search

kubearmor / KubeArmor

Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (BPF-LSM, AppArmor).
https://kubearmor.io/
Apache License 2.0
1.5k stars 345 forks source link

Have different chart and app version for helm charts #1556

Open kranurag7 opened 11 months ago

kranurag7 commented 11 months ago

Feature Request

I'm thinking of changing the versioning of our charts, differentiating appVersion and chartVersion to prevent overwrites on previous chart version, which often creates a lot of confusion.

_Originally posted by @DelusionalOptimist in https://github.com/kubearmor/KubeArmor/pull/1488#discussion_r1384820453_

suryyyansh commented 11 months ago

Hello, I'd like to work on this.

looking at the code, I found that the helm chart is updated in the ci-latest-helm-chart-release and ci-stable-release workflows in the respective sections.

To decouple the helm chart and kubearmor versions, we'd simply have to remove the following line:

sed -i -e "s/version:.*/version: $STABLE_VERSION/g" deployments/helm/*/Chart.yaml

which updates the chart version from both of the files, would we not?

This way, it'll simply update the current chart to the latest/stable version, without affecting the charts version, which can then be updated manually.

One thing that I think could be enhanced is the automatic incrementation of the chart version any time the appVersion is updating using the mentioned workflows.

for deployments/helm/KubeArmor/Chart.yaml for example

OLD_CHART_VERSION=`cat deployments/helm/KubeArmor/Chart.yaml | grep version | cut -d " " -f 2`
NEW_CHART_VERSION=`echo $OLD_CHART_VERSION | awk -F. '{$NF=$NF+1; print}' | tr ' ' '.'`
sed -i -e "s/version:.*/version: $NEW_CHART_VERSION/g" deployments/helm/KubeArmor/Chart.yaml

I'm completely new to KubeArmor, so any and all guidance would be highly appreciated. Please let me know if I missed anything.

Sanskarzz commented 10 months ago

Hey @suryyyansh are you working on this issue ?

suryyyansh commented 10 months ago

Hey @suryyyansh are you working on this issue ?

Yes

suryyyansh commented 10 months ago

Hey @kranurag7 could you please check my commit?

kranurag7 commented 10 months ago

Hey @suryyyansh Sorry for getting back a little late here.

I just skimmed through cert-manager chart and there they use a template approach to bump the chart and app version. https://github.com/cert-manager/cert-manager/blob/5615de61ee34fd2853cf0c1cef2fde118c1cf4b4/deploy/charts/cert-manager/Chart.template.yaml#L3

suryyyansh commented 10 months ago

Hey @suryyyansh Sorry for getting back a little late here.

I just skimmed through cert-manager chart and there they use a template approach to bump the chart and app version. https://github.com/cert-manager/cert-manager/blob/5615de61ee34fd2853cf0c1cef2fde118c1cf4b4/deploy/charts/cert-manager/Chart.template.yaml#L3

looking into this

abhashsolanki18 commented 3 days ago

hey @kranurag7 i would like to work on this issue. is this still open? please assign.