2022-11-24 10:39:33 -05:00
|
|
|
/*
|
|
|
|
Copyright (c) Edgeless Systems GmbH
|
|
|
|
|
|
|
|
SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
*/
|
|
|
|
|
|
|
|
package helm
|
|
|
|
|
|
|
|
import (
|
2022-12-19 10:52:15 -05:00
|
|
|
"context"
|
2023-03-03 03:38:23 -05:00
|
|
|
"errors"
|
2022-11-24 10:39:33 -05:00
|
|
|
"fmt"
|
2022-12-19 10:52:15 -05:00
|
|
|
"strings"
|
|
|
|
"time"
|
2022-11-24 10:39:33 -05:00
|
|
|
|
2023-08-02 09:49:40 -04:00
|
|
|
"helm.sh/helm/v3/pkg/action"
|
|
|
|
"helm.sh/helm/v3/pkg/chart"
|
|
|
|
"helm.sh/helm/v3/pkg/cli"
|
|
|
|
"helm.sh/helm/v3/pkg/release"
|
|
|
|
|
2023-07-24 04:30:53 -04:00
|
|
|
"github.com/edgelesssys/constellation/v2/cli/internal/clusterid"
|
2023-07-25 04:54:47 -04:00
|
|
|
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
|
2023-01-31 06:12:19 -05:00
|
|
|
"github.com/edgelesssys/constellation/v2/internal/compatibility"
|
2022-12-19 10:52:15 -05:00
|
|
|
"github.com/edgelesssys/constellation/v2/internal/config"
|
|
|
|
"github.com/edgelesssys/constellation/v2/internal/constants"
|
2022-12-19 02:08:46 -05:00
|
|
|
"github.com/edgelesssys/constellation/v2/internal/file"
|
2023-04-13 10:55:12 -04:00
|
|
|
"github.com/edgelesssys/constellation/v2/internal/semver"
|
2023-02-14 12:04:58 -05:00
|
|
|
"github.com/edgelesssys/constellation/v2/internal/versions"
|
2022-12-19 02:08:46 -05:00
|
|
|
"github.com/spf13/afero"
|
|
|
|
apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
|
|
|
|
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
|
|
|
|
"k8s.io/apimachinery/pkg/runtime/schema"
|
2022-11-24 10:39:33 -05:00
|
|
|
)
|
|
|
|
|
2023-01-04 07:55:10 -05:00
|
|
|
const (
|
|
|
|
// AllowDestructive is a named bool to signal that destructive actions have been confirmed by the user.
|
|
|
|
AllowDestructive = true
|
|
|
|
// DenyDestructive is a named bool to signal that destructive actions have not been confirmed by the user yet.
|
|
|
|
DenyDestructive = false
|
|
|
|
)
|
|
|
|
|
2023-03-24 06:51:18 -04:00
|
|
|
// ErrConfirmationMissing signals that an action requires user confirmation.
|
|
|
|
var ErrConfirmationMissing = errors.New("action requires user confirmation")
|
|
|
|
|
2023-06-30 07:43:23 -04:00
|
|
|
var errReleaseNotFound = errors.New("release not found")
|
|
|
|
|
2023-08-02 09:49:40 -04:00
|
|
|
// UpgradeClient handles interaction with helm and the cluster.
|
|
|
|
type UpgradeClient struct {
|
2023-08-04 07:53:51 -04:00
|
|
|
config *action.Configuration
|
|
|
|
kubectl crdClient
|
|
|
|
fs file.Handler
|
|
|
|
actions actionWrapper
|
|
|
|
upgradeWorkspace string
|
|
|
|
log debugLog
|
2022-11-24 10:39:33 -05:00
|
|
|
}
|
|
|
|
|
2023-08-04 07:53:51 -04:00
|
|
|
// NewUpgradeClient returns a newly initialized UpgradeClient for the given namespace.
|
|
|
|
func NewUpgradeClient(client crdClient, upgradeWorkspace, kubeConfigPath, helmNamespace string, log debugLog) (*UpgradeClient, error) {
|
2022-11-24 10:39:33 -05:00
|
|
|
settings := cli.New()
|
2023-08-04 07:53:51 -04:00
|
|
|
settings.KubeConfig = kubeConfigPath
|
2022-11-24 10:39:33 -05:00
|
|
|
|
|
|
|
actionConfig := &action.Configuration{}
|
2022-12-19 10:52:15 -05:00
|
|
|
if err := actionConfig.Init(settings.RESTClientGetter(), helmNamespace, "secret", log.Debugf); err != nil {
|
2022-11-24 10:39:33 -05:00
|
|
|
return nil, fmt.Errorf("initializing config: %w", err)
|
|
|
|
}
|
|
|
|
|
2022-12-19 02:08:46 -05:00
|
|
|
fileHandler := file.NewHandler(afero.NewOsFs())
|
|
|
|
|
|
|
|
kubeconfig, err := fileHandler.Read(kubeConfigPath)
|
|
|
|
if err != nil {
|
|
|
|
return nil, fmt.Errorf("reading gce config: %w", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := client.Initialize(kubeconfig); err != nil {
|
|
|
|
return nil, fmt.Errorf("initializing kubectl: %w", err)
|
|
|
|
}
|
|
|
|
|
2023-08-04 07:53:51 -04:00
|
|
|
return &UpgradeClient{
|
|
|
|
kubectl: client,
|
|
|
|
fs: fileHandler,
|
|
|
|
actions: actions{config: actionConfig},
|
|
|
|
upgradeWorkspace: upgradeWorkspace,
|
|
|
|
log: log,
|
|
|
|
}, nil
|
2022-11-24 10:39:33 -05:00
|
|
|
}
|
|
|
|
|
2023-08-02 09:49:40 -04:00
|
|
|
func (c *UpgradeClient) shouldUpgrade(releaseName string, newVersion semver.Semver, force bool) error {
|
2023-03-20 09:49:04 -04:00
|
|
|
currentVersion, err := c.currentVersion(releaseName)
|
2023-03-03 06:43:48 -05:00
|
|
|
if err != nil {
|
2023-04-13 10:55:12 -04:00
|
|
|
return fmt.Errorf("getting version for %s: %w", releaseName, err)
|
2023-03-03 06:43:48 -05:00
|
|
|
}
|
2023-03-20 09:49:04 -04:00
|
|
|
c.log.Debugf("Current %s version: %s", releaseName, currentVersion)
|
2023-04-13 10:55:12 -04:00
|
|
|
c.log.Debugf("New %s version: %s", releaseName, newVersion)
|
2023-03-20 09:49:04 -04:00
|
|
|
|
|
|
|
// This may break for cert-manager or cilium if we decide to upgrade more than one minor version at a time.
|
|
|
|
// Leaving it as is since it is not clear to me what kind of sanity check we could do.
|
2023-06-21 09:49:42 -04:00
|
|
|
if !force {
|
2023-07-25 08:20:25 -04:00
|
|
|
if err := newVersion.IsUpgradeTo(currentVersion); err != nil {
|
2023-06-21 09:49:42 -04:00
|
|
|
return err
|
|
|
|
}
|
2023-03-03 06:43:48 -05:00
|
|
|
}
|
2023-07-25 08:20:25 -04:00
|
|
|
cliVersion := constants.BinaryVersion()
|
2023-04-13 10:55:12 -04:00
|
|
|
// at this point we conclude that the release should be upgraded. check that this CLI supports the upgrade.
|
|
|
|
if releaseName == constellationOperatorsInfo.releaseName || releaseName == constellationServicesInfo.releaseName {
|
2023-07-25 08:20:25 -04:00
|
|
|
if cliVersion.Compare(newVersion) != 0 {
|
|
|
|
return fmt.Errorf("this CLI only supports microservice version %s for upgrading", cliVersion.String())
|
2023-04-13 10:55:12 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
c.log.Debugf("Upgrading %s from %s to %s", releaseName, currentVersion, newVersion)
|
2023-03-20 09:49:04 -04:00
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
2023-03-03 06:43:48 -05:00
|
|
|
|
2023-03-20 09:49:04 -04:00
|
|
|
// Upgrade runs a helm-upgrade on all deployments that are managed via Helm.
|
|
|
|
// If the CLI receives an interrupt signal it will cancel the context.
|
|
|
|
// Canceling the context will prompt helm to abort and roll back the ongoing upgrade.
|
2023-08-02 09:49:40 -04:00
|
|
|
func (c *UpgradeClient) Upgrade(ctx context.Context, config *config.Config, idFile clusterid.File, timeout time.Duration, allowDestructive, force bool, upgradeID string) error {
|
2023-03-03 03:38:23 -05:00
|
|
|
upgradeErrs := []error{}
|
2023-03-20 09:49:04 -04:00
|
|
|
upgradeReleases := []*chart.Chart{}
|
2023-06-30 07:43:23 -04:00
|
|
|
newReleases := []*chart.Chart{}
|
2023-07-25 04:54:47 -04:00
|
|
|
for _, info := range getManagedCharts(config) {
|
2023-06-30 07:43:23 -04:00
|
|
|
c.log.Debugf("Checking release %s", info.releaseName)
|
2023-03-20 09:49:04 -04:00
|
|
|
chart, err := loadChartsDir(helmFS, info.path)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("loading chart: %w", err)
|
|
|
|
}
|
2023-04-13 10:55:12 -04:00
|
|
|
|
2023-07-27 10:14:36 -04:00
|
|
|
// Get version of the chart embedded in the CLI
|
|
|
|
// This is the version we are upgrading to
|
|
|
|
// Since our bundled charts are embedded with version 0.0.0,
|
|
|
|
// we need to update them to the same version as the CLI
|
2023-07-25 08:20:25 -04:00
|
|
|
var upgradeVersion semver.Semver
|
2023-07-27 10:14:36 -04:00
|
|
|
if info == constellationOperatorsInfo || info == constellationServicesInfo || info == csiInfo {
|
2023-07-25 08:20:25 -04:00
|
|
|
updateVersions(chart, constants.BinaryVersion())
|
2023-04-13 10:55:12 -04:00
|
|
|
upgradeVersion = config.MicroserviceVersion
|
|
|
|
} else {
|
2023-07-25 08:20:25 -04:00
|
|
|
chartVersion, err := semver.New(chart.Metadata.Version)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("parsing chart version: %w", err)
|
|
|
|
}
|
|
|
|
upgradeVersion = chartVersion
|
2023-03-20 09:49:04 -04:00
|
|
|
}
|
|
|
|
|
2023-06-30 10:46:05 -04:00
|
|
|
var invalidUpgrade *compatibility.InvalidUpgradeError
|
2023-06-21 09:49:42 -04:00
|
|
|
err = c.shouldUpgrade(info.releaseName, upgradeVersion, force)
|
2023-03-20 09:49:04 -04:00
|
|
|
switch {
|
2023-06-30 07:43:23 -04:00
|
|
|
case errors.Is(err, errReleaseNotFound):
|
|
|
|
// if the release is not found, we need to install it
|
|
|
|
c.log.Debugf("Release %s not found, adding to new releases...", info.releaseName)
|
|
|
|
newReleases = append(newReleases, chart)
|
2023-03-20 09:49:04 -04:00
|
|
|
case errors.As(err, &invalidUpgrade):
|
|
|
|
upgradeErrs = append(upgradeErrs, fmt.Errorf("skipping %s upgrade: %w", info.releaseName, err))
|
|
|
|
case err != nil:
|
2023-06-30 07:43:23 -04:00
|
|
|
c.log.Debugf("Adding %s to upgrade releases...", info.releaseName)
|
2023-02-03 05:05:42 -05:00
|
|
|
return fmt.Errorf("should upgrade %s: %w", info.releaseName, err)
|
2023-03-20 09:49:04 -04:00
|
|
|
case err == nil:
|
|
|
|
upgradeReleases = append(upgradeReleases, chart)
|
2023-07-03 09:13:36 -04:00
|
|
|
|
|
|
|
// Check if installing/upgrading the chart could be destructive
|
|
|
|
// If so, we don't want to perform any actions,
|
|
|
|
// unless the user confirms it to be OK.
|
|
|
|
if !allowDestructive &&
|
|
|
|
info.chartName == certManagerInfo.chartName {
|
|
|
|
return ErrConfirmationMissing
|
|
|
|
}
|
2023-03-20 09:49:04 -04:00
|
|
|
}
|
2022-12-22 06:30:04 -05:00
|
|
|
}
|
|
|
|
|
2023-06-30 07:43:23 -04:00
|
|
|
// Backup CRDs and CRs if we are upgrading anything.
|
|
|
|
if len(upgradeReleases) != 0 {
|
|
|
|
c.log.Debugf("Creating backup of CRDs and CRs")
|
|
|
|
crds, err := c.backupCRDs(ctx, upgradeID)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("creating CRD backup: %w", err)
|
|
|
|
}
|
|
|
|
if err := c.backupCRs(ctx, crds, upgradeID); err != nil {
|
|
|
|
return fmt.Errorf("creating CR backup: %w", err)
|
|
|
|
}
|
2022-12-22 06:30:04 -05:00
|
|
|
}
|
|
|
|
|
2023-06-30 07:43:23 -04:00
|
|
|
for _, chart := range upgradeReleases {
|
|
|
|
c.log.Debugf("Upgrading release %s", chart.Metadata.Name)
|
2023-07-24 04:30:53 -04:00
|
|
|
if err := c.upgradeRelease(ctx, timeout, config, idFile, chart); err != nil {
|
2023-06-30 07:43:23 -04:00
|
|
|
return fmt.Errorf("upgrading %s: %w", chart.Metadata.Name, err)
|
|
|
|
}
|
2022-12-22 06:30:04 -05:00
|
|
|
}
|
|
|
|
|
2023-06-30 07:43:23 -04:00
|
|
|
// Install new releases after upgrading existing ones.
|
|
|
|
// This makes sure if a release was removed as a dependency from one chart,
|
|
|
|
// and then added as a new standalone chart (or as a dependency of another chart),
|
|
|
|
// that the new release is installed without creating naming conflicts.
|
|
|
|
// If in the future, we require to install a new release before upgrading existing ones,
|
|
|
|
// it should be done in a separate loop, instead of moving this one up.
|
|
|
|
for _, chart := range newReleases {
|
|
|
|
c.log.Debugf("Installing new release %s", chart.Metadata.Name)
|
2023-07-24 04:30:53 -04:00
|
|
|
if err := c.installNewRelease(ctx, timeout, config, idFile, chart); err != nil {
|
2023-03-20 09:49:04 -04:00
|
|
|
return fmt.Errorf("upgrading %s: %w", chart.Metadata.Name, err)
|
|
|
|
}
|
2022-12-22 06:30:04 -05:00
|
|
|
}
|
|
|
|
|
2023-03-03 03:38:23 -05:00
|
|
|
return errors.Join(upgradeErrs...)
|
2022-12-22 06:30:04 -05:00
|
|
|
}
|
|
|
|
|
2023-07-25 04:54:47 -04:00
|
|
|
func getManagedCharts(config *config.Config) []chartInfo {
|
2023-07-26 06:45:47 -04:00
|
|
|
charts := []chartInfo{ciliumInfo, certManagerInfo, constellationOperatorsInfo, constellationServicesInfo}
|
2023-07-25 04:54:47 -04:00
|
|
|
if config.GetProvider() == cloudprovider.AWS {
|
|
|
|
charts = append(charts, awsLBControllerInfo)
|
|
|
|
}
|
|
|
|
if config.DeployCSIDriver() {
|
|
|
|
charts = append(charts, csiInfo)
|
|
|
|
}
|
|
|
|
return charts
|
|
|
|
}
|
|
|
|
|
2023-01-31 06:12:19 -05:00
|
|
|
// Versions queries the cluster for running versions and returns a map of releaseName -> version.
|
2023-08-02 09:49:40 -04:00
|
|
|
func (c *UpgradeClient) Versions() (ServiceVersions, error) {
|
2023-03-24 06:51:18 -04:00
|
|
|
ciliumVersion, err := c.currentVersion(ciliumInfo.releaseName)
|
|
|
|
if err != nil {
|
|
|
|
return ServiceVersions{}, fmt.Errorf("getting %s version: %w", ciliumInfo.releaseName, err)
|
|
|
|
}
|
|
|
|
certManagerVersion, err := c.currentVersion(certManagerInfo.releaseName)
|
|
|
|
if err != nil {
|
|
|
|
return ServiceVersions{}, fmt.Errorf("getting %s version: %w", certManagerInfo.releaseName, err)
|
|
|
|
}
|
|
|
|
operatorsVersion, err := c.currentVersion(constellationOperatorsInfo.releaseName)
|
|
|
|
if err != nil {
|
|
|
|
return ServiceVersions{}, fmt.Errorf("getting %s version: %w", constellationOperatorsInfo.releaseName, err)
|
|
|
|
}
|
|
|
|
servicesVersion, err := c.currentVersion(constellationServicesInfo.releaseName)
|
2023-01-31 06:12:19 -05:00
|
|
|
if err != nil {
|
2023-03-24 06:51:18 -04:00
|
|
|
return ServiceVersions{}, fmt.Errorf("getting %s version: %w", constellationServicesInfo.releaseName, err)
|
2023-01-31 06:12:19 -05:00
|
|
|
}
|
2023-07-27 10:14:36 -04:00
|
|
|
csiVersions, err := c.csiVersions()
|
|
|
|
if err != nil {
|
|
|
|
return ServiceVersions{}, fmt.Errorf("getting CSI versions: %w", err)
|
2023-07-24 04:30:53 -04:00
|
|
|
}
|
2023-01-31 06:12:19 -05:00
|
|
|
|
2023-07-27 10:14:36 -04:00
|
|
|
serviceVersions := ServiceVersions{
|
2023-07-25 08:20:25 -04:00
|
|
|
cilium: ciliumVersion,
|
|
|
|
certManager: certManagerVersion,
|
|
|
|
constellationOperators: operatorsVersion,
|
|
|
|
constellationServices: servicesVersion,
|
2023-07-27 10:14:36 -04:00
|
|
|
csiVersions: csiVersions,
|
2023-07-24 08:25:11 -04:00
|
|
|
}
|
2023-07-27 10:14:36 -04:00
|
|
|
|
|
|
|
if awsLBVersion, err := c.currentVersion(awsLBControllerInfo.releaseName); err == nil {
|
|
|
|
serviceVersions.awsLBController = awsLBVersion
|
|
|
|
} else if !errors.Is(err, errReleaseNotFound) {
|
|
|
|
return ServiceVersions{}, fmt.Errorf("getting %s version: %w", awsLBControllerInfo.releaseName, err)
|
2023-07-24 08:25:11 -04:00
|
|
|
}
|
2023-07-25 08:20:25 -04:00
|
|
|
|
2023-07-27 10:14:36 -04:00
|
|
|
return serviceVersions, nil
|
2023-01-31 06:12:19 -05:00
|
|
|
}
|
|
|
|
|
2022-12-22 06:30:04 -05:00
|
|
|
// currentVersion returns the version of the currently installed helm release.
|
2023-08-02 09:49:40 -04:00
|
|
|
func (c *UpgradeClient) currentVersion(release string) (semver.Semver, error) {
|
2023-01-04 07:55:10 -05:00
|
|
|
rel, err := c.actions.listAction(release)
|
2022-11-24 10:39:33 -05:00
|
|
|
if err != nil {
|
2023-07-25 08:20:25 -04:00
|
|
|
return semver.Semver{}, err
|
2022-11-24 10:39:33 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
if len(rel) == 0 {
|
2023-07-25 08:20:25 -04:00
|
|
|
return semver.Semver{}, errReleaseNotFound
|
2022-11-24 10:39:33 -05:00
|
|
|
}
|
|
|
|
if len(rel) > 1 {
|
2023-07-25 08:20:25 -04:00
|
|
|
return semver.Semver{}, fmt.Errorf("multiple releases found for %s", release)
|
2022-11-24 10:39:33 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
if rel[0] == nil || rel[0].Chart == nil || rel[0].Chart.Metadata == nil {
|
2023-07-25 08:20:25 -04:00
|
|
|
return semver.Semver{}, fmt.Errorf("received invalid release %s", release)
|
2022-11-24 10:39:33 -05:00
|
|
|
}
|
|
|
|
|
2023-07-25 08:20:25 -04:00
|
|
|
return semver.New(rel[0].Chart.Metadata.Version)
|
2022-11-24 10:39:33 -05:00
|
|
|
}
|
2022-12-19 10:52:15 -05:00
|
|
|
|
2023-08-02 09:49:40 -04:00
|
|
|
func (c *UpgradeClient) csiVersions() (map[string]semver.Semver, error) {
|
2023-07-27 10:14:36 -04:00
|
|
|
packedChartRelease, err := c.actions.listAction(csiInfo.releaseName)
|
|
|
|
if err != nil {
|
|
|
|
return nil, fmt.Errorf("listing %s: %w", csiInfo.releaseName, err)
|
2023-03-24 06:51:18 -04:00
|
|
|
}
|
|
|
|
|
2023-07-27 10:14:36 -04:00
|
|
|
csiVersions := make(map[string]semver.Semver)
|
2023-03-24 06:51:18 -04:00
|
|
|
|
2023-07-27 10:14:36 -04:00
|
|
|
// No CSI driver installed
|
|
|
|
if len(packedChartRelease) == 0 {
|
|
|
|
return csiVersions, nil
|
|
|
|
}
|
2023-03-24 06:51:18 -04:00
|
|
|
|
2023-07-27 10:14:36 -04:00
|
|
|
if len(packedChartRelease) > 1 {
|
|
|
|
return nil, fmt.Errorf("multiple releases found for %s", csiInfo.releaseName)
|
|
|
|
}
|
2023-03-24 06:51:18 -04:00
|
|
|
|
2023-07-27 10:14:36 -04:00
|
|
|
if packedChartRelease[0] == nil || packedChartRelease[0].Chart == nil {
|
|
|
|
return nil, fmt.Errorf("received invalid release %s", csiInfo.releaseName)
|
|
|
|
}
|
|
|
|
|
|
|
|
dependencies := packedChartRelease[0].Chart.Metadata.Dependencies
|
|
|
|
for _, dep := range dependencies {
|
|
|
|
var err error
|
|
|
|
csiVersions[dep.Name], err = semver.New(dep.Version)
|
|
|
|
if err != nil {
|
|
|
|
return nil, fmt.Errorf("parsing CSI version %q: %w", dep.Name, err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return csiVersions, nil
|
2023-03-24 06:51:18 -04:00
|
|
|
}
|
2023-01-04 07:55:10 -05:00
|
|
|
|
2023-06-30 07:43:23 -04:00
|
|
|
// installNewRelease installs a previously not installed release on the cluster.
|
2023-08-02 09:49:40 -04:00
|
|
|
func (c *UpgradeClient) installNewRelease(
|
2023-07-24 04:30:53 -04:00
|
|
|
ctx context.Context, timeout time.Duration, conf *config.Config, idFile clusterid.File, chart *chart.Chart,
|
2023-06-30 07:43:23 -04:00
|
|
|
) error {
|
2023-07-24 04:30:53 -04:00
|
|
|
releaseName, values, err := c.loadUpgradeValues(ctx, conf, idFile, chart)
|
2023-06-30 07:43:23 -04:00
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("loading values: %w", err)
|
|
|
|
}
|
|
|
|
return c.actions.installAction(ctx, releaseName, chart, values, timeout)
|
|
|
|
}
|
|
|
|
|
|
|
|
// upgradeRelease upgrades a release running on the cluster.
|
2023-08-02 09:49:40 -04:00
|
|
|
func (c *UpgradeClient) upgradeRelease(
|
2023-07-24 04:30:53 -04:00
|
|
|
ctx context.Context, timeout time.Duration, conf *config.Config, idFile clusterid.File, chart *chart.Chart,
|
2022-12-22 06:30:04 -05:00
|
|
|
) error {
|
2023-07-24 04:30:53 -04:00
|
|
|
releaseName, values, err := c.loadUpgradeValues(ctx, conf, idFile, chart)
|
2023-06-30 07:43:23 -04:00
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("loading values: %w", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
values, err = c.mergeClusterValues(values, releaseName)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("preparing values: %w", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
return c.actions.upgradeAction(ctx, releaseName, chart, values, timeout)
|
|
|
|
}
|
|
|
|
|
|
|
|
// loadUpgradeValues loads values for a chart required for running an upgrade.
|
2023-08-02 09:49:40 -04:00
|
|
|
func (c *UpgradeClient) loadUpgradeValues(ctx context.Context, conf *config.Config, idFile clusterid.File, chart *chart.Chart,
|
2023-06-30 07:43:23 -04:00
|
|
|
) (string, map[string]any, error) {
|
2023-02-14 12:04:58 -05:00
|
|
|
// We need to load all values that can be statically loaded before merging them with the cluster
|
|
|
|
// values. Otherwise the templates are not rendered correctly.
|
2023-07-12 06:42:51 -04:00
|
|
|
k8sVersion, err := versions.NewValidK8sVersion(conf.KubernetesVersion, false)
|
2023-02-14 12:04:58 -05:00
|
|
|
if err != nil {
|
2023-06-30 07:43:23 -04:00
|
|
|
return "", nil, fmt.Errorf("validating k8s version: %s", conf.KubernetesVersion)
|
2023-02-14 12:04:58 -05:00
|
|
|
}
|
2023-07-24 04:30:53 -04:00
|
|
|
|
|
|
|
c.log.Debugf("Checking cluster ID file")
|
|
|
|
clusterName := clusterid.GetClusterName(conf, idFile)
|
|
|
|
|
|
|
|
loader := NewLoader(conf.GetProvider(), k8sVersion, clusterName)
|
2023-03-20 09:49:04 -04:00
|
|
|
|
2023-02-14 12:04:58 -05:00
|
|
|
var values map[string]any
|
2023-03-20 09:49:04 -04:00
|
|
|
var releaseName string
|
|
|
|
|
|
|
|
switch chart.Metadata.Name {
|
|
|
|
case ciliumInfo.chartName:
|
|
|
|
releaseName = ciliumInfo.releaseName
|
2023-07-20 03:40:14 -04:00
|
|
|
var ok bool
|
|
|
|
values, ok = ciliumVals[conf.GetProvider().String()]
|
|
|
|
if !ok {
|
|
|
|
return "", nil, fmt.Errorf("cilium values for csp %q not found", conf.GetProvider().String())
|
|
|
|
}
|
2023-03-20 09:49:04 -04:00
|
|
|
case certManagerInfo.chartName:
|
|
|
|
releaseName = certManagerInfo.releaseName
|
2023-02-14 12:04:58 -05:00
|
|
|
values = loader.loadCertManagerValues()
|
2023-03-20 09:49:04 -04:00
|
|
|
case constellationOperatorsInfo.chartName:
|
|
|
|
releaseName = constellationOperatorsInfo.releaseName
|
2023-06-26 04:13:28 -04:00
|
|
|
values = loader.loadOperatorsValues()
|
2023-03-20 09:49:04 -04:00
|
|
|
|
|
|
|
if err := c.updateCRDs(ctx, chart); err != nil {
|
2023-06-30 07:43:23 -04:00
|
|
|
return "", nil, fmt.Errorf("updating CRDs: %w", err)
|
2023-03-20 09:49:04 -04:00
|
|
|
}
|
|
|
|
case constellationServicesInfo.chartName:
|
|
|
|
releaseName = constellationServicesInfo.releaseName
|
2023-06-26 04:13:28 -04:00
|
|
|
values = loader.loadConstellationServicesValues()
|
2023-03-23 04:53:23 -04:00
|
|
|
|
2023-05-03 05:11:53 -04:00
|
|
|
if err := c.applyMigrations(ctx, releaseName, values, conf); err != nil {
|
2023-06-30 07:43:23 -04:00
|
|
|
return "", nil, fmt.Errorf("applying migrations: %w", err)
|
2023-03-23 04:53:23 -04:00
|
|
|
}
|
2023-06-30 07:43:23 -04:00
|
|
|
case csiInfo.chartName:
|
|
|
|
releaseName = csiInfo.releaseName
|
|
|
|
values = loader.loadCSIValues()
|
2023-07-24 04:30:53 -04:00
|
|
|
case awsLBControllerInfo.chartName:
|
|
|
|
releaseName = awsLBControllerInfo.releaseName
|
|
|
|
values = loader.loadAWSLBControllerValues()
|
2023-02-14 12:04:58 -05:00
|
|
|
default:
|
2023-06-30 07:43:23 -04:00
|
|
|
return "", nil, fmt.Errorf("unknown chart name: %s", chart.Metadata.Name)
|
2022-12-19 10:52:15 -05:00
|
|
|
}
|
|
|
|
|
2023-06-30 07:43:23 -04:00
|
|
|
return releaseName, values, nil
|
2022-12-19 10:52:15 -05:00
|
|
|
}
|
|
|
|
|
2023-04-13 10:55:12 -04:00
|
|
|
// applyMigrations checks the from version and applies the necessary migrations.
|
|
|
|
// The function assumes the caller has verified that our version drift restriction is not violated,
|
|
|
|
// Currently, this is done during config validation.
|
2023-08-02 09:49:40 -04:00
|
|
|
func (c *UpgradeClient) applyMigrations(ctx context.Context, releaseName string, values map[string]any, conf *config.Config) error {
|
2023-04-13 10:55:12 -04:00
|
|
|
current, err := c.currentVersion(releaseName)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("getting %s version: %w", releaseName, err)
|
|
|
|
}
|
|
|
|
|
2023-07-25 08:20:25 -04:00
|
|
|
if current.Major() == 2 && current.Minor() == 8 {
|
2023-07-10 08:03:45 -04:00
|
|
|
// Rename/change the following function to implement any necessary migrations.
|
|
|
|
return migrateFrom2_8(ctx, values, conf, c.kubectl)
|
2023-04-13 10:55:12 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2023-07-10 08:03:45 -04:00
|
|
|
// migrateFrom2_8 is currently a no-op that is kept for documentation purposes.
|
|
|
|
// If you have to implement the function please make sure to update the below comment to your situation.
|
|
|
|
// migrateFrom2_8 applies the necessary migrations for upgrading from v2.8.x to v2.9.x.
|
|
|
|
// migrateFrom2_8 should be applied for v2.8.x --> v2.9.x.
|
|
|
|
// migrateFrom2_8 should NOT be applied for v2.8.0 --> v2.9.x.
|
|
|
|
func migrateFrom2_8(_ context.Context, _ map[string]any, _ *config.Config, _ crdClient) error {
|
2023-04-13 10:55:12 -04:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2023-06-30 07:43:23 -04:00
|
|
|
// mergeClusterValues returns a values map as required for helm-upgrade.
|
2022-12-19 10:52:15 -05:00
|
|
|
// It imitates the behaviour of helm's reuse-values flag by fetching the current values from the cluster
|
|
|
|
// and merging the fetched values with the locally found values.
|
|
|
|
// This is done to ensure that new values (from upgrades of the local files) end up in the cluster.
|
|
|
|
// reuse-values does not ensure this.
|
2023-08-02 09:49:40 -04:00
|
|
|
func (c *UpgradeClient) mergeClusterValues(localValues map[string]any, releaseName string) (map[string]any, error) {
|
2022-12-19 10:52:15 -05:00
|
|
|
// Ensure installCRDs is set for cert-manager chart.
|
2023-03-20 09:49:04 -04:00
|
|
|
if releaseName == certManagerInfo.releaseName {
|
2023-02-14 12:04:58 -05:00
|
|
|
localValues["installCRDs"] = true
|
2022-12-19 10:52:15 -05:00
|
|
|
}
|
2023-02-14 12:04:58 -05:00
|
|
|
clusterValues, err := c.actions.getValues(releaseName)
|
2022-12-19 10:52:15 -05:00
|
|
|
if err != nil {
|
2023-01-04 07:55:10 -05:00
|
|
|
return nil, fmt.Errorf("getting values for %s: %w", releaseName, err)
|
2022-12-19 10:52:15 -05:00
|
|
|
}
|
2023-02-14 12:04:58 -05:00
|
|
|
|
2023-08-02 09:49:40 -04:00
|
|
|
return mergeMaps(clusterValues, localValues), nil
|
2022-12-19 10:52:15 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
// GetValues queries the cluster for the values of the given release.
|
2023-08-02 09:49:40 -04:00
|
|
|
func (c *UpgradeClient) GetValues(release string) (map[string]any, error) {
|
2022-12-19 10:52:15 -05:00
|
|
|
client := action.NewGetValues(c.config)
|
|
|
|
// Version corresponds to the releases revision. Specifying a Version <= 0 yields the latest release.
|
|
|
|
client.Version = 0
|
|
|
|
values, err := client.Run(release)
|
|
|
|
if err != nil {
|
|
|
|
return nil, fmt.Errorf("getting values for %s: %w", release, err)
|
|
|
|
}
|
|
|
|
return values, nil
|
|
|
|
}
|
|
|
|
|
2022-12-22 06:30:04 -05:00
|
|
|
// updateCRDs walks through the dependencies of the given chart and applies
|
2022-12-19 10:52:15 -05:00
|
|
|
// the files in the dependencie's 'crds' folder.
|
|
|
|
// This function is NOT recursive!
|
2023-08-02 09:49:40 -04:00
|
|
|
func (c *UpgradeClient) updateCRDs(ctx context.Context, chart *chart.Chart) error {
|
2022-12-19 10:52:15 -05:00
|
|
|
for _, dep := range chart.Dependencies() {
|
|
|
|
for _, crdFile := range dep.Files {
|
|
|
|
if strings.HasPrefix(crdFile.Name, "crds/") {
|
2022-12-22 06:30:04 -05:00
|
|
|
c.log.Debugf("Updating crd: %s", crdFile.Name)
|
2022-12-19 02:08:46 -05:00
|
|
|
err := c.kubectl.ApplyCRD(ctx, crdFile.Data)
|
2022-12-19 10:52:15 -05:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2022-12-19 02:08:46 -05:00
|
|
|
type crdClient interface {
|
|
|
|
Initialize(kubeconfig []byte) error
|
|
|
|
ApplyCRD(ctx context.Context, rawCRD []byte) error
|
|
|
|
GetCRDs(ctx context.Context) ([]apiextensionsv1.CustomResourceDefinition, error)
|
|
|
|
GetCRs(ctx context.Context, gvr schema.GroupVersionResource) ([]unstructured.Unstructured, error)
|
|
|
|
}
|
2023-01-04 07:55:10 -05:00
|
|
|
|
|
|
|
type actionWrapper interface {
|
|
|
|
listAction(release string) ([]*release.Release, error)
|
|
|
|
getValues(release string) (map[string]any, error)
|
2023-06-30 07:43:23 -04:00
|
|
|
installAction(ctx context.Context, releaseName string, chart *chart.Chart, values map[string]any, timeout time.Duration) error
|
2023-01-04 07:55:10 -05:00
|
|
|
upgradeAction(ctx context.Context, releaseName string, chart *chart.Chart, values map[string]any, timeout time.Duration) error
|
|
|
|
}
|
|
|
|
|
|
|
|
type actions struct {
|
|
|
|
config *action.Configuration
|
|
|
|
}
|
|
|
|
|
|
|
|
// listAction execute a List action by wrapping helm's action package.
|
|
|
|
// It creates the action, runs it at returns results and errors.
|
|
|
|
func (a actions) listAction(release string) ([]*release.Release, error) {
|
|
|
|
action := action.NewList(a.config)
|
|
|
|
action.Filter = release
|
|
|
|
return action.Run()
|
|
|
|
}
|
|
|
|
|
|
|
|
func (a actions) getValues(release string) (map[string]any, error) {
|
|
|
|
client := action.NewGetValues(a.config)
|
|
|
|
// Version corresponds to the releases revision. Specifying a Version <= 0 yields the latest release.
|
|
|
|
client.Version = 0
|
|
|
|
return client.Run(release)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (a actions) upgradeAction(ctx context.Context, releaseName string, chart *chart.Chart, values map[string]any, timeout time.Duration) error {
|
|
|
|
action := action.NewUpgrade(a.config)
|
|
|
|
action.Atomic = true
|
|
|
|
action.Namespace = constants.HelmNamespace
|
|
|
|
action.ReuseValues = false
|
|
|
|
action.Timeout = timeout
|
|
|
|
if _, err := action.RunWithContext(ctx, releaseName, chart, values); err != nil {
|
|
|
|
return fmt.Errorf("upgrading %s: %w", releaseName, err)
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
2023-06-30 07:43:23 -04:00
|
|
|
|
|
|
|
func (a actions) installAction(ctx context.Context, releaseName string, chart *chart.Chart, values map[string]any, timeout time.Duration) error {
|
|
|
|
action := action.NewInstall(a.config)
|
|
|
|
action.Atomic = true
|
|
|
|
action.Namespace = constants.HelmNamespace
|
|
|
|
action.ReleaseName = releaseName
|
|
|
|
action.Timeout = timeout
|
|
|
|
if _, err := action.RunWithContext(ctx, chart, values); err != nil {
|
|
|
|
return fmt.Errorf("installing previously not installed chart %s: %w", chart.Name(), err)
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|