Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Deploy policies as an app #6

Merged
merged 22 commits into from
Mar 31, 2021
Merged

Deploy policies as an app #6

merged 22 commits into from
Mar 31, 2021

Conversation

stone-z
Copy link
Contributor

@stone-z stone-z commented Mar 25, 2021
edited
Loading

Separates policies into common, aws, azure, kvm, and vmware concerns and pushes the charts to the cp test catalog.

After https://github.com/giantswarm/opsctl/pull/1109 we can deploy these with opsctl. release-operator behavior is still in progress

@stone-z stone-z self-assigned this Mar 30, 2021
@stone-z stone-z marked this pull request as ready for review March 30, 2021 15:31
@stone-z stone-z requested a review from a team March 30, 2021 15:42
MarcelMue
MarcelMue reviewed Mar 30, 2021
View reviewed changes
helm/policies-common/Chart.yaml
@@ -0,0 +1,6 @@
apiVersion: v1
name: policies-common
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we need to prefix everything with policies? Especially for folders it seems redundant as the repo is already called clusterpolicies

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In places where the name is actually used I think it will make more sense. Like with opsctl it would currently be opsctl deploy -i <whatever> policies-kvm. I tried to keep this similar to the releases structure

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I understand that - but the folders in releases also don't have a prefix. Maybe I am missing something.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The folders for the actual helm charts do https://github.com/giantswarm/releases/tree/master/helm

The outer folders are kustomized in, which we can't do with ClusterPolicy CRs because it alphabetizes things and re-quotes strings which break kyverno

MarcelMue
MarcelMue approved these changes Mar 31, 2021
View reviewed changes
Copy link
Contributor

@MarcelMue MarcelMue left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Works for me - sad about kustomize not working :D

@stone-z
Copy link
Contributor Author

stone-z commented Mar 31, 2021

Yeah, it would be really clean to do it like in releases. Maybe in the future, there are some known issues in kustomize about mangling quotes, whitespace, and alphabetization (1, 2). Maybe we can open one to disable those behaviors

@stone-z stone-z merged commit 7546502 into main Mar 31, 2021
@stone-z stone-z deleted the make-app branch March 31, 2021 13:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MarcelMue MarcelMue MarcelMue approved these changes

Assignees

@stone-z stone-z

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@stone-z @MarcelMue