k3s/vendor/github.com/rancher/helm-controller/pkg/helm/controller.go

383 lines
8.9 KiB
Go
Raw Normal View History

2019-02-04 23:33:23 +00:00
package helm
import (
"context"
"crypto/sha256"
"encoding/hex"
2019-02-04 23:33:23 +00:00
"fmt"
2019-04-24 01:25:17 +00:00
"os"
2019-02-04 23:33:23 +00:00
"sort"
2019-05-09 22:03:45 +00:00
helmv1 "github.com/rancher/helm-controller/pkg/apis/helm.cattle.io/v1"
helmcontroller "github.com/rancher/helm-controller/pkg/generated/controllers/helm.cattle.io/v1"
batchcontroller "github.com/rancher/wrangler-api/pkg/generated/controllers/batch/v1"
corecontroller "github.com/rancher/wrangler-api/pkg/generated/controllers/core/v1"
rbaccontroller "github.com/rancher/wrangler-api/pkg/generated/controllers/rbac/v1"
"github.com/rancher/wrangler/pkg/apply"
"github.com/rancher/wrangler/pkg/objectset"
"github.com/rancher/wrangler/pkg/relatedresource"
2019-02-04 23:33:23 +00:00
batch "k8s.io/api/batch/v1"
core "k8s.io/api/core/v1"
rbac "k8s.io/api/rbac/v1"
"k8s.io/apimachinery/pkg/api/errors"
meta "k8s.io/apimachinery/pkg/apis/meta/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
2019-02-04 23:33:23 +00:00
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/types"
2019-02-04 23:33:23 +00:00
"k8s.io/apimachinery/pkg/util/intstr"
)
var (
trueVal = true
)
2019-05-09 22:03:45 +00:00
type Controller struct {
namespace string
helmController helmcontroller.HelmChartController
jobsCache batchcontroller.JobCache
apply apply.Apply
}
2019-02-04 23:33:23 +00:00
2019-05-09 22:03:45 +00:00
const (
2020-04-22 22:34:19 +00:00
image = "rancher/klipper-helm:v0.2.5"
Label = "helmcharts.helm.cattle.io/chart"
CRDName = "helmcharts.helm.cattle.io"
Name = "helm-controller"
2019-05-09 22:03:45 +00:00
)
2019-02-04 23:33:23 +00:00
2019-05-09 22:03:45 +00:00
func Register(ctx context.Context, apply apply.Apply,
helms helmcontroller.HelmChartController,
jobs batchcontroller.JobController,
crbs rbaccontroller.ClusterRoleBindingController,
2019-06-19 20:33:02 +00:00
sas corecontroller.ServiceAccountController,
cm corecontroller.ConfigMapController) {
2020-04-22 22:34:19 +00:00
apply = apply.WithSetID(Name).
2019-06-19 20:33:02 +00:00
WithCacheTypes(helms, jobs, crbs, sas, cm).
WithStrictCaching().WithPatcher(batch.SchemeGroupVersion.WithKind("Job"), func(namespace, name string, pt types.PatchType, data []byte) (runtime.Object, error) {
err := jobs.Delete(namespace, name, &metav1.DeleteOptions{})
if err == nil {
return nil, fmt.Errorf("replace job")
}
return nil, err
})
2019-02-04 23:33:23 +00:00
2019-05-09 22:03:45 +00:00
relatedresource.Watch(ctx, "helm-pod-watch",
func(namespace, name string, obj runtime.Object) ([]relatedresource.Key, error) {
2019-02-04 23:33:23 +00:00
if job, ok := obj.(*batch.Job); ok {
2020-04-22 22:34:19 +00:00
name := job.Labels[Label]
2019-02-04 23:33:23 +00:00
if name != "" {
2019-05-09 22:03:45 +00:00
return []relatedresource.Key{
2019-02-04 23:33:23 +00:00
{
Name: name,
Namespace: namespace,
},
}, nil
}
}
return nil, nil
},
2019-05-09 22:03:45 +00:00
helms,
jobs)
controller := &Controller{
helmController: helms,
jobsCache: jobs.Cache(),
apply: apply,
}
2019-02-04 23:33:23 +00:00
2020-04-22 22:34:19 +00:00
helms.OnChange(ctx, Name, controller.OnHelmChanged)
helms.OnRemove(ctx, Name, controller.OnHelmRemove)
2019-02-04 23:33:23 +00:00
}
2019-05-09 22:03:45 +00:00
func (c *Controller) OnHelmChanged(key string, chart *helmv1.HelmChart) (*helmv1.HelmChart, error) {
if chart == nil {
return nil, nil
}
if chart.Spec.Chart == "" {
2019-02-04 23:33:23 +00:00
return chart, nil
}
objs := objectset.NewObjectSet()
job, configMap := job(chart)
objs.Add(serviceAccount(chart))
objs.Add(roleBinding(chart))
objs.Add(job)
if configMap != nil {
objs.Add(configMap)
}
2019-05-09 22:03:45 +00:00
if err := c.apply.WithOwner(chart).Apply(objs); err != nil {
2019-02-04 23:33:23 +00:00
return chart, err
}
2019-05-09 22:03:45 +00:00
chartCopy := chart.DeepCopy()
chartCopy.Status.JobName = job.Name
return c.helmController.Update(chartCopy)
2019-02-04 23:33:23 +00:00
}
2019-05-09 22:03:45 +00:00
func (c *Controller) OnHelmRemove(key string, chart *helmv1.HelmChart) (*helmv1.HelmChart, error) {
if chart.Spec.Chart == "" {
2019-02-04 23:33:23 +00:00
return chart, nil
}
job, _ := job(chart)
2019-05-09 22:03:45 +00:00
job, err := c.jobsCache.Get(chart.Namespace, job.Name)
2019-02-04 23:33:23 +00:00
if errors.IsNotFound(err) {
2019-05-09 22:03:45 +00:00
_, err := c.OnHelmChanged(key, chart)
2019-02-04 23:33:23 +00:00
if err != nil {
return chart, err
}
} else if err != nil {
2019-05-09 22:03:45 +00:00
return chart, err
2019-02-04 23:33:23 +00:00
}
if job.Status.Succeeded <= 0 {
2019-05-09 22:03:45 +00:00
return chart, fmt.Errorf("waiting for delete of helm chart %s", chart.Name)
2019-02-04 23:33:23 +00:00
}
2019-05-09 22:03:45 +00:00
chartCopy := chart.DeepCopy()
chartCopy.Status.JobName = job.Name
newChart, err := c.helmController.Update(chartCopy)
if err != nil {
return newChart, err
}
return newChart, c.apply.WithOwner(newChart).Apply(objectset.NewObjectSet())
2019-02-04 23:33:23 +00:00
}
2019-05-09 22:03:45 +00:00
func job(chart *helmv1.HelmChart) (*batch.Job, *core.ConfigMap) {
2019-02-08 04:15:36 +00:00
oneThousand := int32(1000)
valuesHash := sha256.Sum256([]byte(chart.Spec.ValuesContent))
2019-02-08 04:15:36 +00:00
2019-02-04 23:33:23 +00:00
action := "install"
if chart.DeletionTimestamp != nil {
action = "delete"
}
job := &batch.Job{
TypeMeta: meta.TypeMeta{
APIVersion: "batch/v1",
Kind: "Job",
},
ObjectMeta: meta.ObjectMeta{
Name: fmt.Sprintf("helm-%s-%s", action, chart.Name),
Namespace: chart.Namespace,
Labels: map[string]string{
2020-04-22 22:34:19 +00:00
Label: chart.Name,
2019-02-04 23:33:23 +00:00
},
},
Spec: batch.JobSpec{
2019-02-08 04:15:36 +00:00
BackoffLimit: &oneThousand,
2019-02-04 23:33:23 +00:00
Template: core.PodTemplateSpec{
ObjectMeta: meta.ObjectMeta{
Labels: map[string]string{
2020-04-22 22:34:19 +00:00
Label: chart.Name,
2019-02-04 23:33:23 +00:00
},
},
Spec: core.PodSpec{
RestartPolicy: core.RestartPolicyOnFailure,
Containers: []core.Container{
{
Name: "helm",
Image: image,
ImagePullPolicy: core.PullIfNotPresent,
2019-02-04 23:33:23 +00:00
Args: args(chart),
Env: []core.EnvVar{
{
Name: "NAME",
Value: chart.Name,
},
{
Name: "VERSION",
Value: chart.Spec.Version,
},
{
Name: "REPO",
Value: chart.Spec.Repo,
},
{
Name: "VALUES_HASH",
Value: hex.EncodeToString(valuesHash[:]),
},
2019-12-18 22:55:36 +00:00
{
Name: "HELM_DRIVER",
Value: "secret",
},
{
Name: "CHART_NAMESPACE",
2019-12-18 22:55:36 +00:00
Value: chart.Namespace,
},
{
Name: "CHART",
2019-12-18 22:55:36 +00:00
Value: chart.Spec.Chart,
},
{
Name: "HELM_VERSION",
2019-12-18 22:55:36 +00:00
Value: chart.Spec.HelmVersion,
},
2019-02-04 23:33:23 +00:00
},
},
},
ServiceAccountName: fmt.Sprintf("helm-%s", chart.Name),
},
},
},
}
2019-04-24 01:25:17 +00:00
setProxyEnv(job)
2019-02-04 23:33:23 +00:00
configMap := configMap(chart)
if configMap == nil {
return job, nil
}
job.Spec.Template.Spec.Volumes = []core.Volume{
{
Name: "values",
VolumeSource: core.VolumeSource{
ConfigMap: &core.ConfigMapVolumeSource{
LocalObjectReference: core.LocalObjectReference{
Name: configMap.Name,
},
},
},
},
}
job.Spec.Template.Spec.Containers[0].VolumeMounts = []core.VolumeMount{
{
MountPath: "/config",
Name: "values",
},
}
return job, configMap
}
2019-05-09 22:03:45 +00:00
func configMap(chart *helmv1.HelmChart) *core.ConfigMap {
2019-02-04 23:33:23 +00:00
if chart.Spec.ValuesContent == "" {
return nil
}
return &core.ConfigMap{
TypeMeta: meta.TypeMeta{
APIVersion: "v1",
Kind: "ConfigMap",
},
ObjectMeta: meta.ObjectMeta{
Name: fmt.Sprintf("chart-values-%s", chart.Name),
Namespace: chart.Namespace,
},
Data: map[string]string{
"values.yaml": chart.Spec.ValuesContent,
},
}
}
2019-05-09 22:03:45 +00:00
func roleBinding(chart *helmv1.HelmChart) *rbac.ClusterRoleBinding {
2019-02-04 23:33:23 +00:00
return &rbac.ClusterRoleBinding{
TypeMeta: meta.TypeMeta{
APIVersion: "rbac.authorization.k8s.io/v1",
Kind: "ClusterRoleBinding",
},
ObjectMeta: meta.ObjectMeta{
Name: fmt.Sprintf("helm-%s-%s", chart.Namespace, chart.Name),
},
RoleRef: rbac.RoleRef{
Kind: "ClusterRole",
APIGroup: "rbac.authorization.k8s.io",
Name: "cluster-admin",
},
Subjects: []rbac.Subject{
{
Name: fmt.Sprintf("helm-%s", chart.Name),
Kind: "ServiceAccount",
Namespace: chart.Namespace,
},
},
}
}
2019-05-09 22:03:45 +00:00
func serviceAccount(chart *helmv1.HelmChart) *core.ServiceAccount {
2019-02-04 23:33:23 +00:00
return &core.ServiceAccount{
TypeMeta: meta.TypeMeta{
APIVersion: "v1",
Kind: "ServiceAccount",
},
ObjectMeta: meta.ObjectMeta{
Name: fmt.Sprintf("helm-%s", chart.Name),
Namespace: chart.Namespace,
},
AutomountServiceAccountToken: &trueVal,
}
}
2019-05-09 22:03:45 +00:00
func args(chart *helmv1.HelmChart) []string {
2019-02-04 23:33:23 +00:00
if chart.DeletionTimestamp != nil {
return []string{
"delete",
}
}
spec := chart.Spec
args := []string{
"install",
}
if spec.TargetNamespace != "" {
args = append(args, "--namespace", spec.TargetNamespace)
}
if spec.Repo != "" {
args = append(args, "--repo", spec.Repo)
}
if spec.Version != "" {
args = append(args, "--version", spec.Version)
}
for _, k := range keys(spec.Set) {
val := spec.Set[k]
2020-01-21 18:47:22 +00:00
if val.StrVal == "false" || val.StrVal == "true" {
args = append(args, "--set", fmt.Sprintf("%s=%s", k, val.StrVal))
} else if val.StrVal != "" {
2019-02-04 23:33:23 +00:00
args = append(args, "--set-string", fmt.Sprintf("%s=%s", k, val.StrVal))
} else {
args = append(args, "--set", fmt.Sprintf("%s=%d", k, val.IntVal))
}
}
return args
}
func keys(val map[string]intstr.IntOrString) []string {
var keys []string
for k := range val {
keys = append(keys, k)
}
sort.Strings(keys)
return keys
}
2019-04-24 01:25:17 +00:00
func setProxyEnv(job *batch.Job) {
proxySysEnv := []string{
"all_proxy",
"ALL_PROXY",
2019-04-24 01:25:17 +00:00
"http_proxy",
"HTTP_PROXY",
"https_proxy",
2019-04-24 01:25:17 +00:00
"HTTPS_PROXY",
"no_proxy",
2019-04-24 01:25:17 +00:00
"NO_PROXY",
}
for _, proxyEnv := range proxySysEnv {
proxyEnvValue := os.Getenv(proxyEnv)
if len(proxyEnvValue) == 0 {
continue
}
envar := core.EnvVar{
Name: proxyEnv,
Value: proxyEnvValue,
}
job.Spec.Template.Spec.Containers[0].Env = append(
job.Spec.Template.Spec.Containers[0].Env,
envar)
}
}