search

k3s-io / helm-controller

Apache License 2.0
391 stars 85 forks source link

Add option to generate CRD #220

Closed albundy83 closed 9 months ago

albundy83 commented 9 months ago

It seems that witch helm v3 for some chart, we need to pass the option --include-crds to generate CRDs like with argo-cd. I have created this object:

apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
  name: argo-cd
  namespace: kube-system
spec:
  bootstrap: false
  chart: argo-cd
  repo: https://argoproj.github.io/argo-helm
  version: 2.9.5
  targetNamespace: argo-cd
  createNamespace: true
  valuesContent: |
    crds:
      install: true
    dex:
      enabled: false
    server:
      ingress:
        enabled: true
        annotations:
          cert-manager.io/cluster-issuer: letsencrypt-prod
          nginx.ingress.kubernetes.io/backend-protocol: HTTPS
          nginx.ingress.kubernetes.io/whitelist-source-range: x.x.x.x/32,x.x.x.x/32
        ingressClassName: nginx
        hosts:
          - my-argo-cd.fr
        tls:
          - secretName: my-argo-cd.fr
            hosts:
              - my-argo-cd.fr
        https: true
    configs:
      cm:
        url: https://my-argo-cd.fr
        admin:
          enabled: false
      rbac:
        policy.csv: |
          g, argocd-admins, role:admin
          g, argocd-viewers, role:readonly
          g, myapp-prod-viewers, role:myapp-prod-view-role
          p, role:myapp-prod-view-role, applications, *, myapp/myapp-prod, allow
          p, role:myapp-prod-view-role, applications, update, *, deny
          p, role:myapp-prod-view-role, applications, delete, *, deny 
          g, myapp-prod-admins, role:myapp-prod-admin-role
          p, role:myapp-prod-admin-role, applications, *, myapp/myapp-prod, allow"
      oidc:
        config: |
          name: keycloak
          issuer: https://idp.docapost.io/auth/realms/XXX
          clientID: client_argo-cd
          clientSecret: $oidc.keycloak.clientSecret
          requestedScopes: ["openid", "profile", "email", "groups"]
          logoutURL: https://my-keycloak/auth/realms/XXX/protocol/openid-connect/logout?id_token_hint={{ '{{token}}' }}&post_logout_redirect_uri=https%3A%2F%2Fmy-argo-cd.fr%2Fapplications"

But unfortunatelly, install Job does not work:

 helm_v3 install --namespace argo-cd --create-namespace --version 2.9.5 argo-cd argo-cd/argo-cd --values /config/values-01_HelmChart.yaml
Error: INSTALLATION FAILED: failed to install CRD crds/crd-application.yaml: resource mapping not found for name: "applications.argoproj.io" namespace: "" from "": no matches for kind "CustomResourceDefinition" in version "apiextensions.k8s.io/v1beta1"
ensure CRDs are installed first

And in HelmChart options, I did not find a way to add --include-crds. Is it something that could be added ?

albundy83 commented 9 months ago

Ok it seems that I have mixed argo-cd version and chart version ... :) argo-cd is at 2.9.5 but helm chart is at 5.53.9. Once I have fixed my version everything is working correctly.

version: 5.53.9

Sorry for this, it's friday :)