Open hasheddan opened 3 years ago
/points 3
One idea for how we could support hooks in a "generic" fashion is define a set of them (e.g. post-install registry Secret
) in up
, then annotate our artifacts (using Chart.yaml annotations or OCI manifest annotations) with hooks that should be triggered.
After additional conversation, it is likely that we will support "checks" via these hooks rather than actual install steps. For instance, we may check and verify that you have a database credentials Secret
present, and let you know if you don't (potentially via something like up enterprise check
), but we wouldn't have you interactively create it.
What problem are you facing?
up
currently supports installing and upgradinguxp
, and will support installation of other products in the future as well. The only supported "installer" today is Helm, which will have its functionality expanded to include supporting pulling charts as OCI images in #112. For the Helm installer, and for other potential installation options, additional operations are sometimes required or useful. For instance, if the artifacts being installed into the cluster require the presence of aSecret
to be able to access images,up
should support prompting users for credentials or allowing them to pass them in via flags or configuration.How could Upbound help solve your problem?
up
should support a set of pre / post installation hooks. We should be careful to weigh overlap with installation hooks in Helm and especially consider how feasibly it is for a hook to be defined inup
rather than with the artifact it is installing. Withuxp
, we have done our best to ensure that only static configuration (such as chart name) are hard-coded inup
rather than defined in the Helm chart so that we ensure that changes to implementations in the artifact do not break functionality inup
(i.e. any version ofup
should be able to install any version of an artifact). In the case of creating aSecret
to pull images, it may be generic enough to define as a hook inup
, but we could also consider publishing are artifacts with annotations that are able to trigger the hooks without a user specifying that "I need to create an image pull secret" orup
mandating it on every installation.Epic #