diff --git a/.github/workflows/helm_test_multus.yml b/.github/workflows/helm_test_multus.yml new file mode 100644 index 0000000..b13e84d --- /dev/null +++ b/.github/workflows/helm_test_multus.yml @@ -0,0 +1,43 @@ +name: Multus Chart Test + +on: + push: + paths: + - 'multus/**' + - '.github/workflows/helm_test_multus.yml' + branches: + - master + pull_request: + branches: + - master + workflow_dispatch: # Allows manually triggering the workflow + +jobs: + test: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Set up Helm + uses: azure/setup-helm@v3 + with: + version: 'v3.12.0' # specify the Helm version you want to use + + - name: Set up Kubernetes (kind) + uses: helm/kind-action@v1.2.0 + with: + version: v0.17.0 # specify the kind version you want to use + + - name: Helm Lint Multus + run: helm lint multus + + - name: Install Helm chart multus + run: helm install --wait --timeout 60s multus-release ./multus + + - name: Run Helm tests + run: helm test multus-release --timeout 60s + + - name: Delete Helm release + run: helm uninstall multus-release diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b28d17b --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +/.idea +/scratch diff --git a/multus/Chart.yaml b/multus/Chart.yaml index 5c4a0d8..3659048 100644 --- a/multus/Chart.yaml +++ b/multus/Chart.yaml @@ -15,11 +15,11 @@ apiVersion: v2 name: multus description: Multus Helm chart for Kubernetes type: application -version: 0.1.2 -home: https://github.com/intel/multus-cni -icon: https://raw.githubusercontent.com/intel/multus-cni/master/doc/images/Multus.png +version: 1.0.0 +home: https://github.com/k8snetworkplumbingwg/helm-charts +icon: https://raw.githubusercontent.com/k8snetworkplumbingwg/multus-cni/master/doc/images/Multus.png sources: - - https://github.com/intel/multus-cni + - https://github.com/k8snetworkplumbingwg/multus-cni maintainers: - name: Network Plumbing Group -appVersion: 0.1.0 +appVersion: v4.1.0 diff --git a/multus/README.md b/multus/README.md new file mode 100644 index 0000000..6666fc2 --- /dev/null +++ b/multus/README.md @@ -0,0 +1,44 @@ +# multus + +Multus Helm chart for Kubernetes + +![Version: 0.1.3](https://img.shields.io/badge/Version-0.1.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v4.1.0](https://img.shields.io/badge/AppVersion-v4.1.0-informational?style=flat-square) + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| args.additionalBinDir | string | `""` | Additional directory to include in the CNI binDir option. | +| args.cleanupConfigOnExit | bool | `false` | Cleanup configuration files on exit. | +| args.cniBinDir | string | `"/host/opt/cni/bin"` | The directory where CNI binaries are installed. | +| args.cniConfDir | string | `"/host/etc/cni/net.d"` | The directory where CNI configurations are stored. | +| args.cniVersion | string | `""` | Version of the CNI to use. | +| args.forceCNIVersion | bool | `false` | Force the use of a specific CNI version. | +| args.globalNamespaces | string | `""` | Comma-separated list of global namespaces for use with namespace isolation. | +| args.multusAutoconfigDir | string | `"/host/etc/cni/net.d"` | Directory for the Multus auto-configuration. | +| args.multusBinFile | string | `"/usr/src/multus-cni/bin/multus"` | Path to the Multus binary file. | +| args.multusCNIConfDir | string | `"/host/etc/cni/multus/net.d"` | Directory for Multus-specific CNI configurations. | +| args.multusConfFile | string | `"auto"` | The configuration file for Multus. | +| args.multusKubeConfigFileHost | string | `"/etc/cni/net.d/multus.d/multus.kubeconfig"` | Path to the kubeconfig file for Multus. | +| args.multusLogFile | string | `""` | Path to the Multus log file. | +| args.multusLogLevel | string | `""` | Log level for Multus. | +| args.multusLogToStderr | bool | `true` | Whether to log to stderr. | +| args.multusMasterCNIFileName | string | `""` | Name of the master CNI file in the Multus auto-configuration directory. | +| args.namespaceIsolation | bool | `false` | Enable namespace isolation. | +| args.overrideNetworkName | bool | `false` | Override the network name from the master CNI file. | +| args.readinessIndicatorFile | string | `""` | File used to indicate readiness. | +| args.renameConfFile | bool | `false` | Rename the master configuration file to invalidate it. | +| args.skipConfigWatch | bool | `false` | Skip watching for configuration changes. | +| args.skipMultusBinaryCopy | bool | `false` | Whether to skip copying the Multus binary file. | +| args.skipTLSVerify | bool | `false` | Skip TLS verification. | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.repository | string | `"ghcr.io/k8snetworkplumbingwg/multus-cni"` | Repository for the Multus image. | +| image.tag | string | `"v4.1.0"` | Tag of the Multus image. | +| nodeSelector | object | `{}` | Node selector for pod assignment. | +| resources | object | `{"limits":{"cpu":"500m","memory":"128Mi"},"requests":{"cpu":"250m","memory":"128Mi"}}` | Resources for the Multus pod. | +| securityContext | object | `{"privileged":true}` | securityContext for the pod. | +| serviceAccount.name | string | `"multus"` | | +| tolerations | list | `[{"effect":"NoSchedule","operator":"Exists"}]` | Tolerations for pod assignment. | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0) diff --git a/multus/README.md.gotmpl b/multus/README.md.gotmpl new file mode 100644 index 0000000..e7768ec --- /dev/null +++ b/multus/README.md.gotmpl @@ -0,0 +1,10 @@ +{{ template "chart.header" . }} +{{ template "chart.description" . }} + +{{ template "chart.versionBadge" . }}{{ template "chart.typeBadge" . }}{{ template "chart.appVersionBadge" . }} + +{{ template "chart.requirementsSection" . }} + +{{ template "chart.valuesSection" . }} + +{{ template "helm-docs.versionFooter" . }} diff --git a/multus/templates/NOTES.txt b/multus/templates/NOTES.txt index db7ecc5..5d108ab 100644 --- a/multus/templates/NOTES.txt +++ b/multus/templates/NOTES.txt @@ -1,25 +1,11 @@ ====== {{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }} 1. The following components have been deployed as part of this helm chart: -{{- if .Values.manifests.clusterRole }} Cluster Role: {{ .Values.serviceAccount.name }} -{{- end}} -{{- if .Values.manifests.clusterRoleBinding }} Cluster Role Binding: {{ .Chart.Name }} -{{- end }} -{{- if .Values.manifests.configMap }} -Config Map: {{ .Release.Name }}-{{ .Chart.Name }}-{{ .Chart.Version }}-config -{{- end }} -{{- if .Values.manifests.customResourceDefinition }} Custom Resource Definition: network-attachment-definitions.k8s.cni.cncf.io -{{- end }} -{{- if .Values.manifests.daemonSet }} Daemon Set: {{ .Release.Name }}-{{ .Chart.Name }}-ds -{{- end }} -{{- if .Values.manifests.serviceAccount }} Service Account: {{ .Values.serviceAccount.name }} -{{- end }} - You can now deploy any other CNI and create its Network Attachment Defintion. --------- diff --git a/multus/templates/clusterRole.yaml b/multus/templates/clusterRole.yaml index 6546262..3c2a2ee 100644 --- a/multus/templates/clusterRole.yaml +++ b/multus/templates/clusterRole.yaml @@ -12,7 +12,6 @@ # See the License for the specific language governing permissions and # limitations under the License. {{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }} -{{- if .Values.manifests.clusterRole }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: @@ -37,5 +36,6 @@ rules: - events verbs: - create -{{- end }} + - patch + - update {{- end }} diff --git a/multus/templates/clusterRoleBinding.yaml b/multus/templates/clusterRoleBinding.yaml index 3095588..aff29b3 100644 --- a/multus/templates/clusterRoleBinding.yaml +++ b/multus/templates/clusterRoleBinding.yaml @@ -12,7 +12,6 @@ # See the License for the specific language governing permissions and # limitations under the License. {{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }} -{{- if .Values.manifests.clusterRoleBinding }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: @@ -26,4 +25,3 @@ subjects: name: {{ .Values.serviceAccount.name }} namespace: kube-system {{- end }} -{{- end }} diff --git a/multus/templates/configMap.yaml b/multus/templates/configMap.yaml deleted file mode 100644 index c95e82b..0000000 --- a/multus/templates/configMap.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# Copyright 2020 K8s Network Plumbing Group -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }} -{{- if .Values.manifests.configMap }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-{{ .Chart.Name }}-{{ .Chart.Version }}-config - namespace: kube-system - labels: -{{- include "multus.labels" . | indent 4 }} -data: - cni-conf.json: |- -{{ toJson .Values.config.cni_conf | indent 4 }} -{{- end }} -{{- end }} diff --git a/multus/templates/crds/net-def.yaml b/multus/templates/crds/net-def.yaml new file mode 100644 index 0000000..24b2c58 --- /dev/null +++ b/multus/templates/crds/net-def.yaml @@ -0,0 +1,45 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: network-attachment-definitions.k8s.cni.cncf.io +spec: + group: k8s.cni.cncf.io + scope: Namespaced + names: + plural: network-attachment-definitions + singular: network-attachment-definition + kind: NetworkAttachmentDefinition + shortNames: + - net-attach-def + versions: + - name: v1 + served: true + storage: true + schema: + openAPIV3Schema: + description: 'NetworkAttachmentDefinition is a CRD schema specified by the Network Plumbing + Working Group to express the intent for attaching pods to one or more logical or physical + networks. More information available at: https://github.com/k8snetworkplumbingwg/multi-net-spec' + type: object + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this represen + tation of an object. Servers should convert recognized schemas to the + latest internal value, and may reject unrecognized values. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: 'NetworkAttachmentDefinition spec defines the desired state of a network attachment' + type: object + properties: + config: + description: 'NetworkAttachmentDefinition config is a JSON-formatted CNI configuration' + type: string diff --git a/multus/templates/customResourceDefinition.yaml b/multus/templates/customResourceDefinition.yaml deleted file mode 100644 index d86bf91..0000000 --- a/multus/templates/customResourceDefinition.yaml +++ /dev/null @@ -1,43 +0,0 @@ -# Copyright 2020 K8s Network Plumbing Group -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }} -{{- if .Values.manifests.customResourceDefinition }} -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: network-attachment-definitions.k8s.cni.cncf.io -spec: - group: k8s.cni.cncf.io - scope: Namespaced - names: - plural: network-attachment-definitions - singular: network-attachment-definition - kind: NetworkAttachmentDefinition - shortNames: - - net-attach-def - versions: - - name: v1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - properties: - spec: - type: object - properties: - config: - type: string -{{- end }} -{{- end }} diff --git a/multus/templates/daemonSet.yaml b/multus/templates/daemonSet.yaml index de7ad73..bcbf0b1 100644 --- a/multus/templates/daemonSet.yaml +++ b/multus/templates/daemonSet.yaml @@ -12,18 +12,19 @@ # See the License for the specific language governing permissions and # limitations under the License. {{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }} -{{- if .Values.manifests.daemonSet }} apiVersion: apps/v1 kind: DaemonSet metadata: name: {{ .Release.Name }}-{{ .Chart.Name }}-ds namespace: kube-system labels: -{{- include "multus.labels" . | indent 4 }} + app: multus + {{- include "multus.labels" . | indent 4 }} spec: selector: matchLabels: app: multus + {{- include "multus.labels" . | indent 6 }} updateStrategy: type: RollingUpdate rollingUpdate: @@ -31,9 +32,8 @@ spec: template: metadata: labels: -{{- include "multus.labels" . | indent 8 }} - annotations: - checksum/config: {{ include (print $.Template.BasePath "/configMap.yaml") . | sha256sum }} + app: multus + {{- include "multus.labels" . | indent 8 }} spec: priorityClassName: system-node-critical hostNetwork: true @@ -41,13 +41,16 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - nodeSelector: {{- toYaml .Values.labels.nodeSelector | nindent 8 }} + {{- with .Values.nodeSelector }} + nodeSelector: {{ . }} + {{- end }} + {{- with .Values.tolerations }} tolerations: - - operator: Exists - effect: NoSchedule + {{- toYaml . | nindent 8 }} + {{- end }} serviceAccountName: {{ .Values.serviceAccount.name }} containers: - - name: kube-{{ .Chart.Name }} + - name: multus image: {{ .Values.image.repository }}:{{ .Values.image.tag }} imagePullPolicy: {{ .Values.image.pullPolicy }} env: @@ -55,29 +58,108 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName - command: - - /bin/bash - - -cex - - | - #!/bin/bash - sed "s|__KUBERNETES_NODE_NAME__|${KUBERNETES_NODE_NAME}|g" /tmp/multus-conf/00-multus.conf.template > /tmp/multus-conf/00-multus.conf - /entrypoint.sh \ - --multus-conf-file=/tmp/multus-conf/00-multus.conf - {{- if .Values.pod.resources.multus }} - resources: {{- toYaml .Values.pod.resources.multus | nindent 10 }} + command: ["/thin_entrypoint"] + args: + {{- with .Values.args.cniBinDir }} + - --cni-bin-dir={{ . }} + {{- end }} + {{- with .Values.args.cniConfDir }} + - --cni-conf-dir={{ . }} + {{- end }} + {{- with .Values.args.cniVersion }} + - --cni-version={{ . }} + {{- end }} + {{- with .Values.args.multusConfFile }} + - --multus-conf-file={{ . }} + {{- end }} + {{- with .Values.args.multusBinFile }} + - --multus-bin-file={{ . }} + {{- end }} + {{- with .Values.args.multusCNIConfDir }} + - --multus-cni-conf-dir={{ . }} + {{- end }} + {{- with .Values.args.skipMultusBinaryCopy }} + - --skip-multus-binary-copy={{ . }} + {{- end }} + {{- with .Values.args.multusKubeConfigFileHost }} + - --multus-kubeconfig-file-host={{ . }} + {{- end }} + {{- with .Values.args.multusMasterCNIFileName }} + - --multus-master-cni-file-name={{ . }} + {{- end }} + {{- with .Values.args.namespaceIsolation }} + - --namespace-isolation={{ . }} + {{- end }} + {{- with .Values.args.globalNamespaces }} + - --global-namespaces={{ . }} + {{- end }} + {{- with .Values.args.multusAutoconfigDir }} + - --multus-autoconfig-dir={{ . }} + {{- end }} + {{- with .Values.args.multusLogToStderr }} + - --multus-log-to-stderr={{ . }} + {{- end }} + {{- with .Values.args.multusLogLevel }} + - --multus-log-level={{ . }} + {{- end }} + {{- with .Values.args.multusLogFile }} + - --multus-log-file={{ . }} + {{- end }} + {{- with .Values.args.overrideNetworkName }} + - --override-network-name={{ . }} + {{- end }} + {{- with .Values.args.cleanupConfigOnExit }} + - --cleanup-config-on-exit={{ . }} + {{- end }} + {{- with .Values.args.skipConfigWatch }} + - --skip-config-watch={{ . }} + {{- end }} + {{- with .Values.args.renameConfFile }} + - --rename-conf-file={{ . }} + {{- end }} + {{- with .Values.args.readinessIndicatorFile }} + - --readiness-indicator-file={{ . }} + {{- end }} + {{- with .Values.args.additionalBinDir }} + - --additional-bin-dir={{ . }} + {{- end }} + {{- with .Values.args.skipTLSVerify }} + - --skip-tls-verify={{ . }} + {{- end }} + {{- with .Values.forceCNIVersion }} + - --force-cni-version={{ . }} + {{- end }} + {{- with .Values.resources}} + resources: + {{- toYaml . | nindent 10 }} {{- end }} + {{- with .Values.securityContext}} securityContext: - privileged: true + {{- toYaml . | nindent 10 }} + {{- end }} volumeMounts: - name: cni mountPath: /host/etc/cni/net.d - name: cnibin mountPath: /host/opt/cni/bin - {{- if .Values.manifests.configMap }} - - name: multus-cfg - mountPath: /tmp/multus-conf/00-multus.conf.template - subPath: "cni-conf.json" - {{- end }} + initContainers: + - name: install-multus-binary + image: {{ .Values.image.repository }}:{{ .Values.image.tag }} + command: [ "/install_multus" ] + args: + - "--type" + - "thin" + resources: + requests: + cpu: "10m" + memory: "15Mi" + securityContext: + privileged: true + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - name: cnibin + mountPath: /host/opt/cni/bin + mountPropagation: Bidirectional volumes: - name: cni hostPath: @@ -85,10 +167,5 @@ spec: - name: cnibin hostPath: path: /opt/cni/bin - {{- if .Values.manifests.configMap }} - - name: multus-cfg - configMap: - name: {{ .Release.Name }}-{{ .Chart.Name }}-{{ .Chart.Version }}-config - {{- end }} -{{- end }} {{- end }} + diff --git a/multus/templates/serviceAccount.yaml b/multus/templates/serviceAccount.yaml index 01feee9..7ab3809 100644 --- a/multus/templates/serviceAccount.yaml +++ b/multus/templates/serviceAccount.yaml @@ -12,11 +12,10 @@ # See the License for the specific language governing permissions and # limitations under the License. {{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }} -{{- if .Values.manifests.serviceAccount }} apiVersion: v1 kind: ServiceAccount metadata: name: {{ .Values.serviceAccount.name }} namespace: kube-system {{- end }} -{{- end }} + diff --git a/multus/values.yaml b/multus/values.yaml index b940bec..885c63d 100644 --- a/multus/values.yaml +++ b/multus/values.yaml @@ -16,11 +16,11 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. -#replicaCount: 1 - image: + # -- Repository for the Multus image. repository: ghcr.io/k8snetworkplumbingwg/multus-cni - tag: v3.8 + # -- Tag of the Multus image. + tag: v4.1.0 pullPolicy: IfNotPresent #imagePullSecrets: [] @@ -35,78 +35,70 @@ serviceAccount: # The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: multus +# -- Resources for the Multus pod. +resources: + requests: + memory: "128Mi" + cpu: "250m" + limits: + memory: "128Mi" + cpu: "500m" -pod: - resources: - enabled: false - multus: - requests: - memory: "128Mi" - cpu: "250m" - limits: - memory: "1024Mi" - cpu: "2000m" - -#podSecurityContext: {} - # fsGroup: 2000 - -#securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - -#service: - #type: ClusterIP - #port: 80 - -#ingress: - #enabled: false - #annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - #hosts: - #- host: chart-example.local - # paths: [] - #tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local - -labels: - nodeSelector: - kubernetes.io/arch: amd64 - -config: - cni_conf: - name: multus-cni-network - type: multus - kubeconfig: /etc/cni/net.d/multus.d/multus.kubeconfig - cniVersion: 0.3.1 - confDir: /etc/cni/net.d - cniDir: /var/lib/cni/multus - binDir: /opt/cni/bin - logFile: /var/log/multus.log - logLevel: panic - capabilities: - portMappings: true - readinessindicatorfile: "" - namespaceIsolation: false - clusterNetwork: k8s-pod-network - defaultNetwork: [] - delegates: [] - systemNamespaces: ["kube-system"] - -manifests: - serviceAccount: true - clusterRole: true - clusterRoleBinding: true - configMap: true - daemonSet: true - customResourceDefinition: true - -#tolerations: [] - -#affinity: {} +args: + # -- The directory where CNI binaries are installed. + cniBinDir: "/host/opt/cni/bin" + # -- The directory where CNI configurations are stored. + cniConfDir: "/host/etc/cni/net.d" + # -- Version of the CNI to use. + cniVersion: "" + # -- The configuration file for Multus. + multusConfFile: "auto" + # -- Path to the Multus binary file. + multusBinFile: "/usr/src/multus-cni/bin/multus" + # -- Directory for Multus-specific CNI configurations. + multusCNIConfDir: "/host/etc/cni/multus/net.d" + # -- Whether to skip copying the Multus binary file. + skipMultusBinaryCopy: false + # -- Path to the kubeconfig file for Multus. + multusKubeConfigFileHost: "/etc/cni/net.d/multus.d/multus.kubeconfig" + # -- Name of the master CNI file in the Multus auto-configuration directory. + multusMasterCNIFileName: "" + # -- Enable namespace isolation. + namespaceIsolation: false + # -- Comma-separated list of global namespaces for use with namespace isolation. + globalNamespaces: "" + # -- Directory for the Multus auto-configuration. + multusAutoconfigDir: "/host/etc/cni/net.d" + # -- Whether to log to stderr. + multusLogToStderr: true + # -- Log level for Multus. + multusLogLevel: "" + # -- Path to the Multus log file. + multusLogFile: "" + # -- Override the network name from the master CNI file. + overrideNetworkName: false + # -- Cleanup configuration files on exit. + cleanupConfigOnExit: false + # -- Skip watching for configuration changes. + skipConfigWatch: false + # -- Rename the master configuration file to invalidate it. + renameConfFile: false + # -- File used to indicate readiness. + readinessIndicatorFile: "" + # -- Additional directory to include in the CNI binDir option. + additionalBinDir: "" + # -- Skip TLS verification. + skipTLSVerify: false + # -- Force the use of a specific CNI version. + forceCNIVersion: false +# -- Node selector for pod assignment. +nodeSelector: {} +# -- Tolerations for pod assignment. +tolerations: + - operator: Exists + effect: NoSchedule + - operator: Exists + effect: NoExecute +# -- securityContext for the pod. +securityContext: + privileged: true diff --git a/scripts/README.md b/scripts/README.md new file mode 100644 index 0000000..0145a4e --- /dev/null +++ b/scripts/README.md @@ -0,0 +1,22 @@ +# Helm Chart Comparison Script + +This script allows you to compare a rendered Helm chart with the latest manifest from a specified GitHub repository. It is particularly useful for keeping your Kubernetes deployments up to date by ensuring that your Helm charts match the latest official manifests. + +## Features + +- **Generic Usage**: Easily adaptable to any Helm chart and GitHub manifest. +- **Scratch Directory**: Uses a `scratch` directory for temporary files, which is ignored by Git. +- **Simple Comparison**: Provides a unified diff between your Helm chart and the latest manifest. + +## Prerequisites + +- **Helm**: Ensure Helm is installed and configured. +- **curl**: Used to download the latest manifest from the GitHub repository. +- **diff**: Standard tool for comparing files. + +## Usage + +### Script Syntax + +```bash +./compare_chart.sh diff --git a/scripts/compare_chart.sh b/scripts/compare_chart.sh new file mode 100755 index 0000000..5bff765 --- /dev/null +++ b/scripts/compare_chart.sh @@ -0,0 +1,39 @@ +#!/bin/bash + +# Usage: ./compare_chart.sh + +# Check if correct number of arguments is provided +if [ "$#" -ne 3 ]; then + echo "Usage: $0 " + exit 1 +fi + +CHART_DIR=$1 +RELEASE_NAME=$2 +MANIFEST_URL=$3 + +# Define scratch directory and output file names +SCRATCH_DIR="./scratch" +mkdir -p ${SCRATCH_DIR} + +CURRENT_YAML="${SCRATCH_DIR}/current-${RELEASE_NAME}.yaml" +LATEST_YAML="${SCRATCH_DIR}/latest-${RELEASE_NAME}.yaml" + +# Fetch the latest manifest +curl -o ${LATEST_YAML} ${MANIFEST_URL} +if [ $? -ne 0 ]; then + echo "Failed to download the manifest from ${MANIFEST_URL}" + exit 1 +fi + +# Render the Helm chart +helm template ${RELEASE_NAME} ${CHART_DIR} > ${CURRENT_YAML} +if [ $? -ne 0 ]; then + echo "Failed to render Helm chart from ${CHART_DIR}" + exit 1 +fi + +# Compare the files side by side +diff -y ${CURRENT_YAML} ${LATEST_YAML} + +# The files will remain in the scratch directory for review