = ensureHelmClient(inst.client) - inst.wait = inst.wait || inst.safe + inst.wait = inst.wait || inst.atomic return inst.run() }, @@ -215,7 +215,7 @@ func newInstallCmd(c helm.Interface, out io.Writer) *cobra.Command { f.StringVar(&inst.version, "version", "", "specify the exact chart version to install. If this is not specified, the latest version is installed") f.Int64Var(&inst.timeout, "timeout", 300, "time in seconds to wait for any individual Kubernetes operation (like Jobs for hooks)") f.BoolVar(&inst.wait, "wait", false, "if set, will wait until all Pods, PVCs, Services, and minimum number of Pods of a Deployment are in a ready state before marking the release as successful. It will wait for as long as --timeout") - f.BoolVar(&inst.safe, "safe", false, "if set, upgrade process rolls back changes made in case of failed upgrade") + f.BoolVar(&inst.atomic, "atomic", false, "if set, installation process purges chart on fail") f.StringVar(&inst.repoURL, "repo", "", "chart repository url where to locate the requested chart") f.StringVar(&inst.username, "username", "", "chart repository username where to locate the requested chart") f.StringVar(&inst.password, "password", "", "chart repository password where to locate the requested chart") @@ -311,8 +311,8 @@ func (i *installCmd) run() error { helm.InstallWait(i.wait), helm.InstallDescription(i.description)) if err != nil { - if i.safe { - fmt.Fprintf(os.Stdout, "INSTALL FAILED\nPURGING CHART\nError: %v", prettyError(err)) + if i.atomic { + fmt.Fprintf(os.Stdout, "INSTALL FAILED\nPURGING CHART\nError: %v\n", prettyError(err)) deleteSideEffects := &deleteCmd{ name: i.name, disableHooks: i.disableHooks, @@ -326,6 +326,7 @@ func (i *installCmd) run() error { if err := deleteSideEffects.run(); err != nil { return err } + fmt.Fprintf(os.Stdout, "Successfully purged a chart!\n") } return prettyError(err) } diff --git a/cmd/helm/upgrade.go b/cmd/helm/upgrade.go index 527867e47..5184a97ff 100644 --- a/cmd/helm/upgrade.go +++ b/cmd/helm/upgrade.go @@ -44,7 +44,7 @@ To customize the chart values, use any of - '--set-string' to provide key=val forcing val to be stored as a string, - '--set-file' to provide key=path to read a single large value from a file at path. -To edit or append to the existing customized values, add the +To edit or append to the existing customized values, add the '--reuse-values' flag, otherwise any existing customized values are ignored. If no chart value arguments are provided on the command line, any existing customized values are carried @@ -105,7 +105,7 @@ type upgradeCmd struct { resetValues bool reuseValues bool wait bool - safe bool + atomic bool repoURL string username string password string @@ -143,7 +143,7 @@ func newUpgradeCmd(client helm.Interface, out io.Writer) *cobra.Command { upgrade.release = args[0] upgrade.chart = args[1] upgrade.client = ensureHelmClient(upgrade.client) - upgrade.wait = upgrade.wait || upgrade.safe + upgrade.wait = upgrade.wait || upgrade.atomic return upgrade.run() }, @@ -169,7 +169,7 @@ func newUpgradeCmd(client helm.Interface, out io.Writer) *cobra.Command { f.BoolVar(&upgrade.resetValues, "reset-values", false, "when upgrading, reset the values to the ones built into the chart") f.BoolVar(&upgrade.reuseValues, "reuse-values", false, "when upgrading, reuse the last release's values and merge in any overrides from the command line via --set and -f. If '--reset-values' is specified, this is ignored.") f.BoolVar(&upgrade.wait, "wait", false, "if set, will wait until all Pods, PVCs, Services, and minimum number of Pods of a Deployment are in a ready state before marking the release as successful. It will wait for as long as --timeout") - f.BoolVar(&upgrade.safe, "safe", false, "if set, upgrade process rolls back changes made in case of failed upgrade") + f.BoolVar(&upgrade.atomic, "atomic", false, "if set, upgrade process rolls back changes made in case of failed upgrade") f.StringVar(&upgrade.repoURL, "repo", "", "chart repository url where to locate the requested chart") f.StringVar(&upgrade.username, "username", "", "chart repository username where to locate the requested chart") f.StringVar(&upgrade.password, "password", "", "chart repository password where to locate the requested chart") @@ -236,7 +236,7 @@ func (u *upgradeCmd) run() error { timeout: u.timeout, wait: u.wait, description: u.description, - safe: u.safe, + atomic: u.atomic, } return ic.run() } @@ -276,7 +276,7 @@ func (u *upgradeCmd) run() error { helm.UpgradeDescription(u.description)) if err != nil { fmt.Fprintf(u.out, "UPGRADE FAILED\nROLLING BACK\nError: %v\n", prettyError(err)) - if u.safe { + if u.atomic { rollback := &rollbackCmd{ out: u.out, client: u.client, diff --git a/docs/helm/helm_install.md b/docs/helm/helm_install.md index 499e3222d..5d0130286 100644 --- a/docs/helm/helm_install.md +++ b/docs/helm/helm_install.md @@ -78,6 +78,7 @@ helm install [CHART] [flags] ### Options ``` + --atomic if set, upgrade process rolls back changes made in case of failed upgrade --ca-file string verify certificates of HTTPS-enabled servers using this CA bundle --cert-file string identify HTTPS client using this SSL certificate file --dep-up run helm dependency update before installing the chart @@ -96,7 +97,6 @@ helm install [CHART] [flags] --render-subchart-notes render subchart notes along with the parent --replace re-use the given name, even if that name is already used. This is unsafe in production --repo string chart repository url where to locate the requested chart - --safe if set, upgrade process rolls back changes made in case of failed upgrade --set stringArray set values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2) --set-file stringArray set values from respective files specified via the command line (can specify multiple or separate values with commas: key1=path1,key2=path2) --set-string stringArray set STRING values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2) @@ -130,4 +130,4 @@ helm install [CHART] [flags] * [helm](helm.md) - The Helm package manager for Kubernetes. -###### Auto generated by spf13/cobra on 9-Jan-2019 +###### Auto generated by spf13/cobra on 23-Jan-2019 diff --git a/docs/helm/helm_upgrade.md b/docs/helm/helm_upgrade.md index 081123278..ac2ab316a 100644 --- a/docs/helm/helm_upgrade.md +++ b/docs/helm/helm_upgrade.md @@ -65,6 +65,7 @@ helm upgrade [RELEASE] [CHART] [flags] ### Options ``` + --atomic if set, upgrade process rolls back changes made in case of failed upgrade --ca-file string verify certificates of HTTPS-enabled servers using this CA bundle --cert-file string identify HTTPS client using this SSL certificate file --description string specify the description to use for the upgrade, rather than the default @@ -83,7 +84,6 @@ helm upgrade [RELEASE] [CHART] [flags] --repo string chart repository url where to locate the requested chart --reset-values when upgrading, reset the values to the ones built into the chart --reuse-values when upgrading, reuse the last release's values and merge in any overrides from the command line via --set and -f. If '--reset-values' is specified, this is ignored. - --safe if set, upgrade process rolls back changes made in case of failed upgrade --set stringArray set values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2) --set-file stringArray set values from respective files specified via the command line (can specify multiple or separate values with commas: key1=path1,key2=path2) --set-string stringArray set STRING values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2) @@ -117,4 +117,4 @@ helm upgrade [RELEASE] [CHART] [flags] * [helm](helm.md) - The Helm package manager for Kubernetes. -###### Auto generated by spf13/cobra on 9-Jan-2019 +###### Auto generated by spf13/cobra on 23-Jan-2019 From 4b22ad16c08873b7ed7c1f7bc9d7a74bc5cdf4de Mon Sep 17 00:00:00 2001 From: Alexander Nesterenko Date: Sun, 27 Jan 2019 11:22:36 +0200 Subject: [PATCH 11/28] Upgrade installation docs Signed-off-by: Alexander Nesterenko Signed-off-by: Kevin Labesse --- docs/helm/helm_install.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/helm/helm_install.md b/docs/helm/helm_install.md index 5d0130286..75a3c0502 100644 --- a/docs/helm/helm_install.md +++ b/docs/helm/helm_install.md @@ -78,7 +78,7 @@ helm install [CHART] [flags] ### Options ``` - --atomic if set, upgrade process rolls back changes made in case of failed upgrade + --atomic if set, installation process purges chart on fail --ca-file string verify certificates of HTTPS-enabled servers using this CA bundle --cert-file string identify HTTPS client using this SSL certificate file --dep-up run helm dependency update before installing the chart @@ -130,4 +130,4 @@ helm install [CHART] [flags] * [helm](helm.md) - The Helm package manager for Kubernetes. -###### Auto generated by spf13/cobra on 23-Jan-2019 +###### Auto generated by spf13/cobra on 27-Jan-2019 From 53e24ec7b007f8281a57bebb1ec3e033721fb9cf Mon Sep 17 00:00:00 2001 From: Alexander Nesterenko Date: Sun, 27 Jan 2019 12:49:01 +0200 Subject: [PATCH 12/28] Add smoke tests Signed-off-by: Alexander Nesterenko Signed-off-by: Kevin Labesse --- cmd/helm/install_test.go | 8 ++++++++ cmd/helm/upgrade_test.go | 8 ++++++++ 2 files changed, 16 insertions(+) diff --git a/cmd/helm/install_test.go b/cmd/helm/install_test.go index 5f7ffdb50..24a5abe68 100644 --- a/cmd/helm/install_test.go +++ b/cmd/helm/install_test.go @@ -113,6 +113,14 @@ func TestInstall(t *testing.T) { expected: "apollo", resp: helm.ReleaseMock(&helm.MockReleaseOptions{Name: "apollo"}), }, + // Install, with atomic + { + name: "install with a atomic", + args: []string{"testdata/testcharts/alpine"}, + flags: strings.Split("--name apollo", " "), + expected: "apollo", + resp: helm.ReleaseMock(&helm.MockReleaseOptions{Name: "apollo"}), + }, // Install, using the name-template { name: "install with name-template", diff --git a/cmd/helm/upgrade_test.go b/cmd/helm/upgrade_test.go index 60b529f63..c2b1b4ea6 100644 --- a/cmd/helm/upgrade_test.go +++ b/cmd/helm/upgrade_test.go @@ -123,6 +123,14 @@ func TestUpgradeCmd(t *testing.T) { expected: "Release \"funny-bunny\" has been upgraded. Happy Helming!\n", rels: []*release.Release{helm.ReleaseMock(&helm.MockReleaseOptions{Name: "funny-bunny", Version: 5, Chart: ch2})}, }, + { + name: "install a release with 'upgrade --atomic'", + args: []string{"funny-bunny", chartPath}, + flags: []string{"--atomic"}, + resp: helm.ReleaseMock(&helm.MockReleaseOptions{Name: "funny-bunny", Version: 6, Chart: ch}), + expected: "Release \"funny-bunny\" has been upgraded. Happy Helming!\n", + rels: []*release.Release{helm.ReleaseMock(&helm.MockReleaseOptions{Name: "funny-bunny", Version: 6, Chart: ch})}, + }, { name: "install a release with 'upgrade --install'", args: []string{"zany-bunny", chartPath}, From a211585ea23c4f4e1523f5ae2e03e7ebffcfdd67 Mon Sep 17 00:00:00 2001 From: Alexander Nesterenko Date: Mon, 28 Jan 2019 20:06:31 +0200 Subject: [PATCH 13/28] Update docs to include information about setting `--wait flag` Signed-off-by: Alexander Nesterenko Signed-off-by: Kevin Labesse --- cmd/helm/install.go | 2 +- cmd/helm/upgrade.go | 2 +- docs/helm/helm_install.md | 4 ++-- docs/helm/helm_upgrade.md | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/cmd/helm/install.go b/cmd/helm/install.go index a6d6b0812..4602ea9fd 100644 --- a/cmd/helm/install.go +++ b/cmd/helm/install.go @@ -215,7 +215,7 @@ func newInstallCmd(c helm.Interface, out io.Writer) *cobra.Command { f.StringVar(&inst.version, "version", "", "specify the exact chart version to install. If this is not specified, the latest version is installed") f.Int64Var(&inst.timeout, "timeout", 300, "time in seconds to wait for any individual Kubernetes operation (like Jobs for hooks)") f.BoolVar(&inst.wait, "wait", false, "if set, will wait until all Pods, PVCs, Services, and minimum number of Pods of a Deployment are in a ready state before marking the release as successful. It will wait for as long as --timeout") - f.BoolVar(&inst.atomic, "atomic", false, "if set, installation process purges chart on fail") + f.BoolVar(&inst.atomic, "atomic", false, "if set, installation process purges chart on fail, also sets --wait flag") f.StringVar(&inst.repoURL, "repo", "", "chart repository url where to locate the requested chart") f.StringVar(&inst.username, "username", "", "chart repository username where to locate the requested chart") f.StringVar(&inst.password, "password", "", "chart repository password where to locate the requested chart") diff --git a/cmd/helm/upgrade.go b/cmd/helm/upgrade.go index 5184a97ff..044ec045d 100644 --- a/cmd/helm/upgrade.go +++ b/cmd/helm/upgrade.go @@ -169,7 +169,7 @@ func newUpgradeCmd(client helm.Interface, out io.Writer) *cobra.Command { f.BoolVar(&upgrade.resetValues, "reset-values", false, "when upgrading, reset the values to the ones built into the chart") f.BoolVar(&upgrade.reuseValues, "reuse-values", false, "when upgrading, reuse the last release's values and merge in any overrides from the command line via --set and -f. If '--reset-values' is specified, this is ignored.") f.BoolVar(&upgrade.wait, "wait", false, "if set, will wait until all Pods, PVCs, Services, and minimum number of Pods of a Deployment are in a ready state before marking the release as successful. It will wait for as long as --timeout") - f.BoolVar(&upgrade.atomic, "atomic", false, "if set, upgrade process rolls back changes made in case of failed upgrade") + f.BoolVar(&upgrade.atomic, "atomic", false, "if set, upgrade process rolls back changes made in case of failed upgrade, also sets --wait flag") f.StringVar(&upgrade.repoURL, "repo", "", "chart repository url where to locate the requested chart") f.StringVar(&upgrade.username, "username", "", "chart repository username where to locate the requested chart") f.StringVar(&upgrade.password, "password", "", "chart repository password where to locate the requested chart") diff --git a/docs/helm/helm_install.md b/docs/helm/helm_install.md index 75a3c0502..12ae81b78 100644 --- a/docs/helm/helm_install.md +++ b/docs/helm/helm_install.md @@ -78,7 +78,7 @@ helm install [CHART] [flags] ### Options ``` - --atomic if set, installation process purges chart on fail + --atomic if set, installation process purges chart on fail, also sets --wait flag --ca-file string verify certificates of HTTPS-enabled servers using this CA bundle --cert-file string identify HTTPS client using this SSL certificate file --dep-up run helm dependency update before installing the chart @@ -130,4 +130,4 @@ helm install [CHART] [flags] * [helm](helm.md) - The Helm package manager for Kubernetes. -###### Auto generated by spf13/cobra on 27-Jan-2019 +###### Auto generated by spf13/cobra on 28-Jan-2019 diff --git a/docs/helm/helm_upgrade.md b/docs/helm/helm_upgrade.md index ac2ab316a..676c26595 100644 --- a/docs/helm/helm_upgrade.md +++ b/docs/helm/helm_upgrade.md @@ -65,7 +65,7 @@ helm upgrade [RELEASE] [CHART] [flags] ### Options ``` - --atomic if set, upgrade process rolls back changes made in case of failed upgrade + --atomic if set, upgrade process rolls back changes made in case of failed upgrade, also sets --wait flag --ca-file string verify certificates of HTTPS-enabled servers using this CA bundle --cert-file string identify HTTPS client using this SSL certificate file --description string specify the description to use for the upgrade, rather than the default @@ -117,4 +117,4 @@ helm upgrade [RELEASE] [CHART] [flags] * [helm](helm.md) - The Helm package manager for Kubernetes. -###### Auto generated by spf13/cobra on 23-Jan-2019 +###### Auto generated by spf13/cobra on 28-Jan-2019 From bdaf001aba545f16d3c0cd5a3563bb0ab580e919 Mon Sep 17 00:00:00 2001 From: Bort Verwilst Date: Tue, 29 Jan 2019 19:41:34 +0100 Subject: [PATCH 14/28] Switch to numeric user id (#5203) Signed-off-by: Bart Verwilst Signed-off-by: Kevin Labesse --- rootfs/Dockerfile | 2 +- rootfs/Dockerfile.experimental | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/rootfs/Dockerfile b/rootfs/Dockerfile index 82dfa0d4c..f918c4d51 100644 --- a/rootfs/Dockerfile +++ b/rootfs/Dockerfile @@ -22,6 +22,6 @@ COPY helm /helm COPY tiller /tiller EXPOSE 44134 -USER nobody +USER 65534 ENTRYPOINT ["/tiller"] diff --git a/rootfs/Dockerfile.experimental b/rootfs/Dockerfile.experimental index ca0c87f30..61e49ab67 100644 --- a/rootfs/Dockerfile.experimental +++ b/rootfs/Dockerfile.experimental @@ -21,6 +21,6 @@ ENV HOME /tmp COPY tiller /tiller EXPOSE 44134 -USER nobody +USER 65534 ENTRYPOINT ["/tiller", "--experimental-release"] From 8364413765da42e147d114517610696a62eebdcf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcin=20K=C5=82opotek?= Date: Tue, 29 Jan 2019 19:43:38 +0100 Subject: [PATCH 15/28] Update documentation with option to install helm on Windows via scoop (#5207) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Marcin Kłopotek Signed-off-by: Kevin Labesse --- docs/install.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/docs/install.md b/docs/install.md index b47aea6f1..b9626a43a 100755 --- a/docs/install.md +++ b/docs/install.md @@ -45,7 +45,7 @@ brew install kubernetes-helm (Note: There is also a formula for emacs-helm, which is a different project.) -### From Chocolatey (Windows) +### From Chocolatey or scoop (Windows) Members of the Kubernetes community have contributed a [Helm package](https://chocolatey.org/packages/kubernetes-helm) build to [Chocolatey](https://chocolatey.org/). This package is generally up to date. @@ -54,6 +54,12 @@ Members of the Kubernetes community have contributed a [Helm package](https://ch choco install kubernetes-helm ``` +The binary can also be installed via [`scoop`](https://scoop.sh) command-line installer. + +``` +scoop install helm +``` + ## From Script Helm now has an installer script that will automatically grab the latest version From d6b9feaf58a97942912ce76a480be6e23c2d17d1 Mon Sep 17 00:00:00 2001 From: Maor Friedman Date: Tue, 29 Jan 2019 10:44:25 -0800 Subject: [PATCH 16/28] [docs/related] add helm tiller-info plugin, related to #5111 (#5154) Signed-off-by: Maor Signed-off-by: Kevin Labesse --- docs/related.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/related.md b/docs/related.md index 5c027cc36..4fc4d9737 100644 --- a/docs/related.md +++ b/docs/related.md @@ -53,6 +53,7 @@ or [pull request](https://github.com/helm/helm/pulls). - [helm-stop](https://github.com/IBM/helm-stop) - Plugin for stopping a release pods - [helm-template](https://github.com/technosophos/helm-template) - Debug/render templates client-side - [helm-tiller](https://github.com/adamreese/helm-tiller) - Additional commands to work with Tiller +- [helm-tiller-info](https://github.com/maorfr/helm-tiller-info) - Plugin which prints information about Tiller - [helm-unittest](https://github.com/lrills/helm-unittest) - Plugin for unit testing chart locally with YAML - [Tillerless Helm v2](https://github.com/rimusz/helm-tiller) - Helm plugin for using Tiller locally and in CI/CD pipelines From 5292b7f511cc18a0d764147d2f038f813e62867f Mon Sep 17 00:00:00 2001 From: Christian Hildebrando Hercules Date: Tue, 29 Jan 2019 10:54:02 -0800 Subject: [PATCH 17/28] Updating SAP example of gathering charts in one place (#5125) Signed-off-by: Christian H Hercules Signed-off-by: Kevin Labesse --- docs/charts_tips_and_tricks.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/charts_tips_and_tricks.md b/docs/charts_tips_and_tricks.md index e948d3bcf..9f9cc84a6 100644 --- a/docs/charts_tips_and_tricks.md +++ b/docs/charts_tips_and_tricks.md @@ -255,9 +255,9 @@ embed each of the components. Two strong design patterns are illustrated by these projects: -**SAP's [OpenStack chart](https://github.com/sapcc/openstack-helm):** This chart -installs a full OpenStack IaaS on Kubernetes. All of the charts are collected -together in one GitHub repository. +**SAP's [Converged charts](https://github.com/sapcc/helm-charts):** These charts +install SAP Converged Cloud a full OpenStack IaaS on Kubernetes. All of the charts are collected +together in one GitHub repository, except for a few submodules. **Deis's [Workflow](https://github.com/deis/workflow/tree/master/charts/workflow):** This chart exposes the entire Deis PaaS system with one chart. But it's different From 552472057a76e65396d10b3406893656406058a9 Mon Sep 17 00:00:00 2001 From: Peter Stalman Date: Tue, 29 Jan 2019 10:54:51 -0800 Subject: [PATCH 18/28] Fixes #5046, zsh completion (#5072) Signed-off-by: Peter Stalman Signed-off-by: Kevin Labesse --- cmd/helm/completion.go | 1 + 1 file changed, 1 insertion(+) diff --git a/cmd/helm/completion.go b/cmd/helm/completion.go index 2181e723c..d0249b2ea 100644 --- a/cmd/helm/completion.go +++ b/cmd/helm/completion.go @@ -212,6 +212,7 @@ __helm_convert_bash_to_zsh() { -e "s/${LWORD}compopt${RWORD}/__helm_compopt/g" \ -e "s/${LWORD}declare${RWORD}/__helm_declare/g" \ -e "s/\\\$(type${RWORD}/\$(__helm_type/g" \ + -e 's/aliashash\["\(\w\+\)"\]/aliashash[\1]/g' \ <<'BASH_COMPLETION_EOF' ` out.Write([]byte(zshInitialization)) From ae3d0658601f75f54e4559d2f17d36586e598544 Mon Sep 17 00:00:00 2001 From: Laski Date: Tue, 29 Jan 2019 16:15:38 -0300 Subject: [PATCH 19/28] Clarify section title (#5226) As stated by @schollii in https://github.com/helm/helm/issues/4505#issuecomment-415886732 "Overriding Values from a Parent Chart" is unclear. This changes that text to "Overriding Values of a Child Chart". See @scholli's comment for justification. Signed-off-by: Nahuel Lascano Signed-off-by: Kevin Labesse --- docs/chart_template_guide/subcharts_and_globals.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/chart_template_guide/subcharts_and_globals.md b/docs/chart_template_guide/subcharts_and_globals.md index 1954df39a..b37a82bca 100644 --- a/docs/chart_template_guide/subcharts_and_globals.md +++ b/docs/chart_template_guide/subcharts_and_globals.md @@ -63,7 +63,7 @@ data: dessert: cake ``` -## Overriding Values from a Parent Chart +## Overriding Values of a Child Chart Our original chart, `mychart` is now the _parent_ chart of `mysubchart`. This relationship is based entirely on the fact that `mysubchart` is within `mychart/charts`. From eb1fad0554b936bd47c53f049c884d4d018bd404 Mon Sep 17 00:00:00 2001 From: Amim Knabben Date: Tue, 29 Jan 2019 18:00:51 -0200 Subject: [PATCH 20/28] Changing deprecated library reference and setting delete propagation background policy (#5161) Signed-off-by: Amim Knabben Signed-off-by: Kevin Labesse --- cmd/helm/installer/uninstall.go | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/cmd/helm/installer/uninstall.go b/cmd/helm/installer/uninstall.go index db824ca0b..87fbd4050 100644 --- a/cmd/helm/installer/uninstall.go +++ b/cmd/helm/installer/uninstall.go @@ -47,10 +47,11 @@ func deleteService(client corev1.ServicesGetter, namespace string) error { } // deleteDeployment deletes the Tiller Deployment resource -// We need to use the reaper instead of the kube API because GC for deployment dependents -// is not yet supported at the k8s server level (<= 1.5) func deleteDeployment(client kubernetes.Interface, namespace string) error { - err := client.Extensions().Deployments(namespace).Delete(deploymentName, &metav1.DeleteOptions{}) + policy := metav1.DeletePropagationBackground + err := client.AppsV1().Deployments(namespace).Delete(deploymentName, &metav1.DeleteOptions{ + PropagationPolicy: &policy, + }) return ingoreNotFound(err) } From 9c038f30d665dcbc2c7c870385afa4ca73529a17 Mon Sep 17 00:00:00 2001 From: James Ravn Date: Tue, 29 Jan 2019 20:04:17 +0000 Subject: [PATCH 21/28] fix(tiller): respect resource policy on upgrade (#5225) Don't delete a resource on upgrade if it is annotated with helm.io/resource-policy=keep. This can cause data loss for users if the annotation is ignored (e.g. for a PVC). Closes #3673 Signed-off-by: James Ravn Signed-off-by: Kevin Labesse --- pkg/kube/client.go | 18 +++++++++++++++++- pkg/kube/client_test.go | 15 +++++++++++++++ pkg/kube/resource_policy.go | 26 ++++++++++++++++++++++++++ pkg/tiller/resource_policy.go | 13 ++----------- 4 files changed, 60 insertions(+), 12 deletions(-) create mode 100644 pkg/kube/resource_policy.go diff --git a/pkg/kube/client.go b/pkg/kube/client.go index 4a387d524..e897aced6 100644 --- a/pkg/kube/client.go +++ b/pkg/kube/client.go @@ -23,11 +23,12 @@ import ( goerrors "errors" "fmt" "io" + "k8s.io/apimachinery/pkg/api/meta" "log" "strings" "time" - jsonpatch "github.com/evanphx/json-patch" + "github.com/evanphx/json-patch" appsv1 "k8s.io/api/apps/v1" appsv1beta1 "k8s.io/api/apps/v1beta1" appsv1beta2 "k8s.io/api/apps/v1beta2" @@ -60,6 +61,8 @@ const MissingGetHeader = "==> MISSING\nKIND\t\tNAME\n" // ErrNoObjectsVisited indicates that during a visit operation, no matching objects were found. var ErrNoObjectsVisited = goerrors.New("no objects visited") +var metadataAccessor = meta.NewAccessor() + // Client represents a client capable of communicating with the Kubernetes API. type Client struct { cmdutil.Factory @@ -308,6 +311,19 @@ func (c *Client) Update(namespace string, originalReader, targetReader io.Reader for _, info := range original.Difference(target) { c.Log("Deleting %q in %s...", info.Name, info.Namespace) + + if err := info.Get(); err != nil { + c.Log("Unable to get obj %q, err: %s", info.Name, err) + } + annotations, err := metadataAccessor.Annotations(info.Object) + if err != nil { + c.Log("Unable to get annotations on %q, err: %s", info.Name, err) + } + if annotations != nil && annotations[ResourcePolicyAnno] == KeepPolicy { + c.Log("Skipping delete of %q due to annotation [%s=%s]", info.Name, ResourcePolicyAnno, KeepPolicy) + continue + } + if err := deleteResource(info); err != nil { c.Log("Failed to delete %q, err: %s", info.Name, err) } diff --git a/pkg/kube/client_test.go b/pkg/kube/client_test.go index de33881c8..aa21b937c 100644 --- a/pkg/kube/client_test.go +++ b/pkg/kube/client_test.go @@ -151,6 +151,8 @@ func TestUpdate(t *testing.T) { return newResponse(200, &listB.Items[1]) case p == "/namespaces/default/pods/squid" && m == "DELETE": return newResponse(200, &listB.Items[1]) + case p == "/namespaces/default/pods/squid" && m == "GET": + return newResponse(200, &listA.Items[2]) default: t.Fatalf("unexpected request: %s %s", req.Method, req.URL.Path) return nil, nil @@ -183,6 +185,7 @@ func TestUpdate(t *testing.T) { "/namespaces/default/pods/otter:GET", "/namespaces/default/pods/dolphin:GET", "/namespaces/default/pods:POST", + "/namespaces/default/pods/squid:GET", "/namespaces/default/pods/squid:DELETE", } if len(expectedActions) != len(actions) { @@ -194,6 +197,18 @@ func TestUpdate(t *testing.T) { t.Errorf("expected %s request got %s", v, actions[k]) } } + + // Test resource policy is respected + actions = nil + listA.Items[2].ObjectMeta.Annotations = map[string]string{ResourcePolicyAnno: KeepPolicy} + if err := c.Update(v1.NamespaceDefault, objBody(&listA), objBody(&listB), false, false, 0, false); err != nil { + t.Fatal(err) + } + for _, v := range actions { + if v == "/namespaces/default/pods/squid:DELETE" { + t.Errorf("should not have deleted squid - it has helm.sh/resource-policy=keep") + } + } } func TestBuild(t *testing.T) { diff --git a/pkg/kube/resource_policy.go b/pkg/kube/resource_policy.go new file mode 100644 index 000000000..45cebcba8 --- /dev/null +++ b/pkg/kube/resource_policy.go @@ -0,0 +1,26 @@ +/* +Copyright The Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package kube + +// ResourcePolicyAnno is the annotation name for a resource policy +const ResourcePolicyAnno = "helm.sh/resource-policy" + +// KeepPolicy is the resource policy type for keep +// +// This resource policy type allows resources to skip being deleted +// during an uninstallRelease action. +const KeepPolicy = "keep" diff --git a/pkg/tiller/resource_policy.go b/pkg/tiller/resource_policy.go index cca2391d8..aa9c5d2bd 100644 --- a/pkg/tiller/resource_policy.go +++ b/pkg/tiller/resource_policy.go @@ -24,15 +24,6 @@ import ( "k8s.io/helm/pkg/tiller/environment" ) -// resourcePolicyAnno is the annotation name for a resource policy -const resourcePolicyAnno = "helm.sh/resource-policy" - -// keepPolicy is the resource policy type for keep -// -// This resource policy type allows resources to skip being deleted -// during an uninstallRelease action. -const keepPolicy = "keep" - func filterManifestsToKeep(manifests []Manifest) ([]Manifest, []Manifest) { remaining := []Manifest{} keep := []Manifest{} @@ -43,14 +34,14 @@ func filterManifestsToKeep(manifests []Manifest) ([]Manifest, []Manifest) { continue } - resourcePolicyType, ok := m.Head.Metadata.Annotations[resourcePolicyAnno] + resourcePolicyType, ok := m.Head.Metadata.Annotations[kube.ResourcePolicyAnno] if !ok { remaining = append(remaining, m) continue } resourcePolicyType = strings.ToLower(strings.TrimSpace(resourcePolicyType)) - if resourcePolicyType == keepPolicy { + if resourcePolicyType == kube.KeepPolicy { keep = append(keep, m) } From 974fa280e954cf870e94c764b87b400a9c193afb Mon Sep 17 00:00:00 2001 From: Matthew Fisher Date: Tue, 29 Jan 2019 12:34:33 -0800 Subject: [PATCH 22/28] docs: add note on rolling back to the previous release (#5228) While deving at a Microsoft Open Hack my group discovered this useful piece of information in this issue comment: https://github.com/helm/helm/issues/1796#issuecomment-311385728 We found it very useful for our Blue Green CD pipeline and thought others might find it useful as well. Signed-off-by: Ethan Arrowood Signed-off-by: Matthew Fisher Signed-off-by: Kevin Labesse --- cmd/helm/rollback.go | 3 ++- docs/helm/helm_rollback.md | 5 +++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/cmd/helm/rollback.go b/cmd/helm/rollback.go index 0c46fa818..78d79659d 100644 --- a/cmd/helm/rollback.go +++ b/cmd/helm/rollback.go @@ -31,7 +31,8 @@ This command rolls back a release to a previous revision. The first argument of the rollback command is the name of a release, and the second is a revision (version) number. To see revision numbers, run -'helm history RELEASE'. +'helm history RELEASE'. If you'd like to rollback to the previous release use +'helm rollback [RELEASE] 0'. ` type rollbackCmd struct { diff --git a/docs/helm/helm_rollback.md b/docs/helm/helm_rollback.md index 5862b180a..80fc83a83 100644 --- a/docs/helm/helm_rollback.md +++ b/docs/helm/helm_rollback.md @@ -9,7 +9,8 @@ This command rolls back a release to a previous revision. The first argument of the rollback command is the name of a release, and the second is a revision (version) number. To see revision numbers, run -'helm history RELEASE'. +'helm history RELEASE'. If you'd like to rollback to the previous release use +'helm rollback [RELEASE] 0'. ``` @@ -51,4 +52,4 @@ helm rollback [flags] [RELEASE] [REVISION] * [helm](helm.md) - The Helm package manager for Kubernetes. -###### Auto generated by spf13/cobra on 10-Aug-2018 +###### Auto generated by spf13/cobra on 29-Jan-2019 From e267bd1b3718b7e2bed9d87c4ff46eb1a8504725 Mon Sep 17 00:00:00 2001 From: Matthew Fisher Date: Tue, 29 Jan 2019 12:35:44 -0800 Subject: [PATCH 23/28] add missing "and" (#5227) Signed-off-by: Matthew Fisher Signed-off-by: Kevin Labesse --- docs/chart_template_guide/variables.md | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/docs/chart_template_guide/variables.md b/docs/chart_template_guide/variables.md index d924fe2cf..dda92559b 100644 --- a/docs/chart_template_guide/variables.md +++ b/docs/chart_template_guide/variables.md @@ -98,10 +98,7 @@ data: Variables are normally not "global". They are scoped to the block in which they are declared. Earlier, we assigned `$relname` in the top level of the template. That variable will be in scope for the entire template. But in our last example, `$key` and `$val` will only be in scope inside of the `{{range...}}{{end}}` block. -However, there is one variable that is always global - `$` - this -variable will always point to the root context. This can be very -useful when you are looping in a range need to know the chart's release -name. +However, there is one variable that is always global - `$` - this variable will always point to the root context. This can be very useful when you are looping in a range and need to know the chart's release name. An example illustrating this: ```yaml @@ -111,8 +108,8 @@ kind: Secret metadata: name: {{ .name }} labels: - # Many helm templates would use `.` below, but that will not work, - # however `$` will work here + # Many helm templates would use `.` below, but that will not work, + # however `$` will work here app.kubernetes.io/name: {{ template "fullname" $ }} # I cannot reference .Chart.Name, but I can do $.Chart.Name helm.sh/chart: "{{ $.Chart.Name }}-{{ $.Chart.Version }}" From 4e538f4908fdf4273f75d546efd80e68e57299fd Mon Sep 17 00:00:00 2001 From: Patrick Stegmann Date: Wed, 30 Jan 2019 00:21:47 +0100 Subject: [PATCH 24/28] Adds the tip that you can pass custom objects (#3916) Signed-off-by: Kevin Labesse --- docs/charts_tips_and_tricks.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docs/charts_tips_and_tricks.md b/docs/charts_tips_and_tricks.md index 9f9cc84a6..e2c73b14f 100644 --- a/docs/charts_tips_and_tricks.md +++ b/docs/charts_tips_and_tricks.md @@ -36,6 +36,12 @@ is required, and will print an error message when that entry is missing: value: {{ required "A valid .Values.who entry required!" .Values.who }} ``` +When using the `include` function, you can pass it a custom object tree built from the current context by using the `dict` function: + +```yaml +{{- include "mytpl" (dict "key1" .Values.originalKey1 "key2" .Values.originalKey2) }} +``` + ## Quote Strings, Don't Quote Integers When you are working with string data, you are always safer quoting the From 04ec44ec175fdd9ed4d1d2ab17c921ebba3affec Mon Sep 17 00:00:00 2001 From: "Pablo M. Canseco" Date: Tue, 29 Jan 2019 22:03:30 -0700 Subject: [PATCH 25/28] Update using_helm.md (#4690) * Update using_helm.md In docs/using_helm.md, it says on line 214 that you can pass in a YAML formatted file, but the example commands following that sentence create JSON code but names the file with a .yml extension. For clarity, I propose saying that it will accept JSON or YAML but clarify in the code that for the example we're making a JSON file. Signed-off-by: Pablo Canseco * update using_helm.md to accurately say that helm install -f only takes a yaml-formatted file. Signed-off-by: Pablo Canseco * updated wording to reflect the fact that -f / --values only accepts YAML Signed-off-by: Pablo Canseco Signed-off-by: Kevin Labesse --- docs/using_helm.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/docs/using_helm.md b/docs/using_helm.md index 5716a1302..db723d993 100755 --- a/docs/using_helm.md +++ b/docs/using_helm.md @@ -1,4 +1,4 @@ -# Using Helm +# Using Helm This guide explains the basics of using Helm (and Tiller) to manage packages on your Kubernetes cluster. It assumes that you have already @@ -215,7 +215,10 @@ You can then override any of these settings in a YAML formatted file, and then pass that file during installation. ```console -$ echo '{mariadbUser: user0, mariadbDatabase: user0db}' > config.yaml +$ cat << EOF > config.yaml +mariadbUser: user0 +mariadbDatabase: user0db +EOF $ helm install -f config.yaml stable/mariadb ``` From ba7966cf03a1f4f8b90b57d0b5b1468ab23a11e2 Mon Sep 17 00:00:00 2001 From: Jacob Silva Date: Wed, 30 Jan 2019 01:11:07 -0500 Subject: [PATCH 26/28] Removed link for Cabin mobile app (#5231) Signed-off-by: Jacob Silva Signed-off-by: Kevin Labesse --- docs/related.md | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/related.md b/docs/related.md index 4fc4d9737..ba1b0dfbf 100644 --- a/docs/related.md +++ b/docs/related.md @@ -89,7 +89,6 @@ Tools layered on top of Helm or Tiller. Platforms, distributions, and services that include Helm support. -- [Cabin](http://www.skippbox.com/cabin/) - Mobile App for Managing Kubernetes - [Fabric8](https://fabric8.io) - Integrated development platform for Kubernetes - [Jenkins X](http://jenkins-x.io/) - open source automated CI/CD for Kubernetes which uses Helm for [promoting](http://jenkins-x.io/about/features/#promotion) applications through [environments via GitOps](http://jenkins-x.io/about/features/#environments) - [Kubernetic](https://kubernetic.com/) - Kubernetes Desktop Client From 654d40c9e47b14516336f1affecb3e65509fdd5f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcin=20K=C5=82opotek?= Date: Wed, 30 Jan 2019 16:06:24 +0100 Subject: [PATCH 27/28] Update README with scoop install option (#5234) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Marcin Kłopotek Signed-off-by: Kevin Labesse --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 7e68df5c3..1889e818e 100644 --- a/README.md +++ b/README.md @@ -41,6 +41,7 @@ If you want to use a package manager: - [Homebrew](https://brew.sh/) users can use `brew install kubernetes-helm`. - [Chocolatey](https://chocolatey.org/) users can use `choco install kubernetes-helm`. +- [Scoop](https://scoop.sh/) users can use `scoop install helm`. - [GoFish](https://gofi.sh/) users can use `gofish install helm`. To rapidly get Helm up and running, start with the [Quick Start Guide](https://docs.helm.sh/using_helm/#quickstart-guide). From 259411c257247b0e9f4a3b38dc705cbf392708e4 Mon Sep 17 00:00:00 2001 From: lIuDuI <1693291525@qq.com> Date: Thu, 31 Jan 2019 12:10:26 +0800 Subject: [PATCH 28/28] Update func name (#5241) Signed-off-by: xichengliudui <1693291525@qq.com> Signed-off-by: Kevin Labesse --- cmd/helm/installer/install.go | 2 +- cmd/helm/installer/options.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cmd/helm/installer/install.go b/cmd/helm/installer/install.go index 6027fdba8..d6d24eec4 100644 --- a/cmd/helm/installer/install.go +++ b/cmd/helm/installer/install.go @@ -183,7 +183,7 @@ func generateLabels(labels map[string]string) map[string]string { return labels } -// parseNodeSelectors parses a comma delimited list of key=values pairs into a map. +// parseNodeSelectorsInto parses a comma delimited list of key=values pairs into a map. func parseNodeSelectorsInto(labels string, m map[string]string) error { kv := strings.Split(labels, ",") for _, v := range kv { diff --git a/cmd/helm/installer/options.go b/cmd/helm/installer/options.go index 196ad8de4..dbcb376c5 100644 --- a/cmd/helm/installer/options.go +++ b/cmd/helm/installer/options.go @@ -50,7 +50,7 @@ type Options struct { // AutoMountServiceAccountToken determines whether or not the service account should be added to Tiller. AutoMountServiceAccountToken bool - // Force allows to force upgrading tiller if deployed version is greater than current version + // ForceUpgrade allows to force upgrading tiller if deployed version is greater than current version ForceUpgrade bool // ImageSpec identifies the image Tiller will use when deployed.