Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

unable to leverage chart version as label with OCIRepository #4910

Open
1 task done
agravelot opened this issue Aug 1, 2024 · 4 comments
Open
1 task done

unable to leverage chart version as label with OCIRepository #4910

agravelot opened this issue Aug 1, 2024 · 4 comments

Comments

@agravelot
Copy link

Describe the bug

When applying an helm chart from an oci repository, chart version appended with a suffix leading to edge cases on some charts.

Steps to reproduce

Given this :

apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: OCIRepository
metadata:
  name: arc
  # namespace: default
spec:
  interval: 10m
  layerSelector:
    mediaType: "application/vnd.cncf.helm.chart.content.v1.tar+gzip"
    operation: copy
  url: oci://ghcr.io/actions/actions-runner-controller-charts/gha-runner-scale-set-controller
  ref:
    semver: "0.9.3"
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
  name: arc
spec:
  interval: 1m0s
  chartRef:
    kind: OCIRepository
    name: arc
  values:
    githubConfigSecret: pre-defined-secret
    serviceAccount:
      name: "service-account-arc"

will lead to this error:

Helm upgrade failed for release arc-systems/arc with chart gha-runner-scale-set-controller@0.9.3+4fda46fd8c4e: failed to create resource: Deployment.apps "arc-gha-rs-controller" is invalid: spec.template.labels: Invalid value: "0.9.3+4fda46fd8c4e": a valid label must be an empty string or consist of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character (e.g. 'MyValue',  or 'my_value',  or '12345', regex used for validation is '(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?')

Maybe related to this line:
https://github.com/actions/actions-runner-controller/blob/a152741a1a6afa992f8d836a029d551984149c8f/charts/gha-runner-scale-set-controller/templates/deployment.yaml#L28

Expected behavior

Charts should be able to leverage chart version, as label. Ideally, it should not be modified, as some chart authors may not have this in mind, leading to problems that are difficult to resolve.

Screenshots and recordings

No response

OS / Distro

Ubuntu 24.04

Flux version

v2.3.0

Flux check

flux check default on  (eu-west-1) took 6h49m38s
► checking prerequisites
✔ Kubernetes 1.29.6+k3s2 >=1.28.0-0
► checking version in cluster
✔ distribution: flux-v2.3.0
✔ bootstrapped: true
► checking controllers
✔ helm-controller: deployment ready
► ghcr.io/fluxcd/helm-controller:v1.0.1
✔ image-automation-controller: deployment ready
► ghcr.io/fluxcd/image-automation-controller:v0.38.0
✔ image-reflector-controller: deployment ready
► ghcr.io/fluxcd/image-reflector-controller:v0.32.0
✔ kustomize-controller: deployment ready
► ghcr.io/fluxcd/kustomize-controller:v1.3.0
✔ notification-controller: deployment ready
► ghcr.io/fluxcd/notification-controller:v1.3.0
✔ source-controller: deployment ready
► ghcr.io/fluxcd/source-controller:v1.3.0
► checking crds
✔ alerts.notification.toolkit.fluxcd.io/v1beta3
✔ buckets.source.toolkit.fluxcd.io/v1beta2
✔ gitrepositories.source.toolkit.fluxcd.io/v1
✔ helmcharts.source.toolkit.fluxcd.io/v1
✔ helmreleases.helm.toolkit.fluxcd.io/v2
✔ helmrepositories.source.toolkit.fluxcd.io/v1
✔ imagepolicies.image.toolkit.fluxcd.io/v1beta2
✔ imagerepositories.image.toolkit.fluxcd.io/v1beta2
✔ imageupdateautomations.image.toolkit.fluxcd.io/v1beta2
✔ kustomizations.kustomize.toolkit.fluxcd.io/v1
✔ ocirepositories.source.toolkit.fluxcd.io/v1beta2
✔ providers.notification.toolkit.fluxcd.io/v1beta3
✔ receivers.notification.toolkit.fluxcd.io/v1
✔ all checks passed

Git provider

No response

Container Registry provider

No response

Additional context

No response

Code of Conduct

  • I agree to follow this project's Code of Conduct
@marcomarques-bt
Copy link

Having the same issue with the same Chart.
Im still trying to figure a way around it. I'll also feedback if I find anything

@stefanprodan
Copy link
Member

Hmm they should've used AppVersion like Helm recommends: https://github.com/actions/actions-runner-controller/blob/a152741a1a6afa992f8d836a029d551984149c8f/charts/gha-runner-scale-set/templates/_helpers.tpl#L41

The workaround is to replace the label value:

apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
spec:
  postRenderers:
    - kustomize:
        patches:
          - target:
              kind: Deployment
            patch: |
              - op: replace
                path: /spec/template/metadata/labels/app.kubernetes.io~1version
                value: latest

@marcomarques-bt
Copy link

Hmm they should've used AppVersion like Helm recommends: https://github.com/actions/actions-runner-controller/blob/a152741a1a6afa992f8d836a029d551984149c8f/charts/gha-runner-scale-set/templates/_helpers.tpl#L41

The workaround is to replace the label value:

apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
spec:
  postRenderers:
    - kustomize:
        patches:
          - target:
              kind: Deployment
            patch: |
              - op: replace
                path: /spec/template/metadata/labels/app.kubernetes.io~1version
                value: latest

Ah this worked like a charm! Thanks for the quick workaround @stefanprodan

@rawmind0 rawmind0 mentioned this issue Sep 23, 2024
Open
@jonaskello
Copy link
Contributor

I have the same issue with this chart: https://artifacthub.io/packages/helm/dagger/dagger-helm.

Installing it with flux I get error

 ConfigMap "dagger-dagger-helm-engine-config" is invalid: metadata.labels: Invalid value: "v0.13.5+a076bb44441a": a valid label must be an empty string or consist of alphanumeric characters, '-', '_' or '.', and must start and end with an alphanumeric character (e.g. 'MyValue',  or 'my_value',  or '12345', regex used for validation is '(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?')

I then check what flux has rendered:

❯ helm get all dagger
apiVersion: apps/v1
kind: DaemonSet
metadata:
  labels:
    app.kubernetes.io/instance: dagger
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: dagger-helm
    app.kubernetes.io/part-of: dagger-helm
    app.kubernetes.io/version: v0.13.5+a076bb44441a
    helm.sh/chart: dagger-helm-0.13.5_a076bb44441a
    helm.toolkit.fluxcd.io/name: dagger
    helm.toolkit.fluxcd.io/namespace: xxx
  name: dagger-dagger-helm-engine
  namespace: xxx

So flux renders the version as v0.13.5+a076bb44441a.

I then try to render the same locally with the helm cli tool:

❯ helm template mydag ./dagger-helm-0.13.5.tgz --namespace my-dagger-ns
---
# Source: dagger-helm/templates/engine-daemonset.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: mydag-dagger-helm-engine
  namespace: my-dagger-ns
  labels:
    helm.sh/chart: dagger-helm-0.13.5
    app.kubernetes.io/name: dagger-helm
    app.kubernetes.io/instance: mydag
    app.kubernetes.io/version: v0.13.5
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/part-of: dagger-helm

In this case it renders as dagger-helm-0.13.5. This lead me to think it was a flux issue. However reading this issue I am not so sure any more. Should I report it to the chart author instead even though it seems to work with helm cli tool?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@jonaskello @stefanprodan @agravelot @marcomarques-bt