search

envoyproxy / gateway

Manages Envoy Proxy as a Standalone or Kubernetes-based Application Gateway
https://gateway.envoyproxy.io
Apache License 2.0
1.53k stars 328 forks source link

Helm chart fails for Flux HelmRelease #2940

Open webwurst opened 6 months ago

webwurst commented 6 months ago

Description:

Flux HelmChart can't get tags for oci://docker.io/envoyproxy/gateway-helm, probably because those don't strictly follow the Helm specification:

More complex SemVer 2 names are also supported, such as version: 1.2.3-alpha.1+ef365. But non-SemVer names are explicitly disallowed by the system.

This means the v prefix is not allowed. Happened to others before: https://github.com/fluxcd/helm-controller/issues/670, https://github.com/fluxcd/flux2/issues/3766.

Repro steps:

apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
  name: envoyproxy
spec:
  type: oci
  url: oci://docker.io/envoyproxy
---

apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
  name: envoy-gateway
spec:
  chart:
    spec:
      chart: gateway-helm
      version: "~1.0.0"
      sourceRef:
        kind: HelmRepository
        name: envoyproxy
status:
  conditions:
  - lastTransitionTime: "2024-03-15T14:01:03Z"
    message: 'HelmChart ''envoy-gateway/envoy-gateway-envoy-gateway'' is not ready:
      chart pull error: failed to get chart version for remote reference: could not
      get tags for "gateway-helm": unable to locate any tags in provided repository:
      oci://docker.io/envoyproxy/gateway-helm'
$ skopeo list-tags docker://docker.io/envoyproxy/gateway-helm
{
    "Repository": "docker.io/envoyproxy/gateway-helm",
    "Tags": [
        "v0.0.0-latest",
        "v0.4.0",
        "v0.4.0-rc.1",
        "v0.5.0",
        "v0.5.0-rc.1",
        "v0.6.0",
        "v0.6.0-rc.1",
        "v1.0.0",
        "v1.0.0-rc.1"
    ]
}

Would be nice to push charts for version 1.0.0 and ongoing without v.

zirain commented 6 months ago

cc @Xunzhuo

Xunzhuo commented 6 months ago

We followed this way to release for our release git tag, image tag, oci helm chart image tag, all of them shared the same value: https://semver.org/spec/v1.0.0.html#tagging-specification-semvertag

github-actions[bot] commented 5 months ago

This issue has been automatically marked as stale because it has not had activity in the last 30 days.

inistor commented 1 month ago

Same issue here - cannot deploy Envoy Gateway using Flux, for the same reason

github-actions[bot] commented 3 weeks ago

This issue has been automatically marked as stale because it has not had activity in the last 30 days.

inistor commented 6 days ago

Are there plans to update the version naming for compliance with Flux2?

arkodg commented 4 days ago

I spent a cycle looking into this

looks like cert-manager faces the same issue and makes good points on why prefixing with v is fine, see here

Here's the relevant info from Semvar v1 which makes prefixing with a v a MUST

Tagging Specification (SemVerTag)

This sub-specification SHOULD be used if you use a version control system (Git, Mercurial, SVN, etc) to store your code. Using this system allows automated tools to inspect your package and determine SemVer compliance and released versions.

When tagging releases in a version control system, the tag for a version MUST be “vX.Y.Z” e.g. “v3.1.0”.

The first revision that introduces SemVer compliance SHOULD be tagged “semver”. This allows pre-existing projects to assume compliance at any arbitrary point and for automated tools to discover this fact.

Here's the relevant info from Semvar v2 which says its okay to add v in a tag but not in a version

Is “v1.2.3” a semantic version?

No, “v1.2.3” is not a semantic version. However, prefixing a semantic version with a “v” is a common way (in English) to indicate it is a version number. Abbreviating “version” as “v” is often seen with version control. Example: git tag v1.2.3 -m "Release version 1.2.3", in which case “v1.2.3” is a tag name and the semantic version is “1.2.3”.

Now, lets look at the Helm Chart (OCI Artifact) in Docker Hub which is tagged as vMAJOR.MINOR.PATCH which is okay from semvar's perspective

Helm too is fine with this

helm install eg oci://docker.io/envoyproxy/gateway-helm --version v1.1.1 -n envoy-gateway-system --create-namespace

If I rm the v

helm install eg oci://docker.io/envoyproxy/gateway-helm --version v1.1.1 -n envoy-gateway-system --create-namespace
Error: INSTALLATION FAILED: docker.io/envoyproxy/gateway-helm:1.1.1: not found

You can see that helm is treating the version field as the artifact tag

Our Github releases, container image tags are all prefixed with v so continuing to use v for helm chart tags keeps things uniform

I'd request the Flux team to accept versions with v , similar to what the helm CLI does