search

projectsyn / commodore

Commodore provides opinionated tenant-aware management of Kapitan inventories and templates. Commodore uses Kapitan for the heavy lifting of rendering templates and resolving a hierachical configuration structure.
https://syn.tools/commodore/
BSD 3-Clause "New" or "Revised" License
46 stars 8 forks source link

Mutate default parameters with jsonnet before being processed #373

Open ccremer opened 2 years ago

ccremer commented 2 years ago

Context

Many commodore components integrate a Helm chart and expose Helm values through a parameter called helm_values. The component would often override certain helm values.

Sometimes though it can be necessary to provide config values based on other values. Consider a component that primarily supports Rancher and OpenShift 4 distributions. The values for each distro differs greatly, but there is no real way to configure the Helm chart based on another parameters.

For example, if <component>.distro=openshift then the value of <component>.helm_values.securityContext must become null, otherwise default to {fsGroup=1000, etc}. Or the other way round: The chart's default is empty and working for one distro, but for another distro we need to set 5 parameters in various places within the hierarchy, without completely replacing the "tree of values".

Proposal

Add possibility to add a jsonnet filter that can mutate the defaults defined in defaults.yml with custom logic before another step in the compilation process is executed. Think MutatingWebhook in Kubernetes.

It would be enough to just make this filter work before any Helm template is rendered if such filter can't be implemented generic enough (resp. any "position").

As a side effect (provided a generic approach works), such a filter allows easier migration of deprecated parameters. If a "conversion" filter can be placed before all the other jsonnet files, we might get rid of jsonnet code that deals with deprecated parameters in a special way. The conversion filter would simply transform the deprecated parameters into the new structure.

Alternatives

Lookup tables as described in https://syn.tools/syn/explanations/commodore-components/parameters-logic.html as not flexible enough.

simu commented 1 year ago

Consider switching components which need this to use Kadet + https://github.com/kapicorp/kapitan/pull/875 (once merged and released), that way we could write arbitrary Python to preprocess Helm values.

simu commented 1 year ago

Another alternative might be to render a helm_values.yaml using a similar approach to the one we've taken to render a kustomization.yaml (see e.g. https://github.com/projectsyn/component-kyverno/pull/67), and then pass that file to Kapitan's helm input type as helm_values_file (cf. https://kapitan.dev/compile/#helm)