Comments (8)
One other caveat I forgot about is the need to seperate non-namespaced objects from namespaced ones to set it only where it belongs: kubernetes-sigs/external-dns#2807
I think I have seen that Kubernetes is not complaining when a namespace is set on a non-namespaced object but better handle this properly from the get go.
from hull.
The second solution is exactly how we have implemented it in our internal charts. We set .Release.Namespace
as default and allow it to be overwritten by .Values.namespaceOverride
. I haven't encountered any issues with this implementation (also tried helm install
) and big charts like kube-prometheus-stack use it as well (https://github.com/prometheus-community/helm-charts/blob/6db99b756ff91586e26a1d009eceaf9cee8b1c40/charts/kube-prometheus-stack/templates/_helpers.tpl#L124) so I guess it should be fine to always populate metadata.namespace
.
from hull.
I think I would want to put it here:
hull: config: general: metadata: namespaceOverride:
@sczech Do you think there is a usecase for individual
namespaceOverride
's on the instance level as mentioned before? So the logic on an per instance basis could populate the renderednamespace
like so:
hull.objects.<type>.<instance>.namespaceOverride
if present and non-emptyhull.config.metadata.namespaceOverride
if present and non-empty.Release.Namespace
otherwiseIt would be not much extra effort to do so and it should cover all bases.
I don't think there is a need for individual fields since a chart should really only be deployed to one namespace at a time. If you want to deploy to another namespace the preferred solution should be to use subcharts.
Concerning the namespaceOverride
key location: I find it to be most intuitive to put it on the same level as nameOverride
and fullnameOverride
, at least that is where I would look for it first.
from hull.
Looking good! Thank you for the quick implementation 🙏
from hull.
Thank you for the quick response! My use case is that we don't install Helm Charts directly into the cluster. We have a deployment pipeline that does a helm template
and commits the output into our infrastructure repo. Then the plain manifests are synced from this repo into our Cluster via FluxCD.
This is in line with GitOps best practices and allows us to have a full declarative state of our cluster in Git. But since Helm isn't communicating directly with our cluster we have to define metadata.namespace
in advance and bake it into the template.
from hull.
Interesting, never looked at the metadata.namespace
when helm template
ing so far. Have used helm update/install
all the time sofar in our workflows.
When I did a test just now it turns out -n
and --namespace
does not put a namespace
in the templates (exactly as you said above). Quite surprising behavior but I see I am in good company here. One of the things where the donkey work is seemingly unnecessarily handed over to the chart maintainers (adding namespace
property to all objects) or users (post-processing templates with whatever tool) 👎
Anyhow, now I totally understand what you are after with your request. Flux is also at the top of my list of things to do next since we want to use it at work too so sounds like a total win-win to allow this. It should also be not much work.
Some questions aligning on the desired implementation:
-
I see that (some) people just take the
{{ .Release.Namespace }}
, ergo the-n
passed tohelm template
, to populate themetadata.namespace
fields (like here). -
Others have an extra field in mind like your
config.general.namespaceOverride
and fallback to the{{ .Release.Namespace }}
when not provided as for example here:{{- if .Values.namespace -}} {{- .Values.namespace -}} {{- else -}} {{- .Release.Namespace -}} {{- end -}}
Small question I have whether there is any danger to always setting this metadata.namespace
field for the helm upgrade/install
use case? Though fairly sure Helm does not complain when encountering a metadata.namespace
here in the templates (otherwise there wouldn't be all the examples above) but maybe you can confirm that there is no danger in explicitly populating this field always? If yes then I think I would go with the second approach where it always populates metadata.namespace
either from config.general.namespaceOverride
or {{ .Release.Namespace }}
if config.general.namespaceOverride
isn't present or empty.
from hull.
I think I would want to put it here:
hull:
config:
general:
metadata:
namespaceOverride:
@sczech Do you think there is a usecase for individual namespaceOverride
's on the instance level as mentioned before? So the logic on an per instance basis could populate the rendered namespace
like so:
hull.objects.<type>.<instance>.namespaceOverride
if present and non-emptyhull.config.metadata.namespaceOverride
if present and non-empty.Release.Namespace
otherwise
It would be not much extra effort to do so and it should cover all bases.
from hull.
Ok it is done, new releases with namespaceOverride
:
Release 1.27,1
Release 1.26.3
Release 1.25.14
Followed your suggestion so you can use:
hull:
config:
general:
metadata:
namespaceOverride: abc
to change the namespace in the templates.
If not provided, the {{ .Release.Namespace }}
is used.
Hope that works and if you have other problems. feature suggestions or find a bug let me know!
from hull.
Related Issues (20)
- Bug: Ingress with TLS HOT 4
- Quoted values transformed to scientific notation number HOT 4
- Using transformations in objects' names HOT 2
- Empty list in hull.util.transformation.include HOT 8
- Generating properties with transformations HOT 2
- Using transformations in hull.objects.secret.*.data.*.inline HOT 13
- Something is wrong when using a transformation in hull.objects.ingress.*.tls.*.hosts HOT 3
- The hull.util.transformation.makefullname transformation and and the staticName parameter HOT 9
- Creating non-opaque Secrets HOT 6
- hull.util.transformation.get converts a string to an integer HOT 3
- Empty fields in rendered template HOT 5
- Accessing the global context from an interpolation placeholder HOT 7
- Is there an idiomatic way to access Chart and Release objects HOT 7
- Add more single valued functions to `_HT*` transformations HOT 1
- Add `sharedContainers` feature
- Enable array access in `_HT*` HOT 1
- Default security settings
- [question] Is it possible to create ConfigMap from a directory using glob pattern ? HOT 20
- Cronjob jobspec not mapping several fields HOT 2
- Combine boolean evaluation `_HT?` with get `_HT*` and include `_HT/` transformations HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from hull.