Since Helm is going through breaking changes with Helm v4, the version path to
Helm needs to be updated.
Signed-off-by: Matt Farina <matt.farina@suse.com>
Multiple changes were made to pass linting. Some Go built-in names
are being used for variables (e.g., min). This happens in the Go
source itself including the Go standard library and is not always
a bad practice.
To handle allowing some built-in names to be used the linter config
is updated to allow (via opt-in) some names to pass. This allows us
to still check for re-use of Go built-in names and opt-in to any
new uses.
There were also several cases where a value was checked for nil
before checking its length when this is already handled by len()
or the types default value. These were cleaned up.
The license validation was updated because it was checking everything
in the .git directory including all remote content that was local.
The previous vendor directory was from a time prior to Go modules
when Helm handled dependencies differently. It was no longer needed.
Signed-off-by: Matt Farina <matt.farina@suse.com>
kubernetes might at any time throw 409 Conflict Error codes. Clients
are supposed to retry when this happens. As an example, see
kubernetes/issues/67761 where such an issues might happen when the
cluster manipulates a projects's ResourceQuotas.
Catch such Conflict Errors on createResource and deleteResource and
retry before giving up. Due to the more complex logic and focus on
kubernetes/issues/67761, this patch purposefully omits possibly
needed changes to updateResource and instead defers them to another
patch if required in the future.
Closes issue #9710
Signed-off-by: Andreas Karis <ak.karis@gmail.com>
Allow the SDK actions to adopt existing resources. This allows install
and update to overwrite resources. If TakeOwnership is not set, adoption
is only possible if they existing resources have the right labels
(managed-by) and annotations (release-name, ...).
Signed-off-by: Mario Manno <mmanno@suse.com>
CI, tests, and building failed after #10920 was merged. This change
fixes the issues that were introduced.
Signed-off-by: Matt Farina <matt.farina@suse.com>
Noteis:
1. This moves golangci scanning to a GitHub action. This will
enable inline pointers to issues in the PR where linting fails.
2. Go 1.21 is specified in the go.mod because Kubernetes libs
require it.
3. The lint issues were removed. Some were fixed while others
were handled by skipping linting or using _ as an argument.
Many of these can be refactored later for better cleanup.
Signed-off-by: Matt Farina <matt.farina@suse.com>
When a user specifies --wait for an install or upgrade this commit will enable the user to specifiy a number of retries to attepmt if a status check fails
Errors including a HTTP status code < 500 will not be retried
Signed-off-by: MichaelMorris <michael.morris@est.tech>
This covers both the property and the minimal copy of the Factory
interface. It also notes that this interface is not covered by the
Helm backwards compatibility and why.
Signed-off-by: Matt Farina <matt.farina@suse.com>
Signed-off-by: Joe Julian <me@joejulian.name>
* Fixes Readiness Check for statefulsets using partitioned rolling update.
Fixes#11773
This change updates readiness check in ready.go to correctly
account for statefulsets that are utilizing a partitioned upgrade.
These statefulsets only upgrade a subset of the managed pods with each call
to helm upgrade. This causes the upgrade to legitimately hit the condition where
sts.status.CurrentRevision != sts.Status.UpdateRevision which causes helm to mark
the upgrade has failed when in fact it is successful.
This change fixes that behavior to only check when partition is unspecified or 0.
Signed-off-by: Aman Nijhawan <anijhawan@yugabyte.com>
* Adding a unit test to verify that partitioned rolling upgrade for a statefulset works.
Signed-off-by: Aman Nijhawan <anijhawan@yugabyte.com>
---------
Signed-off-by: Aman Nijhawan <anijhawan@yugabyte.com>
Co-authored-by: Aman Nijhawan <anijhawan@yugabyte.com>
At this time both Go 1.19 and 1.20 are supported. The version
specified in the go.mod file is the minimum version we expect Helm
to be compiled against. This is the oldest supported version to
support environments where others compile Helm. The Helm project
is using Go 1.20 to build Helm itself.
Updating to Go 1.19 also includes dealing with io/ioutil
deprecation and some additional linting issues around staticcheck.
All the staticcheck issues were in test files so linting was
skipped for those.
Signed-off-by: Matt Farina <matt.farina@suse.com>
Add --cascade=<background|foreground|orphan> option to helm uninstall
Current behaviour is hardcoded to background
Addresses issue: https://github.com/helm/helm/issues/10586
Signed-off-by: MichaelMorris <michael.morris@est.tech>
Fixes#11712
A change was made that when validation was turned off the Kubernetes
packages were building objects as a Table type. This was done for
display purposes. When details about the objects was going to be
printed as part of #10912.
This broke rollback, and possibly other functionality, as a Table
type was returned in some cases that needed the regular object.
This caused things to break silently.
The fix involved adding in a new Function (and interface) to
query for tables instead of the objects themselves. There was not
a clean way to add it to the existing function that covered all
cases.
A second problem was noticed along the way. When data was output
via status as YAML or JSON it was in the form of a table rather
than the objects themselves. This did not reflect expectations
and did not match the functionality in kubectl. The code was
updated to return a table when that was presented and the objects
when they are being output for YAML or JSON. The API also supports
this handling to SDK users can replicate this functionality.
API changes made here were never released. The functions were
developed for this release of Helm and only ever appeared in an
RC. In this case, they can be changed.
Signed-off-by: Matt Farina <matt.farina@suse.com>
There are cases when the etcdserver is temporarily unavailable and the
errors that we get back from kube-apiserver reflect that error. It looks
like we bail out immediately when these errors happen currently. We
should retry until timeout is reached when this sort of errors happen.
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
Extend Interface with new InterfaceResources to avoid breaking changes
Move change to staus command behind --show-resources flag
Signed-off-by: Soujanya Mangipudi <somangip@microsoft.com>
Creating a new PR based on this existing stale PR https://github.com/helm/helm/pull/7728
Signed-off-by: Soujanya Mangipudi <somangip@microsoft.com>
# Conflicts:
# go.sum
Unfortunately errors from the API server do not always (do they ever?) contain
the name of the resource in question.
Deletions for multiple resources are processed concurrently, so in a resulting
log, a preceding "Starting delete" line might be for a different object.
Signed-off-by: Marcin Owsiany <porridge@redhat.com>
Confirm that the current and updated revision numbers also match as part
of the readiness check. Add coverage for readiness scenarios where
StatefulSet status does not reflect the most recent generation of the
StatefulSet yet.
Also add additional logging around the sts transitions from non-ready to
ready.
Fixes: #10163
Signed-off-by: Dominic Evans <dominic.evans@uk.ibm.com>
This required modifying the `kube.Factory` interface to conform to
changes in k8s' `cmdutil.Factory` interface:
fe3772890f
Signed-off-by: Andrew Seigner <andrew@sig.gy>
The partition value can be greater than number of replicas, in that
case no pods are rolled out. The expectedReplicas becomes a negative
number.
https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#partitions
In the cases where the update does not change anything in the pod
template, the updatedReplicas value from StatefulSet status remains
unchanged. Such updates can still set some partition value, and
UpdatedReplicas is always greater than expectedReplicas. Basically,
the StatefulSet is ready / rolled-out.
In both the above scenarios, providing `--wait` flag causes it to
timeout waiting indefinitely. Because updatedReplicas can never be
negative, or be equal to the expectedReplicas for the second case.
This commit handles both the scenarios by checking if UpdatedReplicas
is smaller than expectedReplicas. If it is, then the StatefulSet is
not ready yet.
Based on the code from kubectl rollout:
a450ebd59c/pkg/polymorphichelpers/rollout_status.go (L138-L141)Closes#8674
Signed-off-by: Bhavin Gandhi <bhavin7392@gmail.com>
If set, 'uninstall' command will wait until all the resources are deleted before returning.
It will wait for as long as --timeout
closes#2378
Signed-off-by: Mike Ng <ming@redhat.com>
Fix typos
Remove condition arround time.Sleep
Because a negative or zero duration causes Sleep to return immediately.
Signed-off-by: Stephane Moser <moser.sts@gmail.com>
Rename the package time
Redesgin the logic to make a FakeKubeClient wait for a ammount time.
Remove unneed logic in the PrintingKubeClient
Signed-off-by: Stephane Moser <moser.sts@gmail.com>
Implement timer in the fake.go and printer.go to simulate the wait period
Add test Upgrade Release when it is interruped with SIGINT
Signed-off-by: Stephane Moser <moser.sts@gmail.com>
managedFields were a changed that landed in 1.18. This is an array
under metadata with managedFields. The kubernetes client pkgs that
Helm uses automatically add them.
This change added a manager for the managedFields. The flow for
deciding on the name to use is:
1. An explicit name if one is chosen
2. The base name of the first os.Arg (the binary name) if no name
explicitly set.
3. unknown if no name set and name cannot be detected
The name is at the package level as there is no other place to easily
set it for Helm v3. Since the name is for the binary or app it should
be ok to set app wide.
Signed-off-by: Matt Farina <matt.farina@suse.com>
Because backOffLimit can be 0, a zero value for pod status failed will
always cause the condition to return true.
Signed-off-by: James McElwain <jmcelwain@gmail.com>
Since Tiller is no longer part of Helm v3, internal documentation
language about Tiller can be removed
Signed-off-by: Matt Farina <matt@mattfarina.com>
* Continue deleting objects when one fails to minimize the risk of an
upgrade ending in an unrecoverable state
* Exclude failed deleted object from the returned result set
Signed-off-by: Adam Reese <adam@reese.io>
Upgrade Kubernetes libraries to v0.18.0
Add new lazy load KubernetesClientSet to avoid missing kubeconfig error
In kubernetes v1.18 kubeconfig validation was added. Minikube and Kind
both remove kubeconfig when stopping clusters. This causes and error
when running any helm commands because we initialize the client before
executing the command.
Signed-off-by: Adam Reese <adam@reese.io>
Don't delete a resource on upgrade if it is annotated with
helm.io/resource-policy=keep. This can cause data loss for users
if the annotation is ignored(e.g. for a PVC)
Close#7677
Signed-off-by: Dong Gang <dong.gang@daocloud.io>
But instead use a newly initialized Scheme with only Kubernetes native
resources added. This ensures the 3-way-merge patch strategy is not
accidentally chosen for custom resources due to them being added
to the global Scheme by e.g. versioned clients while using Helm as a
package, and not a self-contained binary.
Signed-off-by: Hidde Beydals <hello@hidde.co>
Fixes issue #7279.
Prevent the deletion of CRDs that were defined in the `templates/`
directory. This makes CRD deletion behaviour consistent with Helm
documentation:
> CRDs are never deleted. Deleting a CRD automatically deletes all of the
> CRD’s contents across all namespaces in the cluster. Consequently, Helm
> will not delete CRDs.
Previous the documentation only applied to CRDs that were defined in the
`crds/` directory. It did not consider that Charts could have CRDs in the
`templates/` directory (for example charts that were written before the
`crds/` directory feature or if the Chart author needed templated CRDs).
Signed-off-by: Phil Grayson <phil@philgrayson.com>
* Port watcher with retries to wait for resources
Port of Helm 2 PR #6014 to Helm 3
Signed-off-by: Martin Hickey <martin.hickey@ie.ibm.com>
* Add fix from PR #6907
Signed-off-by: Martin Hickey <martin.hickey@ie.ibm.com>
This was a missed update when we updated the k8s libraries. I validated
that this works for CRD installs with v1beta1 and v1
Signed-off-by: Taylor Thomas <taylor.thomas@microsoft.com>
v3 port of #6792
After doing some more digging, I found out that updating the status
of an `Ingress` object is completely optional. Because of this, Helm
cannot support ingresses with the `--wait` flag because there is no
standard way to identify that they are ready
Signed-off-by: Taylor Thomas <taylor.thomas@microsoft.com>
* Drop dependency on k8s.io/kubernetes
https://github.com/helm/helm/issues/6606
Depending on k8s.io/kubernetes is not recommended by Kubernetes, and
forces dependencies of Helm to also depend on them. We are only using
this dependency in one relatively isolated occurance, which can be
easily copied over rather than depending on the entire Kubernetes.
Copying this code is not very desirable, so if we don't want to have
this duplication we can at least use this PR as a PoC and see if we can
get Kubernetes to publish the controller package as a separate Go module
(see
https://github.com/kubernetes/kubernetes/issues/79384#issuecomment-538740756)
Signed-off-by: John Howard <howardjohn@google.com>
* Move to internal
Signed-off-by: John Howard <howardjohn@google.com>
* Exclude third_party from validate-license.sh
Signed-off-by: John Howard <howardjohn@google.com>
use *resource.Info.Namespace/Name because runtime.Object is a Interface
Signed-off-by: fengxusong <fengxsong@outlook.com>
Signed-off-by: Matthew Fisher <matt.fisher@microsoft.com>
Currently, if using the --atomic flag or deleting a release that failed due to an already existing
resource, Helm will deleting those resources that aren't managed by it. This PR fixes the issue
by checking for pre-existing resources during install and upgrade. This is done as a validation
step so the release will not even be started if resources currently exist. This PR is inspired by
@xchapter7x's work in #3477.
This also fixes a small bug in upgrade where deletes fail if the resource was already deletes
Fixes#6407
Signed-off-by: Taylor Thomas <taylor.thomas@microsoft.com>
This ports the functionality of cleanup on fail to v3 as introduced in #4871. This has been tested manually
and would be a good candidate for a new acceptance test.
Signed-off-by: Taylor Thomas <taylor.thomas@microsoft.com>
* fix: clear the discovery cache after CRDs are installed
This fixes an issue in which a chart could not contain both a CRD and an instance of that CRD. It works around a stale cache by force cache invalidation whenever a CRD is added.
Closes#6316
Signed-off-by: Matt Butcher <matt.butcher@microsoft.com>
* fix: wait for CRD to register before allowing CRDs to be installed
This fixes an issue with the previous version of this patch in which the CRD would not be available quickly enough.
Signed-off-by: Matt Butcher <matt.butcher@microsoft.com>
* feat: use Wait() to wait for CRDs to be ready
This forward-ports the CRD wait logic to Helm 3, and then uses that to wait for CRDs to be registered.
Signed-off-by: Matt Butcher <matt.butcher@microsoft.com>
* ref: moved the scheme modification to an appropriate place.
Signed-off-by: Matt Butcher <matt.butcher@microsoft.com>
* fix: turned warnings into fatal errors, fixed spelling, clear cache once
Signed-off-by: Matt Butcher <matt.butcher@microsoft.com>
Sometimes the stateful set `rollingUpdate` field can be nil even when the
strategy is a rolling update
Fixes#6174
Signed-off-by: Taylor Thomas <taylor.thomas@microsoft.com>
This changes most of the KubeClient interface to only ever build objects once and
then pass in everything as lists of resources. As a consequence, we needed to refactor
several of the actions. I took the opportunity to refactor out some duplicated
code while I was in the same area
Signed-off-by: Taylor Thomas <taylor.thomas@microsoft.com>
`Result` is a misnomer and is going to be repurposed in a future commit for a
common result type for the different kube `Interface` methods
Signed-off-by: Taylor Thomas <taylor.thomas@microsoft.com>
This fixes an issue where resources that hardcode the metadata.namespace parameter cannot be installed.
Signed-off-by: Matthew Fisher <matt.fisher@microsoft.com>
The partition and maxUnavailable values are now used in determining the state
of both objects
Signed-off-by: Taylor Thomas <taylor.thomas@microsoft.com>
This reenables wait functionality and fixes some small bugs in the logic. Please
note that there are still some naive assumptions made about pods belonging to
DaemonSets and StatefulSets, but that is how the logic was before, so it was not
in scope to modify it for this PR. I will improve this logic in a follow up PR
Signed-off-by: Taylor Thomas <taylor.thomas@microsoft.com>
* move the main interface to it's own file
* removed summarizeKeptManifests() which was the last place kube.Get()
was called
* when polling for hooks, use external types
* refactor out legacyschema
* refactor detecting selectors from object
* refactor creating test client
Signed-off-by: Adam Reese <adam@reese.io>
Matt Farina
Austin Abro
Justen Stall
KISHOREKUMAR THUDI
Alex Johnson
Robert Sirchia
Andreas Karis
Luis Davim
Nathan Baulch
Joe Julian
Dr. Stefan Schimanski
Mario Manno
Serge Logvinov
Stefan McShane
MichaelMorris
Matt Farina
Tom Wieczorek
Aman Nijhawan
willzgli
muang0
cpanato
Xin Ruan
Soujanya Mangipudi
Martin Hickey
Andrew Block
Qifan Shen
Cenk Alti
Davanum Srinivas
Marcin Owsiany
James Oden
Dominic Evans
Andrew Seigner
yxxhero
Matthew Fisher
Bhavin Gandhi
Jeff Rosenberg
Mike Ng
lsowen
Stephane Moser
Rosenberg, Jeff
小龙同学
Cookie Wang
Joe Lanford
James McElwain
Jon Huhn
zh168654
zhangye15
Janario Oliveira
Li Zhijian
Tariq Ibrahim
Rajat Jindal
Hidde Beydals
小明同学
Liu Ming
Adam Reese
Adam Reese
lnattrass
Dong Gang
Matthew Fisher
Taylor Thomas
ylvmw
Benn Linger
Federico Bevione
Jakub Bielecki
Ahmad Kazemi
Guangwen Feng
Patrik Cyvoct
Phil Grayson
Adrian Gonzalez-Martin
Vibhav Bobade
Fabian Ruff
John Howard
fengxsong
Charlie Getzen
Per Hermansson
Matt Butcher
Jacob LeGrone
Marc Khouzam
Michelle Noorali