[FR] Allow the Chart to create extra manifest #5900
Comments
jetstack-bot
added
the
kind/feature
|
Issues go stale after 90d of inactivity. |
jetstack-bot
added
the
lifecycle/stale
|
/remove-lifecycle stale |
jetstack-bot
removed
the
lifecycle/stale
|
Issues go stale after 90d of inactivity. |
jetstack-bot
added
the
lifecycle/stale
|
/remove-lifecycle stale |
jetstack-bot
removed
the
lifecycle/stale
|
@pierluigilenoci and @gplessis Please supply some concrete use cases for this feature. I don't think Please explain precisely why and how a SecretProviderClass would be deployed using this feature and explain why a Helm post install hook or another Helm chart or a set of pre-provisioned manifests would not also solve the problem for you. https://cert-manager.io/docs/contributing/policy/#additional-configuration-options-for-the-helm-chart explains why we are reluctant to add new Helm chart features like this. |
I don't think that's a real example because even if the CRDs have already been installed, you can't create cert-manager custom resources (including ClusterIssuer) until the cert-manager webhook is ready. The explanation is here (although slightly out-of-date):
Please be more precise about this use-case. Explain when, where and how Grafana gets installed. Explain why the ConfigMap isn't included in the Grafana chart. If we agree that the ClusterIssuer can not be included in the extraManifests of cert-manager, howdo you install those resources and why can't the grafana ConfigMap be installed in that way too? |
|
@wallrj, the way I see things, an application should be installed and configured using a single "artifact" rather than multiple elements. Obviously, I could insert the ConfigMaps to load the dashboards using the Grafana chart, but I find it more intelligent if they are together with the application that concerns them. And then, when and if Grafana is installed does not matter. At this moment, to do so, a chart umbrella must be used that has the cert-manager dependency and installs the extra files that can't be installed with the base chart. However, I have a question: do you have any technical reason to be against this change? Because even if the use cases are minimal, it is a modification that has little or no impact, it makes the chart more dynamic without causing any damage. Note: the ClusterIssuer could be installed |
Ok. Thanks for taking time to explain. I guess that you use: If this is how you want to use Helm, you should create a feature request in https://github.com/helm/helm i.e. helm install cert-manager jetstack/cert-manager \
--values cert-manager.values.yaml \
--user-supplied-manifests cert-manager-grafana-dashboard.yamlSo that you can use this technique with any Helm chart.
Those all sound like good solutions to this problem.
The impact is not minimal. A feature like this is likely to cause support requests because it will be natural for users to try and use it to install ClusterIssuer,
The cert-manager chart already has a post-install hook blocks until the cert-manager webhook is Ready. |
|
@wallrj, those ConfigMaps you linked from the Grafana documentation are precisely the ones I want to create as extra manifests from the cert-manager chart. It makes sense that all Grafana dashboards related to cert-manager are contained in the chart of the software itself without having to resort to external means. I need to understand why I should ask for an additional feature in Helm to do something it already does—effectively complicating its use. I don't need to persuade any Helm Chart maintainers. It is a good practice, which is, in fact, already used in many charts. So, I expect to find it already or hope that by requesting it, given the low impact of creating the PR to implement it, available maintainers will favorably embrace it. The impact of implementation, documentation, and maintenance is so low that if you promise me a quick review and merge, I am willing to take on the effort (maximum 30 minutes of work). Do you think Grafana or Prometheus maintainers are naive and open the gate to problems? Suppose you are worried about someone using it to create ClusterIssuer. In that case, I can explicitly add, in the documentation for the option, that it is not recommended because it doesn't work (which, anyway, I would like to try because I'm not so convinced in light of #4234). Why set up a more complex implementation when you can get a more straightforward solution for less? |
|
@wallrj any feedback? |
|
I have noticed that some fairly simple helm charts do provide an "extra resources" section (helm/helm#7077) where users can add your own stuff. But we use kustomize, if needed, to customize helm charts, so we rarely have need for this feature. |
|
Issues go stale after 90d of inactivity. |
jetstack-bot
added
the
lifecycle/stale
|
/remove-lifecycle stale |
jetstack-bot
removed
the
lifecycle/stale
|
This has been implemented in #6424 |
and others
Is your feature request related to a problem? Please describe.
Sometimes, accessories to the installation may be manifests to be installed (for example, a SecretProviderClass or Certificates).
Describe the solution you'd like
It would be nice to be able to do this directly via the Chart using the approach that Grafana, Prometheus or OAuth2 Proxy also uses.
Describe alternatives you've considered
I don't think there are alternatives
Additional context
No additional context
/kind feature
The text was updated successfully, but these errors were encountered: