From 1aefc02bf9535e7e1128b0853be16141bd4c1163 Mon Sep 17 00:00:00 2001 From: Rasmus Rask Date: Mon, 7 Oct 2024 16:02:50 +0200 Subject: [PATCH 1/8] Highlight warnings --- flux-helm-diff.sh | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/flux-helm-diff.sh b/flux-helm-diff.sh index d2fc530..fc67666 100755 --- a/flux-helm-diff.sh +++ b/flux-helm-diff.sh @@ -135,11 +135,10 @@ for helm_file in "${helm_files[@]}"; do return_code=0 base_out=$(helm_template "base/${helm_file}") || return_code=$? if [ $return_code -eq 2 ]; then # Ignore files skipped + # TODO: Output warnings directly to GITHUB_OUTPUT in helm_template function? { - echo '```' - echo "Error rendering base ref:" - echo "${base_out}" - echo '```' + echo '> [!WARNING]' + echo "> Error rendering base ref: \`${base_out}\`" } >> "$GITHUB_OUTPUT" any_failed=1 continue @@ -149,11 +148,10 @@ for helm_file in "${helm_files[@]}"; do return_code=0 head_out=$(helm_template "head/${helm_file}") || return_code=$? if [ $return_code -ne 0 ]; then + # TODO: Output warnings directly to GITHUB_OUTPUT in helm_template function? { - echo '```' - echo "Error rendering head ref:" - echo "${head_out}" - echo '```' + echo '> [!WARNING]' + echo "> Error rendering head ref: \`${head_out}\`" } >> "$GITHUB_OUTPUT" any_failed=1 continue From 4540ddb161983fbfca00bb30be6eb345d454224e Mon Sep 17 00:00:00 2001 From: Rasmus Rask Date: Mon, 7 Oct 2024 16:09:28 +0200 Subject: [PATCH 2/8] Show note changes as block quote --- flux-helm-diff.sh | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/flux-helm-diff.sh b/flux-helm-diff.sh index fc67666..2863b17 100755 --- a/flux-helm-diff.sh +++ b/flux-helm-diff.sh @@ -160,12 +160,14 @@ for helm_file in "${helm_files[@]}"; do # Template diff diff_out=$(diff --unified=5 <(echo "${base_out}") <(echo "${head_out}")) || true echo "Diff has $(echo "$diff_out" | wc -l) line(s)" - [ -z "${diff_out}" ] && diff_out="No changes" - { + if [[ -z "${diff_out}" ]]; then + echo '> [!NOTE]' + echo '> No changes' + else echo '```diff' echo "${diff_out}" echo '```' - } >> "$GITHUB_OUTPUT" + fi >> "$GITHUB_OUTPUT" done { From 252e44fd8bdb747f539747c3be9aa9092221531b Mon Sep 17 00:00:00 2001 From: Rasmus Rask Date: Mon, 14 Oct 2024 13:01:25 +0200 Subject: [PATCH 3/8] Move warning and error output to helm_template function --- README.md | 1 + flux-helm-diff.sh | 89 ++++++++++++------- .../infrastructure/base/podinfo/helm.yaml | 9 ++ .../infrastructure/base/podinfo/helm.yaml | 9 ++ wip.sh | 27 ++++++ 5 files changed, 102 insertions(+), 33 deletions(-) create mode 100644 test/base/infrastructure/base/podinfo/helm.yaml create mode 100644 test/head/infrastructure/base/podinfo/helm.yaml create mode 100644 wip.sh diff --git a/README.md b/README.md index 46ea11b..47cfd75 100644 --- a/README.md +++ b/README.md @@ -308,6 +308,7 @@ GITHUB_OUTPUT=debug.out HELM_FILES="${helm_files[@]}" TEST=1 ./flux-helm-diff.sh | `dcgm-exporter` | Chart added in `head` that doesn't exist in `base` | Diff shows entire rendered template as added | | `metaflow` | Very non-standard way of publishing charts (not sure if should be supported) | TBD | | `nvidia-device-plugin` | HelmRepository (using `https`), minor chart version bump | Diff (with potentially breaking `nodeAffinity`) | +| `podinfo` | Unknown repository type (`HelmTypoRepository`) | `Unrecognised repo type` | | `weave-gitops-helm2oci` | Repository type changed from HelmRepository (type `oci`) to OCIRepository | No changes | | `weave-gitops-helmrepo` | HelmRepository with type `oci` | Diff | | `weave-gitops-ocirepo` | OCIRepository | Diff | diff --git a/flux-helm-diff.sh b/flux-helm-diff.sh index 2863b17..ade42b9 100755 --- a/flux-helm-diff.sh +++ b/flux-helm-diff.sh @@ -2,7 +2,7 @@ set -eu -o pipefail helm_files=(${HELM_FILES[@]}) -if [ "${#helm_files[@]}" == "0" ]; then +if [[ "${#helm_files[@]}" == "0" ]]; then echo "No Helm files specified, nothing to do" exit fi @@ -10,15 +10,20 @@ echo "${#helm_files[@]} Helm file(s) to render: ${helm_files[*]}" helm_template() { set -eu -o pipefail - if [ -z "${1}" ]; then - echo "Error: Need file name to template" >&2 - return 2 - fi # 'head' or 'base' ref - used for logging output ref="${1%%/*}" - # Set test = to run against Helm teplates under test/ + if [[ -z "${1}" ]]; then + echo "Error: Need ${ref} file name to template" >&2 + { + echo '> [!CAUTION]' + echo "> Error: Need \`${ref}\` file name to template" + } >> "$GITHUB_OUTPUT" + return 1 + fi + + # Set test = to run against Helm teplates under test/ directory if [ -z "${TEST:-}" ]; then helm_file="${1}" else @@ -26,9 +31,22 @@ helm_template() { fi if [ ! -f "${helm_file}" ]; then - # echo "Warn: File \"${helm_file}\" not found, skipping" - echo "File \"${helm_file}\" not found, skipping" >&2 - return 1 + echo "${ref} file \"${helm_file}\" not found" >&2 + if [[ "${ref}" == "base" ]]; then + { + echo '> [!TIP]' + echo "> File \`${helm_file}\` not found in \`${ref}\` ref, looks like a new Helm file" + echo + } >> "$GITHUB_OUTPUT" + return + else + { + echo '> [!CAUTION]' + echo "> Error: File \`${helm_file}\` not found in \`${ref}\` ref, cannot produce diff" + echo + } >> "$GITHUB_OUTPUT" + return 1 + fi fi # Determine repo type - HelmRepository or OCIRepository @@ -74,9 +92,22 @@ helm_template() { url=$(find "./tmp/${release_id}" -type d -path "*${find_chart_path}" | head -n 1) else - echo "Unable to determine repo type, skipping" - echo "Unable to determine repo type, skipping" >&2 - return 2 + echo "Unrecognised ${ref} repo type" >&2 + if [[ "${ref}" == "base" ]]; then + { + echo '> [!TIP]' + echo "> Unable to determine \`${ref}\` repo type, not rendering template" + echo + } >> "$GITHUB_OUTPUT" + return + else + { + echo '> [!CAUTION]' + echo "> Error: Unable to determine \`${ref}\` repo type, cannot produce diff" + echo + } >> "$GITHUB_OUTPUT" + return 1 + fi fi # Extracting chart properties @@ -110,9 +141,13 @@ helm_template() { # Render template template_out=$(helm template "${release_name}" ${chart_args[@]} -n "${release_namespace}" -f <(echo "${chart_values}") --api-versions "$(IFS=,; echo "${api_versions[*]}")" 2>&1) || { - echo "$template_out" echo "$template_out" >&2 - return 2 + { + echo '> [!CAUTION]' + echo "> Error rendering \`${ref}\` ref: \`${template_out}\`" + echo + } >> "$GITHUB_OUTPUT" + return 1 } # Cleanup template, removing comments, output @@ -126,36 +161,23 @@ echo "## Flux Helm diffs" >> "$GITHUB_OUTPUT" any_failed=0 for helm_file in "${helm_files[@]}"; do + # Begin output echo -e "\nProcessing file \"$helm_file\"" echo >> "$GITHUB_OUTPUT" - echo "### ${helm_file}" >> "$GITHUB_OUTPUT" + echo "### \`${helm_file}\`" >> "$GITHUB_OUTPUT" # Template before - return_code=0 - base_out=$(helm_template "base/${helm_file}") || return_code=$? - if [ $return_code -eq 2 ]; then # Ignore files skipped - # TODO: Output warnings directly to GITHUB_OUTPUT in helm_template function? - { - echo '> [!WARNING]' - echo "> Error rendering base ref: \`${base_out}\`" - } >> "$GITHUB_OUTPUT" + base_out=$(helm_template "base/${helm_file}") || { any_failed=1 continue - fi + } # Template after - return_code=0 - head_out=$(helm_template "head/${helm_file}") || return_code=$? - if [ $return_code -ne 0 ]; then - # TODO: Output warnings directly to GITHUB_OUTPUT in helm_template function? - { - echo '> [!WARNING]' - echo "> Error rendering head ref: \`${head_out}\`" - } >> "$GITHUB_OUTPUT" + head_out=$(helm_template "head/${helm_file}") || { any_failed=1 continue - fi + } # Template diff diff_out=$(diff --unified=5 <(echo "${base_out}") <(echo "${head_out}")) || true @@ -168,6 +190,7 @@ for helm_file in "${helm_files[@]}"; do echo "${diff_out}" echo '```' fi >> "$GITHUB_OUTPUT" + done { diff --git a/test/base/infrastructure/base/podinfo/helm.yaml b/test/base/infrastructure/base/podinfo/helm.yaml new file mode 100644 index 0000000..abb922f --- /dev/null +++ b/test/base/infrastructure/base/podinfo/helm.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: source.toolkit.fluxcd.io/v1 +kind: HelmTypoRepository +metadata: + name: podinfo + namespace: default +spec: + interval: 5m + url: https://stefanprodan.github.io/podinfo diff --git a/test/head/infrastructure/base/podinfo/helm.yaml b/test/head/infrastructure/base/podinfo/helm.yaml new file mode 100644 index 0000000..abb922f --- /dev/null +++ b/test/head/infrastructure/base/podinfo/helm.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: source.toolkit.fluxcd.io/v1 +kind: HelmTypoRepository +metadata: + name: podinfo + namespace: default +spec: + interval: 5m + url: https://stefanprodan.github.io/podinfo diff --git a/wip.sh b/wip.sh new file mode 100644 index 0000000..c9f55d0 --- /dev/null +++ b/wip.sh @@ -0,0 +1,27 @@ +chart_name=dcgm-exporter +url=https://nvidia.github.io/dcgm-exporter/helm-charts +chart_version=3.5.0 + +chart_name=argo-workflows +url=https://argoproj.github.io/argo-helm +chart_version=0.42.5 + + + +release_name="${chart_name}" +release_id="${chart_name}-${chart_version}" +chart_temp_path="./tmp/${release_id}" +mkdir -p "${chart_temp_path}" +helm pull --repo "${url}" "${chart_name}" --version "${chart_version}" -d "${chart_temp_path}" +tar -xzf "${chart_temp_path}/${release_id}.tgz" --directory "${chart_temp_path}" +rm "${chart_temp_path}/${release_id}.tgz" || true +url="./tmp/${release_id}/${chart_name}" +helm template "${release_name}" "${url}" | grep "kind:" +grep -R --include='*.yaml' --include='*.yml' --include='*.tpl' ".Capabilities.APIVersions" "${chart_temp_path}" > /dev/null && echo "Warning" + + +# To do: +# Differentiate downloading chart, streamline extracting +# Warn on grep +# Info on file not found in base +# Move render CAUTION to helm_template function \ No newline at end of file From d2ecd9edd2a7185f1b2bf6bfee4a4d5cb3a0a500 Mon Sep 17 00:00:00 2001 From: Rasmus Rask Date: Mon, 14 Oct 2024 13:15:45 +0200 Subject: [PATCH 4/8] DRY: Add output_msg function --- flux-helm-diff.sh | 54 ++++++++++++++++++++--------------------------- 1 file changed, 23 insertions(+), 31 deletions(-) diff --git a/flux-helm-diff.sh b/flux-helm-diff.sh index ade42b9..e0ee8e0 100755 --- a/flux-helm-diff.sh +++ b/flux-helm-diff.sh @@ -8,6 +8,18 @@ if [[ "${#helm_files[@]}" == "0" ]]; then fi echo "${#helm_files[@]} Helm file(s) to render: ${helm_files[*]}" +output_msg() { + if [[ -z "${2}" ]]; then + echo "Need severity and message text" >&2 + return 1 + fi + { + echo "> [!${1}]" + echo "> ${2}" + echo + } >> "$GITHUB_OUTPUT" +} + helm_template() { set -eu -o pipefail @@ -16,10 +28,7 @@ helm_template() { if [[ -z "${1}" ]]; then echo "Error: Need ${ref} file name to template" >&2 - { - echo '> [!CAUTION]' - echo "> Error: Need \`${ref}\` file name to template" - } >> "$GITHUB_OUTPUT" + output_msg CAUTION "Error: Need \`${ref}\` file name to template" return 1 fi @@ -33,18 +42,10 @@ helm_template() { if [ ! -f "${helm_file}" ]; then echo "${ref} file \"${helm_file}\" not found" >&2 if [[ "${ref}" == "base" ]]; then - { - echo '> [!TIP]' - echo "> File \`${helm_file}\` not found in \`${ref}\` ref, looks like a new Helm file" - echo - } >> "$GITHUB_OUTPUT" + output_msg TIP "File \`${helm_file}\` not found in \`${ref}\` ref, looks like a new Helm file" return else - { - echo '> [!CAUTION]' - echo "> Error: File \`${helm_file}\` not found in \`${ref}\` ref, cannot produce diff" - echo - } >> "$GITHUB_OUTPUT" + output_msg CAUTION "Error: File \`${helm_file}\` not found in \`${ref}\` ref, cannot produce diff" return 1 fi fi @@ -94,18 +95,10 @@ helm_template() { else echo "Unrecognised ${ref} repo type" >&2 if [[ "${ref}" == "base" ]]; then - { - echo '> [!TIP]' - echo "> Unable to determine \`${ref}\` repo type, not rendering template" - echo - } >> "$GITHUB_OUTPUT" + output_msg TIP "Unable to determine \`${ref}\` repo type, not rendering template" return else - { - echo '> [!CAUTION]' - echo "> Error: Unable to determine \`${ref}\` repo type, cannot produce diff" - echo - } >> "$GITHUB_OUTPUT" + output_msg CAUTION "Error: Unable to determine \`${ref}\` repo type, cannot produce diff" return 1 fi fi @@ -142,11 +135,7 @@ helm_template() { # Render template template_out=$(helm template "${release_name}" ${chart_args[@]} -n "${release_namespace}" -f <(echo "${chart_values}") --api-versions "$(IFS=,; echo "${api_versions[*]}")" 2>&1) || { echo "$template_out" >&2 - { - echo '> [!CAUTION]' - echo "> Error rendering \`${ref}\` ref: \`${template_out}\`" - echo - } >> "$GITHUB_OUTPUT" + output_msg CAUTION "Error rendering \`${ref}\` ref: \`${template_out}\`" return 1 } @@ -164,8 +153,11 @@ for helm_file in "${helm_files[@]}"; do # Begin output echo -e "\nProcessing file \"$helm_file\"" - echo >> "$GITHUB_OUTPUT" - echo "### \`${helm_file}\`" >> "$GITHUB_OUTPUT" + { + echo + echo "### \`${helm_file}\`" + echo + } >> "$GITHUB_OUTPUT" # Template before base_out=$(helm_template "base/${helm_file}") || { From 8e2e547f2c1693f3f5c82434f9abe38465c2fd12 Mon Sep 17 00:00:00 2001 From: Rasmus Rask Date: Mon, 14 Oct 2024 13:19:56 +0200 Subject: [PATCH 5/8] Delete WIP script accidentally commited --- wip.sh | 27 --------------------------- 1 file changed, 27 deletions(-) delete mode 100644 wip.sh diff --git a/wip.sh b/wip.sh deleted file mode 100644 index c9f55d0..0000000 --- a/wip.sh +++ /dev/null @@ -1,27 +0,0 @@ -chart_name=dcgm-exporter -url=https://nvidia.github.io/dcgm-exporter/helm-charts -chart_version=3.5.0 - -chart_name=argo-workflows -url=https://argoproj.github.io/argo-helm -chart_version=0.42.5 - - - -release_name="${chart_name}" -release_id="${chart_name}-${chart_version}" -chart_temp_path="./tmp/${release_id}" -mkdir -p "${chart_temp_path}" -helm pull --repo "${url}" "${chart_name}" --version "${chart_version}" -d "${chart_temp_path}" -tar -xzf "${chart_temp_path}/${release_id}.tgz" --directory "${chart_temp_path}" -rm "${chart_temp_path}/${release_id}.tgz" || true -url="./tmp/${release_id}/${chart_name}" -helm template "${release_name}" "${url}" | grep "kind:" -grep -R --include='*.yaml' --include='*.yml' --include='*.tpl' ".Capabilities.APIVersions" "${chart_temp_path}" > /dev/null && echo "Warning" - - -# To do: -# Differentiate downloading chart, streamline extracting -# Warn on grep -# Info on file not found in base -# Move render CAUTION to helm_template function \ No newline at end of file From bc1e1bb4e4151a545eae00d0a2f61f464826d21a Mon Sep 17 00:00:00 2001 From: Rasmus Rask Date: Mon, 14 Oct 2024 14:48:23 +0200 Subject: [PATCH 6/8] Split downloading and templating charts, to prepare for inspecting rendered manifests --- flux-helm-diff.sh | 88 ++++++++++++++++++++++++++++++++--------------- 1 file changed, 60 insertions(+), 28 deletions(-) diff --git a/flux-helm-diff.sh b/flux-helm-diff.sh index e0ee8e0..37ef61b 100755 --- a/flux-helm-diff.sh +++ b/flux-helm-diff.sh @@ -50,7 +50,12 @@ helm_template() { fi fi - # Determine repo type - HelmRepository or OCIRepository + # Extracting chart properties + release_name=$(yq '. | select(.kind == "HelmRelease").metadata.name' "${helm_file}") + release_namespace=$(yq '. | select(.kind == "HelmRelease").metadata.namespace' "${helm_file}") + chart_values=$(yq '. | select(.kind == "HelmRelease").spec.values' "${helm_file}") + + # Determine repo type # https://fluxcd.io/flux/components/source/helmrepositories/ # https://fluxcd.io/flux/components/source/ocirepositories/ # https://fluxcd.io/flux/components/source/gitrepositories/ @@ -58,8 +63,10 @@ helm_template() { repo_type=helm repo_name=$(yq '. | select(.kind == "HelmRelease").spec.chart.spec.sourceRef.name' "${helm_file}") repo_url=$(yq '. | select(.kind == "HelmRepository").spec.url' "${helm_file}") + chart_name=$(yq '. | select(.kind == "HelmRelease").spec.chart.spec.chart' "${helm_file}") chart_version=$(yq '. | select(.kind == "HelmRelease").spec.chart.spec.version' "${helm_file}") + if [[ "${repo_url}" = "oci://"* ]]; then url="${repo_url}/${chart_name}" # Syntax for chart repos is different from OCI repos (as HelmRepo kind) else @@ -69,8 +76,10 @@ helm_template() { elif [[ "OCIRepository" == "$(yq '. | select(.kind == "HelmRelease").spec.chartRef.kind' "${helm_file}")" ]]; then repo_type=oci repo_name=$(yq '. | select(.kind == "HelmRelease").spec.chartRef.name' "${helm_file}") + chart_name="${repo_name}" chart_version=$(yq '. | select(.kind == "OCIRepository").spec.ref.tag' "${helm_file}") + url=$(yq '. | select(.kind == "OCIRepository").spec.url' "${helm_file}") elif [[ "GitRepository" == "$(yq '. | select(.kind == "HelmRelease").spec.chart.spec.sourceRef.kind' "${helm_file}")" ]]; then @@ -78,19 +87,12 @@ helm_template() { repo_name=$(yq '. | select(.kind == "HelmRelease").spec.chart.spec.sourceRef.name' "${helm_file}") repo_url=$(yq '. | select(.kind == "GitRepository").spec.url' "${helm_file}") repo_tag=$(yq '. | select(.kind == "GitRepository").spec.ref.tag' "${helm_file}") - chart_name="${repo_name}" - chart_path=$(yq '. | select(.kind == "HelmRelease").spec.chart.spec.chart' "${helm_file}") - # Download and extract release artifact - may only work with GitHub? - release_id="${repo_name}_${repo_tag}" - mkdir -p "./tmp/${release_id}" - curl --no-progress-meter -Lo "${release_id}.tar.gz" "${repo_url}/archive/refs/tags/${repo_tag}.tar.gz" - tar -xzf "${release_id}.tar.gz" --directory "./tmp/${release_id}" - rm "./${release_id}.tar.gz" || true + chart_name="${repo_name}" + chart_version="${repo_tag}" + chart_rel_path=$(yq '. | select(.kind == "HelmRelease").spec.chart.spec.chart' "${helm_file}") - # Find the chart directory - find_chart_path=$(echo "${chart_path}" | sed -e 's|^./|/|' -e 's|/$||') - url=$(find "./tmp/${release_id}" -type d -path "*${find_chart_path}" | head -n 1) + url="${repo_url}/archive/refs/tags/${repo_tag}.tar.gz" else echo "Unrecognised ${ref} repo type" >&2 @@ -103,11 +105,45 @@ helm_template() { fi fi - # Extracting chart properties - release_name=$(yq '. | select(.kind == "HelmRelease").metadata.name' "${helm_file}") - release_namespace=$(yq '. | select(.kind == "HelmRelease").metadata.namespace' "${helm_file}") - chart_values=$(yq '. | select(.kind == "HelmRelease").spec.values' "${helm_file}") - chart_version="${chart_version:-N/A}" # not relevant for local charts, e.g. downloaded via GitRepository + # Download chart + release_id="${chart_name}-${chart_version}" + chart_temp_path="./tmp/${release_name}-${release_id}-${ref}" + mkdir -p "${chart_temp_path}" + if [[ "${repo_type}" != "git" ]]; then + # Syntax for pull Helm charts is different for OCI repos + if [[ "${url}" = "https://"* ]]; then + helm_pull_args=("${chart_name}" --repo "${url}") # treat as array, to avoid adding single-quotes + elif [[ "${url}" = "oci://"* ]]; then + helm_pull_args=("${url}") # treat as array, to avoid adding single-quotes + else + echo "Unrecognised ${ref} repo type. Again. This should already be caught, so this should never happen.">&2 + return 1 + fi + chart_file="${chart_temp_path}/${release_id}.tgz" + helm pull ${helm_pull_args[@]} --version "${chart_version}" -d "${chart_temp_path}" || { + echo "Helm failed to pull \"${url}\" to \"${chart_temp_path}\"" >&2 + output_msg CAUTION "Helm failed to pull \`${url}\` to \`${chart_temp_path}\`" + return 1 + } + else + # Probably only works with GitHub + chart_file="${chart_temp_path}/asset.tgz" + curl --no-progress-meter -Lo "${chart_file}" "${url}" || { + echo "cURL failed to download \"${url}\" to \"${chart_file}\"" >&2 + output_msg CAUTION "cURL failed to download \`${url}\` to \`${chart_file}\`" + return 1 + } + fi + + # Extract chart + tar -xzf "${chart_file}" --directory "${chart_temp_path}" + rm "${chart_file}" || true + if [[ "${repo_type}" == "git" ]]; then + find_chart_path=$(echo "${chart_rel_path}" | sed -e 's|^./|/|' -e 's|/$||') + chart_path=$(find "${chart_temp_path}" -type d -path "*${find_chart_path}" | head -n 1) + else + chart_path="${chart_temp_path}/${chart_name}" + fi # Use Capabilities.APIVersions mapfile -t api_versions < <(yq '. | foot_comment' "${helm_file}" | yq '.helm-api-versions[]') @@ -122,22 +158,18 @@ helm_template() { echo "${ref} release namespace: ${release_namespace}" >&2 echo "${ref} API versions: $(IFS=,; echo "${api_versions[*]}")" >&2 - # Syntax for chart repos is different from OCI repos (as HelmRepo kind) - if [[ "${url}" = "https://"* ]]; then - chart_args=("${chart_name}" --repo "${url}" --version "${chart_version}") # treat as array, to avoid adding single-quotes - elif [[ "${url}" = "oci://"* ]]; then - chart_args=("${url}" --version "${chart_version}") # treat as array, to avoid adding single-quotes - else - # Assume local path (i.e. GitRepository) - chart_args=("${url}") # treat as array, to avoid adding single-quotes - fi + # TO DO: + # grep -R --include='*.yaml' --include='*.yml' --include='*.tpl' ".Capabilities.APIVersions" "${chart_temp_path}" > /dev/null && echo "Warning" # Render template - template_out=$(helm template "${release_name}" ${chart_args[@]} -n "${release_namespace}" -f <(echo "${chart_values}") --api-versions "$(IFS=,; echo "${api_versions[*]}")" 2>&1) || { + return_code=0 + template_out=$(helm template "${release_name}" "${chart_path}" -n "${release_namespace}" -f <(echo "${chart_values}") --api-versions "$(IFS=,; echo "${api_versions[*]}")" 2>&1) || return_code=$? + rm -rf "${chart_temp_path}" + if [ $return_code -ne 0 ]; then echo "$template_out" >&2 output_msg CAUTION "Error rendering \`${ref}\` ref: \`${template_out}\`" return 1 - } + fi # Cleanup template, removing comments, output template_clean=$(yq -P 'sort_keys(..) comments=""' <(echo "${template_out}")) From 055eaca87314d84f100c4190fe8a1f1f1b763225 Mon Sep 17 00:00:00 2001 From: Rasmus Rask Date: Mon, 14 Oct 2024 15:24:18 +0200 Subject: [PATCH 7/8] Produce warning output, if chart uses `Capabilities.APIVersions` --- flux-helm-diff.sh | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/flux-helm-diff.sh b/flux-helm-diff.sh index 37ef61b..b5aa58f 100755 --- a/flux-helm-diff.sh +++ b/flux-helm-diff.sh @@ -14,8 +14,15 @@ output_msg() { return 1 fi { + # Alert level - https://docs.github.com/en/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax#alerts echo "> [!${1}]" - echo "> ${2}" + shift + + # Message line(s) + for msg in "$@"; do + echo "> ${msg}" + echo '>' + done echo } >> "$GITHUB_OUTPUT" } @@ -158,8 +165,14 @@ helm_template() { echo "${ref} release namespace: ${release_namespace}" >&2 echo "${ref} API versions: $(IFS=,; echo "${api_versions[*]}")" >&2 - # TO DO: - # grep -R --include='*.yaml' --include='*.yml' --include='*.tpl' ".Capabilities.APIVersions" "${chart_temp_path}" > /dev/null && echo "Warning" + # Inspect rendered manifests - head only? + if [[ "${ref}" == "head" ]]; then + grep -R --include='*.yaml' --include='*.yml' --include='*.tpl' ".Capabilities.APIVersions" "${chart_temp_path}" > /dev/null && { + echo "Warning: Chart uses \".Capabilities.APIVersions\"" >&2 + output_msg WARNING "Chart uses the \`.Capabilities.APIVersions\` [built-in template object](https://helm.sh/docs/chart_template_guide/builtin_objects/), which can affect rendered manifests." \ + "See [Flux Helm Diff read-me](https://github.com/marketplace/actions/flux-helm-diff#dry-runningemulating-api-capabilities) for details and workaround." + } + fi # Render template return_code=0 From cf864a471d0ca62b41b597276affdf44841b6913 Mon Sep 17 00:00:00 2001 From: Rasmus Rask Date: Mon, 14 Oct 2024 15:26:10 +0200 Subject: [PATCH 8/8] Produce "capabilities" warning regardless of ref --- flux-helm-diff.sh | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/flux-helm-diff.sh b/flux-helm-diff.sh index b5aa58f..93360f0 100755 --- a/flux-helm-diff.sh +++ b/flux-helm-diff.sh @@ -165,14 +165,12 @@ helm_template() { echo "${ref} release namespace: ${release_namespace}" >&2 echo "${ref} API versions: $(IFS=,; echo "${api_versions[*]}")" >&2 - # Inspect rendered manifests - head only? - if [[ "${ref}" == "head" ]]; then - grep -R --include='*.yaml' --include='*.yml' --include='*.tpl' ".Capabilities.APIVersions" "${chart_temp_path}" > /dev/null && { - echo "Warning: Chart uses \".Capabilities.APIVersions\"" >&2 - output_msg WARNING "Chart uses the \`.Capabilities.APIVersions\` [built-in template object](https://helm.sh/docs/chart_template_guide/builtin_objects/), which can affect rendered manifests." \ - "See [Flux Helm Diff read-me](https://github.com/marketplace/actions/flux-helm-diff#dry-runningemulating-api-capabilities) for details and workaround." - } - fi + # Inspect rendered manifests + grep -R --include='*.yaml' --include='*.yml' --include='*.tpl' ".Capabilities.APIVersions" "${chart_temp_path}" > /dev/null && { + echo "Warning: Chart uses \".Capabilities.APIVersions\"" >&2 + output_msg WARNING "Chart in \`${ref}\` ref uses the \`.Capabilities.APIVersions\` [built-in template object](https://helm.sh/docs/chart_template_guide/builtin_objects/), which can affect rendered manifests." \ + "See [Flux Helm Diff read-me](https://github.com/marketplace/actions/flux-helm-diff#dry-runningemulating-api-capabilities) for details and workaround." + } # Render template return_code=0