search

pulumi / pulumi-kubernetes

A Pulumi resource provider for Kubernetes to manage API resources and workloads in running clusters
https://www.pulumi.com/docs/reference/clouds/kubernetes/
Apache License 2.0
397 stars 113 forks source link

Helm lockfile support #2669

Open EronWright opened 7 months ago

EronWright commented 7 months ago

Hello!

Issue details

Helm v3 supports the use of a lockfile (Chart.lock or requirements.lock) to reconstruct a chart's dependencies to the state specified in the lock file. Used with helm dependency build to not re-negotiate dependencies, as helm dependency update does. https://helm.sh/docs/helm/helm_dependency_build/#helm-dependency-build

Pulumi should respect the lockfile when it exists. Note that Pulumi doesn't have a --dependency-update flag as Helm does with helm install; unlike Helm, Pulumi always updates the dependencies (without respecting the lockfile).

Suggested Change

I would suggest that Pulumi use helm dependency build rather than helm dependency update, which will respect the lockfile if one exists, and falls back to update otherwise. Note that Helm will return an error if the lockfile is out-of-date, e.g.:

Error: the lock file (requirements.lock) is out of sync with the dependencies file (requirements.yaml). Please update the dependencies

Affected area/feature

EronWright commented 1 month ago

Note that Chart v4 has the suggested behavior; when chart dependency resolution fails, and there's a lock file, Chart v4 automatically runs helm dependency build. The remaining work would be to backport to Release v3 and/or to implement it in Release v4.