-
Notifications
You must be signed in to change notification settings - Fork 19
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: update chart to enable crs and topology features #139
feat: update chart to enable crs and topology features #139
Conversation
e31fa65
to
e14033a
Compare
f2bd358
to
ed9b78b
Compare
test/e2e/helpers_test.go
Outdated
@@ -30,9 +30,6 @@ var ( | |||
//go:embed resources/testdata/fleet-capi-test.yaml | |||
fleetCAPITestdata []byte | |||
|
|||
//go:embed resources/config/capi-providers-secret.yaml | |||
capiProvidersSecret []byte |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why is this removed? This secret is a “patch” on top of existing resource as well, and is used for providing additional env depending on type of test. Like in e2e for azure PR, it adds all azure env secrets.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It was removed just because I did not see it being used other than in the Adding CAPI variables secret
section of initRancherTurtles, which is no longer required, but I have no problem in keeping it if it's needed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For this to be no longer required a secret content should be fully customizable. Right now you can only set 2 feature flags.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If we give the user the possibility to use their own secret, do we still need to let them customize the content of the "default" secret?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This functionality used in e2e tests. There is a PR implementing test case for azure, it was opened a couple days prior to that. This is where the secret is used and extended.
@@ -68,4 +64,17 @@ data: | |||
- apiGroups: ["rke-machine.cattle.io"] | |||
resources: ["*"] | |||
verbs: ["*"] | |||
--- |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What if a user would want to use his own secret, already created in the cluster?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I will add a flag to use an existing secret. The default behavior would be to create the pre-configured secret but the user can pass this parameter to avoid this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The simplest way how to achieve the goal - to not create anything if name and namespace is not set.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The initial idea was to use an opt-out strategy rather than opt-in, so the secret would be created by default and the values for these two features set to true. They would be able to explicitly turn them off.
test/e2e/helpers_test.go
Outdated
@@ -30,9 +30,6 @@ var ( | |||
//go:embed resources/testdata/fleet-capi-test.yaml | |||
fleetCAPITestdata []byte | |||
|
|||
//go:embed resources/config/capi-providers-secret.yaml | |||
capiProvidersSecret []byte |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For this to be no longer required a secret content should be fully customizable. Right now you can only set 2 feature flags.
In my opinion, what we should do here is to create a default secret in the core provider namespace with CRS and topology set to true if the user doesn't provide secret name and namespace. If these values are provided we do nothing and let users do it themselves. We have to document this behavior and that we ask CRS and topology to be enabled if they create a secret manually. |
This information is provided in the docs in several places. For example: https://docs.rancher-turtles.com/docs/getting-started/install_capi_operator#install-manually-with-helm-alternative IMO there are 3 different use-cases happening there.
Solution described is better then “always” enforcing secret creation, yet the full set of use-cases could be covered with an addition of gauge value for helm, something like In addition to that, the The other part - secret data. As helm values are just yaml, we can define something like in the secret-data: |
CLUSTER_TOPOLOGY: "true"
EXP_CLUSTER_RESOURCE_SET: "true" and then reference it in the secret with I’m ok with any solution provided which is documented and won’t cause confusion, but removing secret patching functionality in tests is not yet addressed - #139 (comment) |
I would be more in favor of @alexander-demicev's proposal. I think this is a simpler solution and gives the user the freedom to manage their own secret if they want to do so, which I would say covers both point 2 and 3 in @Danil-Grigorev's list of use cases. The deletion of the secret patching functionality was just an initial clean-up proposal which I'll undo. This could use a user-managed secret (current status) with any custom environment variables/feature flags. |
9b8422f
to
6f809db
Compare
191e894
to
adde2ff
Compare
Updated the changes to support two scenarios:
Also, created issue rancher/turtles-docs#27 to track documentation updates. |
Signed-off-by: Carlos Salas <[email protected]>
d73fd08
adde2ff
to
d73fd08
Compare
There was a condition missing in |
What this PR does / why we need it:
This PR updates the chart so that when it deploys the CoreProvider it also sets the environment variables for the features:
These features are currently set by manually creating a secret with the desired values for the environment variables
CLUSTER_TOPOLOGY
andEXP_CLUSTER_RESOURCE_SET
. This secret will now be created as part of the chart installation and both features will default totrue
. These can otherwise be disabled passing the parameters to Helm:--set cluster-api-operator.cluster-api.secretConfig.name="user-secret-name"
--set cluster-api-operator.cluster-api.secretConfig.namespace="user-secret-namespace
When both these parameters are provided, the secret is expected to exist in the namespace and the user must manage its contents, including (but not limited to)
CLUSTER_TOPOLOGY
andEXP_CLUSTER_RESOURCE_SET
.Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)
format, will close the issue(s) when PR gets merged):Fixes #130
Special notes for your reviewer:
README is updated with the new values and a new issue is created to track
rancher-turtles-docs
updates rancher/turtles-docs#27.Checklist: