[solr-operator] branch main updated: Fix issue with namespaces in helm charts (#508)

Tue, 20 Dec 2022 08:26:45 -0800 

This is an automated email from the ASF dual-hosted git repository.

houston pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/solr-operator.git


The following commit(s) were added to refs/heads/main by this push:
     new 0031bfc  Fix issue with namespaces in helm charts (#508)
0031bfc is described below

commit 0031bfcafc985e2fff0e00b969a29407f38ed8df
Author: Houston Putman <[email protected]>
AuthorDate: Tue Dec 20 10:26:34 2022 -0600

    Fix issue with namespaces in helm charts (#508)
    
    - Some resources use the current context's namespace instead of the release 
namespace.
    - The helm chart sets RBAC for leader election in all watched namespaces. 
Only 1 namespace is necessary
---
 hack/config/copy_crds_roles_helm.sh                         |  2 +-
 helm/solr-operator/Chart.yaml                               |  5 +++++
 helm/solr-operator/templates/_helpers.tpl                   |  7 +++++++
 helm/solr-operator/templates/deployment.yaml                |  1 +
 helm/solr-operator/templates/leader_election_role.yaml      |  4 +---
 .../templates/leader_election_role_binding.yaml             |  4 +---
 helm/solr-operator/templates/role.yaml                      |  2 +-
 helm/solr-operator/templates/role_binding.yaml              |  2 +-
 helm/solr-operator/templates/service_account.yaml           |  1 +
 helm/solr/Chart.yaml                                        |  5 +++++
 helm/solr/templates/service_account.yaml                    |  1 +
 helm/solr/templates/solrcloud.yaml                          |  1 +
 main.go                                                     | 13 +++++++------
 13 files changed, 33 insertions(+), 15 deletions(-)

diff --git a/hack/config/copy_crds_roles_helm.sh 
b/hack/config/copy_crds_roles_helm.sh
index 02d26f1..702fd72 100755
--- a/hack/config/copy_crds_roles_helm.sh
+++ b/hack/config/copy_crds_roles_helm.sh
@@ -39,7 +39,7 @@ HELM_DIRECTORY="${HELM_DIRECTORY:-helm}"
 # Template the Solr Operator role as needed for Helm values
 {
   cat hack/headers/header.yaml.txt
-  printf '\n\n{{- if .Values.rbac.create }}\n{{- range $namespace := (split 
"," (include "solr-operator.watchNamespaces" $)) }}\n'
+  printf '\n\n{{- if .Values.rbac.create }}\n{{- range $namespace := 
(splitList "," (include "solr-operator.watchNamespaces" $)) }}\n'
   cat "${CONFIG_DIRECTORY}/rbac/role.yaml" \
     | awk '/^rules:$/{print "  namespace: {{ $namespace }}"}1' \
     | sed -E 's/^kind: ClusterRole$/kind: {{ include "solr-operator\.roleType" 
\$ }}/' \
diff --git a/helm/solr-operator/Chart.yaml b/helm/solr-operator/Chart.yaml
index 1da9c9c..3015339 100644
--- a/helm/solr-operator/Chart.yaml
+++ b/helm/solr-operator/Chart.yaml
@@ -79,6 +79,11 @@ annotations:
           url: https://github.com/apache/solr-operator/pull/473
         - name: PodDisruptionBudget Documentation
           url: 
https://kubernetes.io/docs/concepts/workloads/pods/disruptions/#pod-disruption-budgets
+    - kind: fixed
+      description: Fix namespace support for helm installation and leader 
election
+      links:
+        - name: GitHub PR
+          url: https://github.com/apache/solr-operator/pull/508
   artifacthub.io/images: |
     - name: solr-operator
       image: apache/solr-operator:v0.7.0-prerelease
diff --git a/helm/solr-operator/templates/_helpers.tpl 
b/helm/solr-operator/templates/_helpers.tpl
index 88fdac1..a3e6ef1 100644
--- a/helm/solr-operator/templates/_helpers.tpl
+++ b/helm/solr-operator/templates/_helpers.tpl
@@ -75,6 +75,13 @@ If .Values.watchNamespaces is empty or false, return empty.
 {{- end -}}
 {{- end -}}
 
+{{/*
+What namespace to do leader election in
+*/}}
+{{- define "solr-operator.leaderElectionNamespace" -}}
+{{- (splitList "," (include "solr-operator.watchNamespaces" $)) | first | 
default $.Release.Namespace -}}
+{{- end -}}
+
 {{/*
 Determine whether to use ClusterRoles or Roles
 */}}
diff --git a/helm/solr-operator/templates/deployment.yaml 
b/helm/solr-operator/templates/deployment.yaml
index 5df86ee..1ada40e 100644
--- a/helm/solr-operator/templates/deployment.yaml
+++ b/helm/solr-operator/templates/deployment.yaml
@@ -17,6 +17,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: {{ include "solr-operator.fullname" . }}
+  namespace: {{ .Release.Namespace }}
   labels:
     control-plane: solr-operator
 spec:
diff --git a/helm/solr-operator/templates/leader_election_role.yaml 
b/helm/solr-operator/templates/leader_election_role.yaml
index 88b2b8b..bb06546 100644
--- a/helm/solr-operator/templates/leader_election_role.yaml
+++ b/helm/solr-operator/templates/leader_election_role.yaml
@@ -14,14 +14,13 @@
 # limitations under the License.
 
 {{- if .Values.leaderElection.enable }}
-{{- range $namespace := (split "," (include "solr-operator.watchNamespaces" 
$)) }}
 ---
 # permissions to do leader election.
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
   name: {{ include "solr-operator.fullname" $ }}-leader-election-role
-  namespace: {{ $namespace }}
+  namespace: {{ include "solr-operator.leaderElectionNamespace" $ }}
 rules:
 - apiGroups:
   - ""
@@ -56,4 +55,3 @@ rules:
   - patch
 
 {{- end }}
-{{- end }}
diff --git a/helm/solr-operator/templates/leader_election_role_binding.yaml 
b/helm/solr-operator/templates/leader_election_role_binding.yaml
index 59c507e..0c78136 100644
--- a/helm/solr-operator/templates/leader_election_role_binding.yaml
+++ b/helm/solr-operator/templates/leader_election_role_binding.yaml
@@ -14,13 +14,12 @@
 # limitations under the License.
 
 {{- if .Values.leaderElection.enable }}
-{{- range $namespace := (split "," (include "solr-operator.watchNamespaces" 
$)) }}
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
   name: {{ include "solr-operator.fullname" $ }}-leader-election-rolebinding
-  namespace: {{ $namespace }}
+  namespace: {{ include "solr-operator.leaderElectionNamespace" $ }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
@@ -31,4 +30,3 @@ subjects:
     namespace: {{ $.Release.Namespace }}
 
 {{- end }}
-{{- end }}
diff --git a/helm/solr-operator/templates/role.yaml 
b/helm/solr-operator/templates/role.yaml
index 2f122e0..4b0d25e 100644
--- a/helm/solr-operator/templates/role.yaml
+++ b/helm/solr-operator/templates/role.yaml
@@ -14,7 +14,7 @@
 # limitations under the License.
 
 {{- if .Values.rbac.create }}
-{{- range $namespace := (split "," (include "solr-operator.watchNamespaces" 
$)) }}
+{{- range $namespace := (splitList "," (include 
"solr-operator.watchNamespaces" $)) }}
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: {{ include "solr-operator.roleType" $ }}
diff --git a/helm/solr-operator/templates/role_binding.yaml 
b/helm/solr-operator/templates/role_binding.yaml
index 3d1bc26..b4bc750 100644
--- a/helm/solr-operator/templates/role_binding.yaml
+++ b/helm/solr-operator/templates/role_binding.yaml
@@ -14,7 +14,7 @@
 # limitations under the License.
 
 {{- if .Values.rbac.create }}
-{{- range $namespace := (split "," (include "solr-operator.watchNamespaces" 
$)) }}
+{{- range $namespace := (splitList "," (include 
"solr-operator.watchNamespaces" $)) }}
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: {{ include "solr-operator.roleType" $ }}Binding
diff --git a/helm/solr-operator/templates/service_account.yaml 
b/helm/solr-operator/templates/service_account.yaml
index 65aefc8..a276836 100644
--- a/helm/solr-operator/templates/service_account.yaml
+++ b/helm/solr-operator/templates/service_account.yaml
@@ -24,4 +24,5 @@ metadata:
     {{- end }}
   {{- end }}
   name: {{ include "solr-operator.serviceAccountName" . }}
+  namespace: {{ .Release.Namespace }}
 {{- end }}
diff --git a/helm/solr/Chart.yaml b/helm/solr/Chart.yaml
index 6b89239..53c303a 100644
--- a/helm/solr/Chart.yaml
+++ b/helm/solr/Chart.yaml
@@ -49,6 +49,11 @@ annotations:
       links:
         - name: GitHub PR
           url: https://github.com/apache/solr-operator/pull/480
+    - kind: fixed
+      description: Fix namespace support for helm installation
+      links:
+        - name: GitHub PR
+          url: https://github.com/apache/solr-operator/pull/508
   artifacthub.io/containsSecurityUpdates: "false"
   artifacthub.io/recommendations: |
     - url: https://artifacthub.io/packages/helm/apache-solr/solr-operator
diff --git a/helm/solr/templates/service_account.yaml 
b/helm/solr/templates/service_account.yaml
index b3ea841..899cc06 100644
--- a/helm/solr/templates/service_account.yaml
+++ b/helm/solr/templates/service_account.yaml
@@ -24,4 +24,5 @@ metadata:
     {{- end }}
   {{- end }}
   name: {{ include "solr.serviceAccountName.global" . }}
+  namespace: {{ .Release.Namespace }}
 {{- end }}
diff --git a/helm/solr/templates/solrcloud.yaml 
b/helm/solr/templates/solrcloud.yaml
index 9ad4aee..50f6588 100644
--- a/helm/solr/templates/solrcloud.yaml
+++ b/helm/solr/templates/solrcloud.yaml
@@ -17,6 +17,7 @@ apiVersion: solr.apache.org/v1beta1
 kind: SolrCloud
 metadata:
   name: {{ include "solr.fullname-no-suffix" . }}
+  namespace: {{ .Release.Namespace }}
   labels:
     {{- include "solr.labels" . | nindent 4 }}
 spec:
diff --git a/main.go b/main.go
index 0c2c12a..574a764 100644
--- a/main.go
+++ b/main.go
@@ -137,12 +137,13 @@ func main() {
        setupLog.Info(fmt.Sprintf("Go OS/Arch: %s / %s", runtime.GOOS, 
runtime.GOARCH))
 
        operatorOptions := ctrl.Options{
-               Scheme:                 scheme,
-               MetricsBindAddress:     metricsAddr,
-               Port:                   9443,
-               HealthProbeBindAddress: probeAddr,
-               LeaderElection:         enableLeaderElection,
-               LeaderElectionID:       "88488bdc.solr.apache.org",
+               Scheme:                  scheme,
+               MetricsBindAddress:      metricsAddr,
+               Port:                    9443,
+               HealthProbeBindAddress:  probeAddr,
+               LeaderElection:          enableLeaderElection,
+               LeaderElectionNamespace: namespace,
+               LeaderElectionID:        "88488bdc.solr.apache.org",
        }
 
        /*

Reply via email to