Skip to content
This repository has been archived by the owner on Nov 1, 2022. It is now read-only.

Avoid constant re-deployment of charts with multiple inline dependencies #1272

Merged

Conversation

ncabatoff
Copy link
Contributor

Fix for #1235. Sort slices in chart structures whose ordering is arbitrary, e.g. depended-upon charts, so that the charts can be properly compared.

Right now it logs the diff between values and the diff between charts when there are discrepancies. If this PR is accepted we should probably add an option and make the logging behaviour opt-in: even though sensitive data should not be present in charts or values, it could be, and there's no reason to make a bad security situation worse.

The logging of diffs works great when processing a git-driven change. When reverting a manual change made to a release's values it doesn't work so well: we get the entire before and after config yaml, making for a very large and hard to read diff if there are a lot of values. It seems that the Helm API isn't populating Config.Values, only Config.Raw. I haven't found a way around this yet.

I wrote some tests that demonstrated the problem that passed with this fix, but sadly the tests I was extending in integrations/helm/releasesync/releasesync_test.go seem to be gone on the master branch. I'm not really sad, I'm happy with the new chartsync.go and the deleted tests don't make sense in the new context, but I'll have to see what I can do it in terms of automated tests for this area of the code.

@squaremo
Copy link
Member

squaremo commented Aug 7, 2018

I'm not really sad, I'm happy with the new chartsync.go and the deleted tests don't make sense in the new context, but I'll have to see what I can do it in terms of automated tests for this area of the code.

:-) Sorry about that @ncabatoff, I was reluctant to remove the fruits of your hard work, but also keen to push through the simpler implementation.

Copy link
Member

@squaremo squaremo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like someone beat you to Gopkg.lock :-S Rebase and this is good to go I reckon.

The changes here seem well worth a try, and I don't see any show-stoppers. I've asked in comments about a few things that occurred to me while scanning through.

Thanks!

hapi_release "k8s.io/helm/pkg/proto/hapi/release"

ifv1 "github.com/weaveworks/flux/apis/helm.integrations.flux.weave.works/v1alpha2"
"github.com/weaveworks/flux/git"
ifclientset "github.com/weaveworks/flux/integrations/client/clientset/versioned"
helmop "github.com/weaveworks/flux/integrations/helm"
"github.com/weaveworks/flux/integrations/helm/release"

"github.com/ncabatoff/go-seq/seq"

This comment was marked as abuse.

This comment was marked as abuse.

return ret
}

type anySlice []*google_protobuf.Any

This comment was marked as abuse.

This comment was marked as abuse.

sort.Sort(anySlice(nc.Files))
sort.Sort(templateSlice(nc.Templates))

nc.Metadata.Sources = sortStrings(nc.Metadata.Sources)

This comment was marked as abuse.

This comment was marked as abuse.

This comment was marked as abuse.

This comment was marked as abuse.

…slices in chart structures whose ordering is arbitrary, e.g. depended-upon charts.
@ncabatoff ncabatoff force-pushed the 1235-charts-with-deps-continuously-upgraded branch from 4f74697 to 60e7717 Compare August 8, 2018 23:30
@ncabatoff
Copy link
Contributor Author

What did you think about making the diff logging be opt-in via command-line option, for security reasons?

@squaremo
Copy link
Member

squaremo commented Aug 9, 2018

What did you think about making the diff logging be opt-in via command-line option, for security reasons?

Yes, good idea. How about:

--log-release-diffs Log the diff when a chart release diverges; potentially insecure (false)

@@ -330,7 +333,11 @@ func (c *Controller) enqueueUpateJob(old, new interface{}) {

if diff := cmp.Diff(oldFhr.Spec, newFhr.Spec); diff != "" {
c.logger.Log("info", "UPGRADING release")
c.logger.Log("info", fmt.Sprintf("Custom Resource driven release upgrade, diff:\n%s", diff))
if c.logDiffs {
c.logger.Log("info", fmt.Sprintf("Custom Resource driven release upgrade, diff:\n%s", diff))

This comment was marked as abuse.

This comment was marked as abuse.

This comment was marked as abuse.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants