✨ (helm/v2-alpha): add extra volumes support

[camilamacedo86]

Support manager.extraVolumes and manager.extraVolumeMounts: extract from kustomize (excluding webhook-certs/metrics-certs), inject into values when present, and template in manager deployment (including when volumes: []). Document in Helm v2-alpha plugin page.

Closes: #5485

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: camilamacedo86

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [camilamacedo86]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[asergeant01]

To clarify this point, if they are defined in the kustomize output, other than metrics-certs and web hook-certs, the values are extracted and added to the values?

I would have expected them to be added into the chart template and not the values. As any further additions would require the plugin to be run with --force.

[camilamacedo86]

To clarify this point, if they are defined in the kustomize output, other than metrics-certs and web hook-certs, the values are extracted and added to the values?

Yes.

I would have expected them to be added into the chart template and not the values. As any further additions would require the plugin to be run with --force.

Yes, that is how it is. To update the values you need to run the force.
We cannot update the values without force otherwise it would lost the customizations.

[asergeant01]

I think you missed my point or I didn't articulate myself very well.

I think if the volumes are defined in kustomize, they should be added directly to the template and NOT to the values.yaml

The values.yaml should only be for additional volumes IMO.

[camilamacedo86]

I think if the volumes are defined in kustomize,

All should be defined in the kustomize.
They are the source of truth.
The Helm Chart is just a way to package the solution in this format.
It should not deviate from the project config, and we should not add anything in the Helm charts. It only package the project for this format.

[asergeant01]

My example:

# config/manager/manager.yaml (or a kustomize patch)
spec:
  template:
    spec:
      volumes:
        - name: app-secret-1
          secret:
            secretName: app-secret-1

# dist/chart/values.yaml
manager:
  extraVolumes:
    - name: app-secret-1
      secret:
        secretName: app-secret-1

# dist/chart/templates/deployment.yaml (snippet)
spec:
  template:
    spec:
      volumes:
        {{- if .Values.manager.extraVolumes }}
        {{- toYaml .Values.manager.extraVolumes | nindent 8 }}
        {{- end }}

Lets say the maintainer makes modifications to the values.yaml file but also adds another volume to the config....

# config/manager/manager.yaml (or a kustomize patch)
spec:
  template:
    spec:
      volumes:
        - name: app-secret-1
          secret:
            secretName: app-secret-1
        - name: app-secret-2
          secret:
            secretName: app-secret-2

The only way to have that new volume in the chart is either add it manually to the values.yaml or re-run kubebuilder edit --plugins=helm/v2-alpha --force which would overwrite any manual changes.

What I am saying is, I believe the generated template should be:

# dist/chart/templates/deployment.yaml (snippet)
spec:
  template:
    spec:
      volumes:
        - name: app-secret-1
          secret:
            secretName: app-secret-1
        - name: app-secret-2
          secret:
            secretName: app-secret-2
        {{- if .Values.manager.extraVolumes }}
        {{- toYaml .Values.manager.extraVolumes | nindent 8 }}
        {{- end }}

[camilamacedo86]

Hi @asergeant01

Let me know if the changes in place address your request.

[asergeant01]

@camilamacedo86 I didn't test it, but it certainly looks like it addresses the request. Thank you