* new module helm_registry_auth
* Initial integration tests
* final update copyright and integration test before pr
* update link to pr in changelog fragment
* reformat plugins/module_utils/helm.py with black
to fix linters in actions
* attempt to fix unit test
unit test was missing initially
* fix https://pycqa.github.io/isort/ linter
* next attemp to fix unit-test
* remove unused and unsupported helm_args_common
* remove unused imports and fix other linters errors
* another fix for unit test
* fix issue introducied by commit ff02893a12a31f9c44b5c48f9a8bf85057295961
* add binary_path to arg_spec
* return helm_cmd in the output of check mode
remove changlog fragment
* description suggestion from reviewer/maintainer
Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
* description suggestion from reviewer/maintainer
Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
* description suggestion from reviewer/maintainer
Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
* description suggestion from reviewer/maintainer
Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
* description suggestion from reviewer/maintainer
Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
* description suggestion from reviewer/maintainer
Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
* description suggestion from reviewer/maintainer
Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
* description suggestion from reviewer/maintainer
Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
* remove changed from module return
Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
* remove redundant code
Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
* Update plugins/modules/helm_registry_auth.py
Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
* consider support of logout when user is not logged in
Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
* consider support helm < 3.0.0
* Revert "consider support helm < 3.0.0"
This reverts commit f20004d196.
* reintroduce support of helm version less than 3.8.0
reference: https://helm.sh/docs/topics/registries/#enabling-oci-support-prior-to-v380
* revert reintroducing support of helm < 3.8.0
reason: didn't find a quick way to deal with tests
* update documentation with the recent module updates
* Update plugins/modules/helm_registry_auth.py
Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
* add test of logout impendency
Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
* fix linters
* fix intendations in the integration tests
* create tests/integration/targets/helm_registry_auth/aliases
* fix integration test (typo)
* fix integration tests (test wrong cred)
* add stderr when module fail
* another attempt to fix integration test
* fix assertion in integration test to be not affceted by the #830
---------
Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
(cherry picked from commit aee847431a)
Co-authored-by: Yuriy Novostavskiy <yuriy@novostavskiy.kiev.ua>
This is a backport of PR #793 as merged into main (fca0dc0).
SUMMARY
Fixes#792 .
The function wait_for_pod_deletion in k8s_drain never checks on which node a pod is actually running:
try:
response = self._api_instance.read_namespaced_pod(
namespace=pod[0], name=pod[1]
)
if not response:
pod = None
time.sleep(wait_sleep)
This means that if a pod is successfully evicted and restarted with the same name on a new node, k8s_drain does not notice and thinks that the original pod is still running. This is the case for pods which are part of a stateful set.
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
k8s_drain
This is a backport of PR #745 as merged into main (6a04f42).
SUMMARY
If the helm CLI version includes -rc.1 for example, the version checks fails due to an incomplete regex.
The error can be triggered if you use helm v3.15.0-rc.1 for example, and apply a helm chart with wait: true
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
helm
helm_pull
ADDITIONAL INFORMATION
Reviewed-by: Mike Graves <mgraves@redhat.com>
helm - expand kubeconfig path with user's home dir
SUMMARY
Currently the helm module fails when providing the default kubeconfig path explicitly, while the same path is fine for the k8s module.
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
helm
ADDITIONAL INFORMATION
- name: Deploy kubelet-csr-approver
delegate_to: client
run_once: true
kubernetes.core.helm:
update_repo_cache: true
kubeconfig: "~/.kube/config"
state: present
name: kubelet-csr-approver
namespace: kubelet-csr-approver
create_namespace: true
chart_ref: kubelet-csr-approver/kubelet-csr-approver
chart_version: 1.0.5
values: "{{ lookup('template', 'values.yaml.j2') | from_yaml }}"
atomic: true
Before change:
TASK [kubernetes/kubelet_csr_approver : Deploy kubelet-csr-approver] ***
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: FileNotFoundError: [Errno 2] No such file or directory: '~/.kube/config'
fatal: [node-1 -> client(192.168.121.56)]: FAILED! => {"changed": false, "module_stderr": "", "module_stdout": "Traceback (most recent call last):\r\n File \"/home/vagrant/.ansible/tmp/ansible-tmp-1697293347.7135417-118207-9805169252135/AnsiballZ_helm.py\", line 107, in <module>\r\n _ansiballz_main()\r\n File \"/home/vagrant/.ansible/tmp/ansible-tmp-1697293347.7135417-118207-9805169252135/AnsiballZ_helm.py\", line 99, in _ansiballz_main\r\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\r\n File \"/home/vagrant/.ansible/tmp/ansible-tmp-1697293347.7135417-118207-9805169252135/AnsiballZ_helm.py\", line 47, in invoke_module\r\n runpy.run_module(mod_name='ansible_collections.kubernetes.core.plugins.modules.helm', init_globals=dict(_module_fqn='ansible_collections.kubernetes.core.plugins.modules.helm', _modlib_path=modlib_path),\r\n File \"/usr/lib/python3.10/runpy.py\", line 224, in run_module\r\n return _run_module_code(code, init_globals, run_name, mod_spec)\r\n File \"/usr/lib/python3.10/runpy.py\", line 96, in _run_module_code\r\n _run_code(code, mod_globals, init_globals,\r\n File \"/usr/lib/python3.10/runpy.py\", line 86, in _run_code\r\n exec(code, run_globals)\r\n File \"/tmp/ansible_kubernetes.core.helm_payload_o8s36dti/ansible_kubernetes.core.helm_payload.zip/ansible_collections/kubernetes/core/plugins/modules/helm.py\", line 924, in <module>\r\n File \"/tmp/ansible_kubernetes.core.helm_payload_o8s36dti/ansible_kubernetes.core.helm_payload.zip/ansible_collections/kubernetes/core/plugins/modules/helm.py\", line 737, in main\r\n File \"/tmp/ansible_kubernetes.core.helm_payload_o8s36dti/ansible_kubernetes.core.helm_payload.zip/ansible_collections/kubernetes/core/plugins/modules/helm.py\", line 435, in run_repo_update\r\n File \"/tmp/ansible_kubernetes.core.helm_payload_o8s36dti/ansible_kubernetes.core.helm_payload.zip/ansible_collections/kubernetes/core/plugins/module_utils/helm.py\", line 169, in run_helm_command\r\n File \"/tmp/ansible_kubernetes.core.helm_payload_o8s36dti/ansible_kubernetes.core.helm_payload.zip/ansible_collections/kubernetes/core/plugins/module_utils/helm.py\", line 162, in env_update\r\n File \"/tmp/ansible_kubernetes.core.helm_payload_o8s36dti/ansible_kubernetes.core.helm_payload.zip/ansible_collections/kubernetes/core/plugins/module_utils/helm.py\", line 120, in _prepare_helm_environment\r\nFileNotFoundError: [Errno 2] No such file or directory: '~/.kube/config'\r\n", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}
After change:
TASK [kubernetes/kubelet_csr_approver : Deploy kubelet-csr-approver] ***
changed: [node-1 -> client(192.168.121.56)]
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: Bikouo Aubin
* Cleanup gha
* test by removing matrix excludes
* Rename sanity tests
* trigger integration tests
* Fix ansible-lint workflow
* Fix concurrency
* Add ansible-lint config
* Add ansible-lint config
* Fix integration and lint issues
* integration wf
* fix yamllint issues
* fix yamllint issues
* update readme and add ignore-2.16.txt
* fix ansible-doc
* Add version
* Use /dev/random to generate random data
The GHA environment has difficultly generating entropy. Trying to read
from /dev/urandom just blocks forever. We don't care if the random data
is cryptographically secure; it's just garbage data for the test. Read
from /dev/random, instead. This is only used during the k8s_copy test
target.
This also removes the custom test module that was being used to generate
the files. It's not worth maintaining this for two task that can be
replaced with some simple command/shell tasks.
* Fix saniry errors
* test github_action fix
* Address review comments
* Remove default types
* review comments
* isort fixes
* remove tags
* Add setuptools to venv
* Test gh changes
* update changelog
* update ignore-2.16
* Fix indentation in inventory plugin example
* Update .github/workflows/integration-tests.yaml
* Update integration-tests.yaml
---------
Co-authored-by: Mike Graves <mgraves@redhat.com>
Co-authored-by: Bikouo Aubin <79859644+abikouo@users.noreply.github.com>
helm - add support for -set options when running helm install
SUMMARY
helm support setting options -set, -set-string, -set-file and -set-json when running helm install
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
helm
ADDITIONAL INFORMATION
Reviewed-by: Alina Buzachis <None>
Reviewed-by: Bikouo Aubin <None>
Reviewed-by: Mike Graves <mgraves@redhat.com>
Helm - Fix issue with alternative kubeconfig
SUMMARY
closes#538
ISSUE TYPE
Bugfix Pull Request
COMPONENT NAME
helm modules
Reviewed-by: Mike Graves <mgraves@redhat.com>
Added possibility to get all values by helm_info module
SUMMARY
Parameter get_all_values has been added, which is passed to function get_values. Default is False. Parameter is not required.
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
helm_info
ADDITIONAL INFORMATION
Unfortunately, helm_info module lacks functionality of getting all the values of a helm release, including the default ones. This restricts upgrade and config migration capabilities. Parameter get_all_values has been added. This parameter, if set, adds -a parameter to helm get values call. The parameter is not required and defaults to False, so backwards compability is complied.
Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: Bikouo Aubin <None>
Add support for:
- K8S_AUTH_HOST
- K8S_AUTH_API_KEY
- K8S_AUTH_VERIFY_SSL
- K8S_AUTH_SSL_CA_CERT
This commit also refactor the way we pass K8S related configuration to `helm`:
All the calls are now done in a new module_utils module (`helm.py`).
The handling of the `kube_*` variables has also been moved in this new
module.
We need https://github.com/helm/helm/pull/8622 to be able to ignore the
certificate validation. As a workaround, the generate a temporary
kubeconfig configuration file.
Closes: #279
