-
Notifications
You must be signed in to change notification settings - Fork 62
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Idempotent Helm chart install action? #103
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I wonder what stance is on idempotency of the CouchDB Helm chart install action? It seems to be a debated issue in the Helm world, but one which the CouchDB Helm Chart needs to relate to.
From what I can tell, most people treat Helm actions as something which doesn't belong in a CI/CD, for the reason that they cannot interpret if the given chart provides idempotency. Helm as such makes no promises and to my knowledge there's no best practice for Helm chart developers.
Below is presumably (?) the general way to make a helm 'install' action idempotent:
rather than
What is the problem?
With the CouchDB helm chart and with the desire to have the Secret automatically created on first-time install, this will not work. What happens is that the Secret will be updated with new values for every invocation. This will of course create havoc.
I don't know what the best solution is. CI/CD developers would want to put the helm action into their pipeline and as such they are looking for (expecting?) idempotency. At the very least, the CouchDB helm chart can document where it stands on this.
Ideas for improvements on CouchDB helm chart
In terms of making sure the chart action is idempotent, I believe the only potential culprit is the Secret. The other Kubernetes objects are okay to be re-applied (by design). Some ideas on the Secret: Look into the use of immutable Secrets introduced in Kubernetes 1.21 or maybe have a chart option
createSecretIfNotExists
. Or something.Workaround
A workaround at the moment would be to do:
The text was updated successfully, but these errors were encountered: