cli: add microservice upgrades behind hidden flags #729
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
✅ Deploy Preview for constellation-docs ready!
To edit notification comments on pull requests, go to your Netlify site settings. |
derpsteb
force-pushed
the
feat/helm-upgrade
branch
2 times, most recently
from
983da3b
to
1f5ef90
Compare
|
This is currently missing automatic creation of CRD and CR backups. However, to keep PRs smaller I would merge this without backups. Only merge after 2.3 release. |
derpsteb
force-pushed
the
feat/helm-upgrade
branch
from
6332884
to
ce73703
Compare
|
Looks good to me. |
Run with: constellation upgrade execute --helm. This will only upgrade the helm charts. No config is needed.
* Use strechr/testify * Extend parseCRDs test * Increase Timeout * Use correct error messages
* Add license header * Add periods to comments
* hide helm flags * expand help text * remove unnecessary comments
derpsteb
force-pushed
the
feat/helm-upgrade
branch
from
44a765b
to
d9d284a
Compare
daniel-weisse
approved these changes
Dec 19, 2022
derpsteb
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Proposed change(s)
Introduce functionality to upgrade microservices in a running cluster as per update.rfc. Currently an upgrade can be triggered by running
constellation upgrade execute --helm. This is only temporary until we restructure the upgrade command according to the RFC. I am also open to change the temporary solution.--keepValuesis disabled for cert-manager and cilium as their docs explicitly warn against using the flag. Reason being that newly introduced values are not picked up when using--keepValues. Therefore I went with the recommended way of fetching the existing values from the cluster and merging them with the loaded values from disk.MergeMapswill prioritize the values from the second argument, see the respective unit test. Calls toMergeMapsshould always have the cluster values in the second argument.Helm does not support updating CRDs as outlined here. There is some discussion on the topic. In the end we will have to decide how to handle CRDs on a case by case basis. We must take extra care of updating CRDs when Constellation users could rely on the installed CRDs.
CRDs updates are managed like the following:
crdsfolder in order to have full control of the CRDs. We follow that approach. Constellation users will have to take care that their cert-manager installation is on the same version as Constellation's. This will be described in the docs (ticket is created).crdsfolder. CRD updates have to be done manually. The current implementation is effectively runningkubectl apply -f ./crds/on the respective folders.We may want to include an upgrade rollback command, but won't implement it now. If helm declares an update as successful, but release does not work as expected the docs will help by suggesting relevant helm-rollback commands.
Related issue
Checklist