fix(helm): namespace app-specific global values under global.seaweedfs (#8700)

* fix(helm): namespace app-specific values under global.seaweedfs Move all app-specific values from the global namespace to global.seaweedfs.* to avoid polluting the shared .Values.global namespace when the chart is used as a subchart. Standard Helm conventions (global.imageRegistry, global.imagePullSecrets) remain at the global level as they are designed to be shared across subcharts. Fixes seaweedfs/seaweedfs#8699 BREAKING CHANGE: global values have been restructured. Users must update their values files to use the new paths: - global.registry → global.imageRegistry - global.repository → global.seaweedfs.image.repository - global.imageName → global.seaweedfs.image.name - global.<key> → global.seaweedfs.<key> (for all other app-specific values) * fix(ci): update helm CI tests to use new global.seaweedfs.* value paths Update all --set flags in helm_ci.yml to use the new namespaced global.seaweedfs.* paths matching the values.yaml restructuring. * fix(ci): install Claude Code via npm to avoid install.sh 403 The claude-code-action's built-in installer uses `curl https://claude.ai/install.sh | bash` which can fail with 403. Due to the pipe, bash exits 0 on empty input, masking the curl failure and leaving the `claude` binary missing. Work around this by installing Claude Code via npm before invoking the action, and passing the executable path via path_to_claude_code_executable. * revert: remove claude-code-review.yml changes from this PR The claude-code-action OIDC token exchange validates that the workflow file matches the version on the default branch. Modifying it in a PR causes the review job to fail with "Workflow validation failed". The Claude Code install fix will need to be applied directly to master or in a separate PR. * fix: update stale references to old global.* value paths - admin-statefulset.yaml: fix fail message to reference global.seaweedfs.masterServer - values.yaml: fix comment to reference image.name instead of imageName - helm_ci.yml: fix diagnostic message to reference global.seaweedfs.enableSecurity * feat(helm): add backward-compat shim for old global.* value paths Add _compat.tpl with a seaweedfs.compat helper that detects old-style global.* keys (e.g. global.enableSecurity, global.registry) and merges them into the new global.seaweedfs.* namespace. Since the old keys no longer have defaults in values.yaml, their presence means the user explicitly provided them. The helper uses in-place mutation via `set` so all templates see the merged values. This ensures existing deployments using old value paths continue to work without changes after upgrading. * fix: update stale comment references in values.yaml Update comments referencing global.enableSecurity and global.masterServer to the new global.seaweedfs.* paths. --------- Co-authored-by: Copilot <copilot@github.com>
2026-03-19 13:00:48 -07:00
parent 55bc363228
commit 5e76f55077
37 changed files with 288 additions and 190 deletions
--- a/k8s/charts/seaweedfs/templates/admin/admin-statefulset.yaml
+++ b/k8s/charts/seaweedfs/templates/admin/admin-statefulset.yaml
@@ -1,9 +1,10 @@
+{{- include "seaweedfs.compat" . -}}
 {{- if .Values.admin.enabled }}
 {{- if gt (.Values.admin.replicas | int) 1 }}
 {{- fail "admin.replicas must be 0 or 1" -}}
 {{- end }}
-{{- if and (not .Values.admin.masters) (not .Values.global.masterServer) (not .Values.master.enabled) }}
-{{- fail "admin.masters or global.masterServer must be set if master.enabled is false" -}}
+{{- if and (not .Values.admin.masters) (not .Values.global.seaweedfs.masterServer) (not .Values.master.enabled) }}
+{{- fail "admin.masters or global.seaweedfs.masterServer must be set if master.enabled is false" -}}
 {{- end }}
 apiVersion: apps/v1
 kind: StatefulSet
@@ -50,7 +51,7 @@ spec:
      {{- toYaml . | nindent 8 }}
      {{- end }}
    spec:
-      restartPolicy: {{ default .Values.global.restartPolicy .Values.admin.restartPolicy }}
+      restartPolicy: {{ default .Values.global.seaweedfs.restartPolicy .Values.admin.restartPolicy }}
      {{- if .Values.admin.affinity }}
      affinity:
        {{ tpl .Values.admin.affinity . | nindent 8 | trim }}
@@ -82,7 +83,7 @@ spec:
      containers:
        - name: seaweedfs
          image: {{ template "admin.image" . }}
-          imagePullPolicy: {{ default "IfNotPresent" .Values.global.imagePullPolicy }}
+          imagePullPolicy: {{ default "IfNotPresent" .Values.global.seaweedfs.imagePullPolicy }}
          {{- $adminAuthEnabled := or .Values.admin.secret.existingSecret .Values.admin.secret.adminPassword }}
          {{- $urlPrefix := .Values.admin.urlPrefix }}
          {{- if and (not $urlPrefix) .Values.admin.ingress.enabled (ne .Values.admin.ingress.path "/") }}
@@ -123,7 +124,7 @@ spec:
            - name: SEAWEEDFS_FULLNAME
              value: "{{ include "seaweedfs.fullname" . }}"
            {{- $mergedExtraEnvironmentVars := dict }}
-            {{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global "component" .Values.admin "target" $mergedExtraEnvironmentVars) }}
+            {{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global.seaweedfs "component" .Values.admin "target" $mergedExtraEnvironmentVars) }}
            {{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }}
            {{- $value := index $mergedExtraEnvironmentVars $key }}
            - name: {{ $key }}
@@ -147,7 +148,7 @@ spec:
              {{- if .Values.admin.loggingOverrideLevel }}
              -v={{ .Values.admin.loggingOverrideLevel }} \
              {{- else }}
-              -v={{ .Values.global.loggingLevel }} \
+              -v={{ .Values.global.seaweedfs.loggingLevel }} \
              {{- end }}
              admin \
              -port={{ .Values.admin.port }} \
@@ -159,8 +160,8 @@ spec:
              {{- end }}
              {{- if .Values.admin.masters }}
              -masters={{ .Values.admin.masters }}{{- if or $urlPrefix .Values.admin.extraArgs }} \{{ end }}
-              {{- else if .Values.global.masterServer }}
-              -masters={{ .Values.global.masterServer }}{{- if or $urlPrefix .Values.admin.extraArgs }} \{{ end }}
+              {{- else if .Values.global.seaweedfs.masterServer }}
+              -masters={{ .Values.global.seaweedfs.masterServer }}{{- if or $urlPrefix .Values.admin.extraArgs }} \{{ end }}
              {{- else }}
              -masters={{ range $index := until (.Values.master.replicas | int) }}${SEAWEEDFS_FULLNAME}-master-{{ $index }}.${SEAWEEDFS_FULLNAME}-master.{{ $.Release.Namespace }}:{{ $.Values.master.port }}{{ if lt $index (sub ($.Values.master.replicas | int) 1) }},{{ end }}{{ end }}{{- if or $urlPrefix .Values.admin.extraArgs }} \{{ end }}
              {{- end }}
@@ -179,7 +180,7 @@ spec:
            - name: admin-logs
              mountPath: /logs
            {{- end }}
-            {{- if .Values.global.enableSecurity }}
+            {{- if .Values.global.seaweedfs.enableSecurity }}
            - name: security-config
              readOnly: true
              mountPath: /etc/seaweedfs/security.toml
@@ -274,7 +275,7 @@ spec:
          persistentVolumeClaim:
            claimName: {{ .Values.admin.logs.claimName }}
        {{- end }}
-        {{- if .Values.global.enableSecurity }}
+        {{- if .Values.global.seaweedfs.enableSecurity }}
        - name: security-config
          configMap:
            name: {{ include "seaweedfs.fullname" . }}-security-config