From d3e01a3cdb0dcafa35dc2c08785f1a4fc3e5cf5f Mon Sep 17 00:00:00 2001 From: Niall Thomson Date: Sun, 1 May 2022 09:57:39 -0600 Subject: [PATCH] Added mechanism to regularly check for helm chart updates --- .github/workflows/helm-update.yaml | 39 +++++++++++ .gitignore | 4 +- helm/charts.yaml | 11 ++++ helm/check_helm_charts.py | 64 +++++++++++++++++++ helm/requirements.txt | 7 ++ terraform/modules/cluster/addons.tf | 2 +- .../modules/cluster/helm_versions.tf.json | 9 ++- 7 files changed, 132 insertions(+), 4 deletions(-) create mode 100644 .github/workflows/helm-update.yaml create mode 100644 helm/charts.yaml create mode 100644 helm/check_helm_charts.py create mode 100644 helm/requirements.txt diff --git a/.github/workflows/helm-update.yaml b/.github/workflows/helm-update.yaml new file mode 100644 index 0000000000..6858b9c764 --- /dev/null +++ b/.github/workflows/helm-update.yaml @@ -0,0 +1,39 @@ +name: Helm Chart Update + +on: + workflow_dispatch: + +permissions: + pull-requests: write + contents: write + +jobs: + check: + name: check + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@v2 + - name: Set up Python 3.8 + uses: actions/setup-python@v2 + with: + python-version: 3.8 + - name: Run check + working-directory: helm + run: | + python -m pip install --upgrade pip + pip install -r requirements.txt + python check_helm_charts.py + + cat ../terraform/modules/cluster/helm_versions.tf.json + - name: Create Pull Request + uses: peter-evans/create-pull-request@v4 + with: + token: ${{ secrets.GITHUB_TOKEN }} + commit-message: Update helm charts + title: 'chore: Update helm charts' + body: | + Auto-generated pull request to update Helm charts in `helm/charts.yaml` + branch: update-helm-charts + labels: | + dependencies \ No newline at end of file diff --git a/.gitignore b/.gitignore index 1229930875..cbfb87effe 100644 --- a/.gitignore +++ b/.gitignore @@ -4,4 +4,6 @@ vendor builds public -resources \ No newline at end of file +resources + +env \ No newline at end of file diff --git a/helm/charts.yaml b/helm/charts.yaml new file mode 100644 index 0000000000..ca9ef93faa --- /dev/null +++ b/helm/charts.yaml @@ -0,0 +1,11 @@ +charts: +- name: aws-load-balancer-controller + repository: https://aws.github.io/eks-charts + chart: aws-load-balancer-controller + constraint: '>=1.4.0 <1.5.0' +- name: karpenter + repository: https://charts.karpenter.sh + chart: karpenter +- name: aws-efs-csi-driver + repository: https://kubernetes-sigs.github.io/aws-efs-csi-driver + chart: aws-efs-csi-driver \ No newline at end of file diff --git a/helm/check_helm_charts.py b/helm/check_helm_charts.py new file mode 100644 index 0000000000..2d28ffd588 --- /dev/null +++ b/helm/check_helm_charts.py @@ -0,0 +1,64 @@ +import yaml +import requests +import semantic_version +import json + +def load_chart_requirements(): + stream = open("charts.yaml", "r") + + charts = yaml.safe_load(stream) + + stream.close() + + return charts + +def load_terraform_variables(): + f = open('../terraform/modules/cluster/helm_versions.tf.json') + + data = json.load(f) + + f.close() + + return data + +def save_terraform_variables(vars): + with open('../terraform/modules/cluster/helm_versions.tf.json', 'w') as outfile: + outfile.write('') + json.dump(vars, outfile, indent=2, sort_keys=True) + +charts = load_chart_requirements() +vars = { + '//': "This file is auto-generated, do not modify manually", + 'variable': { + 'helm_chart_versions': { + 'default': {} + } + } +} + +for chart in charts['charts']: + url = '{}/index.yaml'.format(chart['repository']) + resp = requests.get(url=url) + data = yaml.safe_load(resp.content) + + entry = data['entries'][chart['chart']] + + selected_version = '' + + for version in entry: + if 'constraint' in chart: + if semantic_version.Version(version['version']) in semantic_version.NpmSpec(chart['constraint']): + selected_version = version['version'] + break + else: + selected_version = version['version'] + break + + if selected_version == '': + print('Valid version not found') + else: + print("Selected version {}:{}".format(chart['name'], version['version'])) + + vars['variable']['helm_chart_versions']['default'][chart['name']] = selected_version + +save_terraform_variables(vars) \ No newline at end of file diff --git a/helm/requirements.txt b/helm/requirements.txt new file mode 100644 index 0000000000..8fbbb921c3 --- /dev/null +++ b/helm/requirements.txt @@ -0,0 +1,7 @@ +certifi==2021.10.8 +charset-normalizer==2.0.12 +idna==3.3 +PyYAML==6.0 +requests==2.27.1 +semantic-version==2.9.0 +urllib3==1.26.9 diff --git a/terraform/modules/cluster/addons.tf b/terraform/modules/cluster/addons.tf index 61378b46d7..516ce810d7 100644 --- a/terraform/modules/cluster/addons.tf +++ b/terraform/modules/cluster/addons.tf @@ -5,6 +5,6 @@ module "eks-blueprints-kubernetes-addons" { enable_aws_load_balancer_controller = true aws_load_balancer_controller_helm_config = { - version = var.aws_load_balancer_controller_version + version = var.helm_chart_versions["aws-load-balancer-controller"] } } \ No newline at end of file diff --git a/terraform/modules/cluster/helm_versions.tf.json b/terraform/modules/cluster/helm_versions.tf.json index 85595ce737..bbb19a8e43 100644 --- a/terraform/modules/cluster/helm_versions.tf.json +++ b/terraform/modules/cluster/helm_versions.tf.json @@ -1,7 +1,12 @@ { + "//": "This file is auto-generated, do not modify manually", "variable": { - "aws_load_balancer_controller_version": { - "default": "1.4.1" + "helm_chart_versions": { + "default": { + "aws-efs-csi-driver": "2.2.6", + "aws-load-balancer-controller": "1.4.1", + "karpenter": "0.9.0" + } } } } \ No newline at end of file