fix(helm): namespace app-specific global values under global.seaweedfs (#8700)
* fix(helm): namespace app-specific values under global.seaweedfs Move all app-specific values from the global namespace to global.seaweedfs.* to avoid polluting the shared .Values.global namespace when the chart is used as a subchart. Standard Helm conventions (global.imageRegistry, global.imagePullSecrets) remain at the global level as they are designed to be shared across subcharts. Fixes seaweedfs/seaweedfs#8699 BREAKING CHANGE: global values have been restructured. Users must update their values files to use the new paths: - global.registry → global.imageRegistry - global.repository → global.seaweedfs.image.repository - global.imageName → global.seaweedfs.image.name - global.<key> → global.seaweedfs.<key> (for all other app-specific values) * fix(ci): update helm CI tests to use new global.seaweedfs.* value paths Update all --set flags in helm_ci.yml to use the new namespaced global.seaweedfs.* paths matching the values.yaml restructuring. * fix(ci): install Claude Code via npm to avoid install.sh 403 The claude-code-action's built-in installer uses `curl https://claude.ai/install.sh | bash` which can fail with 403. Due to the pipe, bash exits 0 on empty input, masking the curl failure and leaving the `claude` binary missing. Work around this by installing Claude Code via npm before invoking the action, and passing the executable path via path_to_claude_code_executable. * revert: remove claude-code-review.yml changes from this PR The claude-code-action OIDC token exchange validates that the workflow file matches the version on the default branch. Modifying it in a PR causes the review job to fail with "Workflow validation failed". The Claude Code install fix will need to be applied directly to master or in a separate PR. * fix: update stale references to old global.* value paths - admin-statefulset.yaml: fix fail message to reference global.seaweedfs.masterServer - values.yaml: fix comment to reference image.name instead of imageName - helm_ci.yml: fix diagnostic message to reference global.seaweedfs.enableSecurity * feat(helm): add backward-compat shim for old global.* value paths Add _compat.tpl with a seaweedfs.compat helper that detects old-style global.* keys (e.g. global.enableSecurity, global.registry) and merges them into the new global.seaweedfs.* namespace. Since the old keys no longer have defaults in values.yaml, their presence means the user explicitly provided them. The helper uses in-place mutation via `set` so all templates see the merged values. This ensures existing deployments using old value paths continue to work without changes after upgrading. * fix: update stale comment references in values.yaml Update comments referencing global.enableSecurity and global.masterServer to the new global.seaweedfs.* paths. --------- Co-authored-by: Copilot <copilot@github.com>
This commit is contained in:
Chris Lu
@@ -1,3 +1,4 @@
|
||||
{{- include "seaweedfs.compat" . -}}
|
||||
{{- if .Values.cosi.enabled }}
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
@@ -38,7 +39,7 @@ spec:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
restartPolicy: {{ default .Values.global.restartPolicy .Values.cosi.restartPolicy }}
|
||||
restartPolicy: {{ default .Values.global.seaweedfs.restartPolicy .Values.cosi.restartPolicy }}
|
||||
{{- if .Values.cosi.affinity }}
|
||||
affinity:
|
||||
{{ tpl .Values.cosi.affinity . | nindent 8 | trim }}
|
||||
@@ -68,7 +69,7 @@ spec:
|
||||
containers:
|
||||
- name: seaweedfs-cosi-driver
|
||||
image: "{{ .Values.cosi.image }}"
|
||||
imagePullPolicy: {{ default "IfNotPresent" .Values.global.imagePullPolicy }}
|
||||
imagePullPolicy: {{ default "IfNotPresent" .Values.global.seaweedfs.imagePullPolicy }}
|
||||
env:
|
||||
- name: DRIVERNAME
|
||||
value: "{{ .Values.cosi.driverName }}"
|
||||
@@ -88,7 +89,7 @@ spec:
|
||||
{{- end }}
|
||||
- name: SEAWEEDFS_FILER
|
||||
value: "{{ include "seaweedfs.componentName" (list . "filer") }}:{{ .Values.filer.grpcPort }}"
|
||||
{{- if .Values.global.enableSecurity }}
|
||||
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||
- name: WEED_GRPC_CLIENT_KEY
|
||||
value: /usr/local/share/ca-certificates/client/tls.key
|
||||
- name: WEED_GRPC_CLIENT_CERT
|
||||
@@ -97,7 +98,7 @@ spec:
|
||||
value: /usr/local/share/ca-certificates/client/ca.crt
|
||||
{{- end }}
|
||||
{{- $mergedExtraEnvironmentVars := dict }}
|
||||
{{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global "component" .Values.cosi "target" $mergedExtraEnvironmentVars) }}
|
||||
{{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global.seaweedfs "component" .Values.cosi "target" $mergedExtraEnvironmentVars) }}
|
||||
{{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }}
|
||||
{{- $value := index $mergedExtraEnvironmentVars $key }}
|
||||
- name: {{ $key }}
|
||||
@@ -116,7 +117,7 @@ spec:
|
||||
name: config-users
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- if .Values.global.enableSecurity }}
|
||||
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||
- name: security-config
|
||||
readOnly: true
|
||||
mountPath: /etc/seaweedfs/security.toml
|
||||
@@ -144,7 +145,7 @@ spec:
|
||||
{{- end }}
|
||||
- name: seaweedfs-cosi-sidecar
|
||||
image: "{{ .Values.cosi.sidecar.image }}"
|
||||
imagePullPolicy: {{ default "IfNotPresent" .Values.global.imagePullPolicy }}
|
||||
imagePullPolicy: {{ default "IfNotPresent" .Values.global.seaweedfs.imagePullPolicy }}
|
||||
args:
|
||||
- {{ printf "--v=%s" (default "5" .Values.cosi.sidecar.logLevel) }}
|
||||
env:
|
||||
@@ -178,7 +179,7 @@ spec:
|
||||
secretName: {{ include "seaweedfs.fullname" . }}-s3-secret
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.global.enableSecurity }}
|
||||
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||
- name: security-config
|
||||
configMap:
|
||||
name: {{ include "seaweedfs.fullname" . }}-security-config
|
||||
|
||||
Reference in New Issue
Block a user