hubble: Remove --base-version flag

Instead of using --base-version flag, automatically detect Cilium version from cilium-cli-helm-values secret. Signed-off-by: Michi Mutsuzaki <[email protected]>
qmonnet · Jun 8, 2022 · 0eb0600 · 0eb0600
1 parent 22e5ec9
commit 0eb0600
Show file tree

Hide file tree

Showing 6 changed files with 79 additions and 119 deletions.
diff --git a/hubble/hubble.go b/hubble/hubble.go
@@ -60,18 +60,17 @@ type k8sHubbleImplementation interface {
 	GetDaemonSet(ctx context.Context, namespace, name string, opts metav1.GetOptions) (*appsv1.DaemonSet, error)
 	CiliumStatus(ctx context.Context, namespace, pod string) (*models.StatusResponse, error)
 	ListCiliumEndpoints(ctx context.Context, namespace string, opts metav1.ListOptions) (*ciliumv2.CiliumEndpointList, error)
-	GetRunningCiliumVersion(ctx context.Context, namespace string) (string, error)
 	GetServerVersion() (*semver.Version, error)
+	GetHelmState(ctx context.Context, namespace string, secretName string) (*helm.State, error)
 }
 
 type K8sHubble struct {
-	client              k8sHubbleImplementation
-	params              Parameters
-	certManager         *certs.CertManager
-	ciliumVersion       string
-	manifests           map[string]string
-	semVerCiliumVersion semver.Version
-	helmYAMLValues      string
+	client         k8sHubbleImplementation
+	params         Parameters
+	certManager    *certs.CertManager
+	manifests      map[string]string
+	helmYAMLValues string
+	helmState      *helm.State
 }
 
 var (
@@ -106,10 +105,6 @@ type Parameters struct {
 	Wait             bool
 	WaitDuration     time.Duration
 
-	// BaseVersion is used to explicitly specify Cilium version for generating the config map
-	// in case it cannot be inferred from the Version field (e.g. commit SHA tags for CI images).
-	BaseVersion string
-
 	// K8sVersion is the Kubernetes version that will be used to generate the
 	// kubernetes manifests. If the auto-detection fails, this flag can be used
 	// as a workaround.
@@ -152,14 +147,18 @@ func (p *Parameters) validateParams() error {
 	return nil
 }
 
-func NewK8sHubble(client k8sHubbleImplementation, p Parameters) *K8sHubble {
+func NewK8sHubble(ctx context.Context, client k8sHubbleImplementation, p Parameters) (*K8sHubble, error) {
 	cm := certs.NewCertManager(client, certs.Parameters{Namespace: p.Namespace})
-
+	helmState, err := client.GetHelmState(ctx, p.Namespace, p.HelmValuesSecretName)
+	if err != nil {
+		return nil, err
+	}
 	return &K8sHubble{
 		client:      client,
 		params:      p,
 		certManager: cm,
-	}
+		helmState:   helmState,
+	}, nil
 }
 
 func (k *K8sHubble) Log(format string, a ...interface{}) {
@@ -182,7 +181,7 @@ func (k *K8sHubble) generatePeerService() *corev1.Service {
 	var (
 		svcFilename string
 	)
-	ciliumVer := k.semVerCiliumVersion
+	ciliumVer := k.helmState.Version
 	switch {
 	case versioncheck.MustCompile(">=1.11.0")(ciliumVer):
 		svcFilename = "templates/hubble/peer-service.yaml"
@@ -250,31 +249,16 @@ func (k *K8sHubble) disableHubble(ctx context.Context) error {
 }
 
 func (k *K8sHubble) Disable(ctx context.Context) error {
-
-	// Ignore the GetRunningCiliumVersion error since it doesn't work for
-	// unreleased versions, and we will fall back to the --base-version
-	k.ciliumVersion, _ = k.client.GetRunningCiliumVersion(ctx, k.params.Namespace)
-	k.semVerCiliumVersion = k.getCiliumVersion()
-
-	helmSecret, err := k.client.GetSecret(ctx, k.params.Namespace, k.params.HelmValuesSecretName, metav1.GetOptions{})
-	if err != nil {
-		return fmt.Errorf("unable to retrieve helm values secret %s/%s: %w", k.params.Namespace, k.params.HelmValuesSecretName, err)
-	}
-	yamlSecret, ok := helmSecret.Data[defaults.HelmValuesSecretKeyName]
-	if !ok {
-		return fmt.Errorf("unable to retrieve helm values from secret %s/%s: %w", k.params.Namespace, k.params.HelmValuesSecretName, err)
-	}
-
-	vals, err := chartutil.ReadValues(yamlSecret)
+	helmState, err := k.client.GetHelmState(ctx, k.params.Namespace, k.params.HelmValuesSecretName)
 	if err != nil {
-		return fmt.Errorf("unable to parse helm values from secret %s/%s: %w", k.params.Namespace, k.params.HelmValuesSecretName, err)
+		return err
 	}
 
 	// Generate the manifests has if hubble was being enabled so that we can
 	// retrieve all UI and Relay's resource names.
 	k.params.UI = true
 	k.params.Relay = true
-	err = k.generateManifestsEnable(ctx, false, vals)
+	err = k.generateManifestsEnable(ctx, false, helmState.Values)
 	if err != nil {
 		return err
 	}
@@ -294,7 +278,7 @@ func (k *K8sHubble) Disable(ctx context.Context) error {
 
 	// Now that we have delete all UI and Relay's resource names then we can
 	// generate the manifests with UI and Relay disabled.
-	err = k.generateManifestsDisable(ctx, vals)
+	err = k.generateManifestsDisable(ctx, helmState.Values)
 	if err != nil {
 		return err
 	}
@@ -305,8 +289,8 @@ func (k *K8sHubble) Disable(ctx context.Context) error {
 
 	k.Log("ℹ️  Storing helm values file in %s/%s Secret", k.params.Namespace, k.params.HelmValuesSecretName)
 
-	helmSecret.Data[defaults.HelmValuesSecretKeyName] = []byte(k.helmYAMLValues)
-	if _, err := k.client.UpdateSecret(ctx, k.params.Namespace, helmSecret, metav1.UpdateOptions{}); err != nil {
+	helmState.Secret.Data[defaults.HelmValuesSecretKeyName] = []byte(k.helmYAMLValues)
+	if _, err := k.client.UpdateSecret(ctx, k.params.Namespace, helmState.Secret, metav1.UpdateOptions{}); err != nil {
 		k.Log("❌ Unable to store helm values file %s/%s Secret", k.params.Namespace, k.params.HelmValuesSecretName)
 		return err
 	}
@@ -321,7 +305,7 @@ func (k *K8sHubble) generateConfigMap() (*corev1.ConfigMap, error) {
 		cmFilename string
 	)
 
-	ciliumVer := k.semVerCiliumVersion
+	ciliumVer := k.helmState.Version
 	switch {
 	case versioncheck.MustCompile(">=1.9.0")(ciliumVer):
 		cmFilename = "templates/cilium-configmap.yaml"
@@ -363,17 +347,8 @@ func (k *K8sHubble) updateConfigMap(ctx context.Context) error {
 	return nil
 }
 
-func (k *K8sHubble) getCiliumVersion() semver.Version {
-	v, err := utils.ParseCiliumVersion(k.ciliumVersion, k.params.BaseVersion)
-	if err != nil {
-		v = versioncheck.MustVersion(defaults.Version)
-		k.Log("Unable to parse the provided version %q, assuming %v for ConfigMap compatibility", k.ciliumVersion, defaults.Version)
-	}
-	return v
-}
-
 func (k *K8sHubble) generateManifestsEnable(ctx context.Context, printHelmTemplate bool, helmValues chartutil.Values) error {
-	ciliumVer := k.semVerCiliumVersion
+	ciliumVer := k.helmState.Version
 
 	helmMapOpts := map[string]string{}
 
@@ -429,7 +404,7 @@ func (k *K8sHubble) generateManifestsEnable(ctx context.Context, printHelmTempla
 }
 
 func (k *K8sHubble) generateManifestsDisable(ctx context.Context, helmValues chartutil.Values) error {
-	ciliumVer := k.semVerCiliumVersion
+	ciliumVer := k.helmState.Version
 
 	helmMapOpts := map[string]string{}
 
@@ -490,11 +465,6 @@ func (k *K8sHubble) Enable(ctx context.Context) error {
 		return err
 	}
 
-	// Ignore the GetRunningCiliumVersion error since it doesn't work for
-	// unreleased versions, and we will fall back to the --base-version
-	k.ciliumVersion, _ = k.client.GetRunningCiliumVersion(ctx, k.params.Namespace)
-	k.semVerCiliumVersion = k.getCiliumVersion()
-
 	caSecret, created, err := k.certManager.GetOrCreateCASecret(ctx, defaults.CASecretName, k.params.CreateCA)
 	if err != nil {
 		k.Log("❌ Unable to get or create the Cilium CA Secret: %s", err)
@@ -514,21 +484,12 @@ func (k *K8sHubble) Enable(ctx context.Context) error {
 		}
 	}
 
-	helmSecret, err := k.client.GetSecret(ctx, k.params.Namespace, k.params.HelmValuesSecretName, metav1.GetOptions{})
+	helmState, err := k.client.GetHelmState(ctx, k.params.Namespace, k.params.HelmValuesSecretName)
 	if err != nil {
-		return fmt.Errorf("unable to retrieve helm values secret %s/%s: %w", k.params.Namespace, k.params.HelmValuesSecretName, err)
-	}
-	yamlSecret, ok := helmSecret.Data[defaults.HelmValuesSecretKeyName]
-	if !ok {
-		return fmt.Errorf("unable to retrieve helm values from secret %s/%s: %w", k.params.Namespace, k.params.HelmValuesSecretName, err)
-	}
-
-	vals, err := chartutil.ReadValues(yamlSecret)
-	if err != nil {
-		return fmt.Errorf("unable to parse helm values from secret %s/%s: %w", k.params.Namespace, k.params.HelmValuesSecretName, err)
+		return err
 	}
 
-	err = k.generateManifestsEnable(ctx, true, vals)
+	err = k.generateManifestsEnable(ctx, true, helmState.Values)
 	if err != nil {
 		return err
 	}
@@ -606,8 +567,8 @@ func (k *K8sHubble) Enable(ctx context.Context) error {
 
 	k.Log("ℹ️  Storing helm values file in %s/%s Secret", k.params.Namespace, k.params.HelmValuesSecretName)
 
-	helmSecret.Data[defaults.HelmValuesSecretKeyName] = []byte(k.helmYAMLValues)
-	if _, err := k.client.UpdateSecret(ctx, k.params.Namespace, helmSecret, metav1.UpdateOptions{}); err != nil {
+	helmState.Secret.Data[defaults.HelmValuesSecretKeyName] = []byte(k.helmYAMLValues)
+	if _, err := k.client.UpdateSecret(ctx, k.params.Namespace, helmState.Secret, metav1.UpdateOptions{}); err != nil {
 		k.Log("❌ Unable to store helm values file %s/%s Secret", k.params.Namespace, k.params.HelmValuesSecretName)
 		return err
 	}
@@ -622,7 +583,7 @@ func (k *K8sHubble) NewServiceAccount(name string) *corev1.ServiceAccount {
 		saFileName string
 	)
 
-	ciliumVer := k.semVerCiliumVersion
+	ciliumVer := k.helmState.Version
 	switch {
 	case versioncheck.MustCompile(">1.10.99")(ciliumVer):
 		switch name {
@@ -652,7 +613,7 @@ func (k *K8sHubble) NewClusterRole(name string) *rbacv1.ClusterRole {
 		crFileName string
 	)
 
-	ciliumVer := k.semVerCiliumVersion
+	ciliumVer := k.helmState.Version
 	switch {
 	case versioncheck.MustCompile(">1.10.99")(ciliumVer):
 		switch name {
@@ -682,7 +643,7 @@ func (k *K8sHubble) NewClusterRoleBinding(crbName string) *rbacv1.ClusterRoleBin
 		crbFileName string
 	)
 
-	ciliumVer := k.semVerCiliumVersion
+	ciliumVer := k.helmState.Version
 	switch {
 	case versioncheck.MustCompile(">1.10.99")(ciliumVer):
 		switch crbName {

diff --git a/hubble/relay.go b/hubble/relay.go
@@ -11,7 +11,6 @@ import (
 	"github.com/cilium/cilium-cli/internal/utils"
 
 	"github.com/cilium/cilium/pkg/versioncheck"
-	"helm.sh/helm/v3/pkg/chartutil"
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -22,7 +21,7 @@ func (k *K8sHubble) generateRelayService() (*corev1.Service, error) {
 		svcFilename string
 	)
 
-	ciliumVer := k.semVerCiliumVersion
+	ciliumVer := k.helmState.Version
 	switch {
 	case versioncheck.MustCompile(">1.10.99")(ciliumVer):
 		svcFilename = "templates/hubble-relay/service.yaml"
@@ -44,7 +43,7 @@ func (k *K8sHubble) generateRelayDeployment() (*appsv1.Deployment, error) {
 		deployFilename string
 	)
 
-	ciliumVer := k.semVerCiliumVersion
+	ciliumVer := k.helmState.Version
 	switch {
 	case versioncheck.MustCompile(">1.10.99")(ciliumVer):
 		deployFilename = "templates/hubble-relay/deployment.yaml"
@@ -66,7 +65,7 @@ func (k *K8sHubble) generateRelayConfigMap() (*corev1.ConfigMap, error) {
 		cmFilename string
 	)
 
-	ciliumVer := k.semVerCiliumVersion
+	ciliumVer := k.helmState.Version
 	switch {
 	case versioncheck.MustCompile(">1.10.99")(ciliumVer):
 		cmFilename = "templates/hubble-relay/configmap.yaml"
@@ -226,7 +225,7 @@ func (k *K8sHubble) generateRelayCertificate(name string) (corev1.Secret, error)
 		relaySecretFilename string
 	)
 
-	ciliumVer := k.semVerCiliumVersion
+	ciliumVer := k.helmState.Version
 
 	switch {
 	case versioncheck.MustCompile(">1.10.99")(ciliumVer):
@@ -253,30 +252,16 @@ func (k *K8sHubble) generateRelayCertificate(name string) (corev1.Secret, error)
 }
 
 func (k *K8sHubble) PortForwardCommand(ctx context.Context) error {
-	// Ignore the GetRunningCiliumVersion error since it doesn't work for
-	// unreleased versions, and we will fall back to the --base-version
-	k.ciliumVersion, _ = k.client.GetRunningCiliumVersion(ctx, k.params.Namespace)
-	k.semVerCiliumVersion = k.getCiliumVersion()
-
-	helmSecret, err := k.client.GetSecret(ctx, k.params.Namespace, k.params.HelmValuesSecretName, metav1.GetOptions{})
-	if err != nil {
-		return fmt.Errorf("unable to retrieve helm values secret %s/%s: %w", k.params.Namespace, k.params.HelmValuesSecretName, err)
-	}
-	yamlSecret, ok := helmSecret.Data[defaults.HelmValuesSecretKeyName]
-	if !ok {
-		return fmt.Errorf("unable to retrieve helm values from secret %s/%s: %w", k.params.Namespace, k.params.HelmValuesSecretName, err)
-	}
-
-	vals, err := chartutil.ReadValues(yamlSecret)
+	helmState, err := k.client.GetHelmState(ctx, k.params.Namespace, k.params.HelmValuesSecretName)
 	if err != nil {
-		return fmt.Errorf("unable to parse helm values from secret %s/%s: %w", k.params.Namespace, k.params.HelmValuesSecretName, err)
+		return err
 	}
 
 	// Generate the manifests has if hubble was being enabled so that we can
 	// retrieve all UI and Relay's resource names.
 	k.params.UI = true
 	k.params.Relay = true
-	err = k.generateManifestsEnable(ctx, false, vals)
+	err = k.generateManifestsEnable(ctx, false, helmState.Values)
 	if err != nil {
 		return err
 	}

diff --git a/hubble/relay_test.go b/hubble/relay_test.go
@@ -34,19 +34,18 @@ func TestK8sHubbleRelayImage(t *testing.T) {
 	for i, tt := range tests {
 		t.Run(strconv.Itoa(i), func(t *testing.T) {
 			k := &K8sHubble{
-				ciliumVersion: tt.ciliumVersion,
 				params: Parameters{
 					RelayImage:   tt.relayImage,
 					RelayVersion: tt.relayVersion,
 				},
 			}
-			if got := k.relayImage(tt.imagePathMode); got != tt.want {
+			if got := k.relayImage(tt.imagePathMode, tt.ciliumVersion); got != tt.want {
 				t.Errorf("k.relayImage(%d) == %q, want %q", tt.imagePathMode, got, tt.want)
 			}
 		})
 	}
 }
 
-func (k *K8sHubble) relayImage(imagePathMode utils.ImagePathMode) string {
-	return utils.BuildImagePath(k.params.RelayImage, k.params.RelayVersion, defaults.RelayImage, k.ciliumVersion, imagePathMode)
+func (k *K8sHubble) relayImage(imagePathMode utils.ImagePathMode, ciliumVersion string) string {
+	return utils.BuildImagePath(k.params.RelayImage, k.params.RelayVersion, defaults.RelayImage, ciliumVersion, imagePathMode)
 }
diff --git a/hubble/ui.go b/hubble/ui.go
@@ -24,7 +24,7 @@ func (k *K8sHubble) generateHubbleUIService() (*corev1.Service, error) {
 		svcFilename string
 	)
 
-	ciliumVer := k.semVerCiliumVersion
+	ciliumVer := k.helmState.Version
 	switch {
 	case versioncheck.MustCompile(">1.10.99")(ciliumVer):
 		svcFilename = "templates/hubble-ui/service.yaml"
@@ -46,7 +46,7 @@ func (k *K8sHubble) generateHubbleUIConfigMap() (*corev1.ConfigMap, error) {
 		cmFilename string
 	)
 
-	ciliumVer := k.semVerCiliumVersion
+	ciliumVer := k.helmState.Version
 	switch {
 	case versioncheck.MustCompile(">1.10.99")(ciliumVer):
 		cmFilename = "templates/hubble-ui/configmap.yaml"
@@ -68,7 +68,7 @@ func (k *K8sHubble) generateHubbleUIDeployment() (*appsv1.Deployment, error) {
 		deployFilename string
 	)
 
-	ciliumVer := k.semVerCiliumVersion
+	ciliumVer := k.helmState.Version
 	switch {
 	case versioncheck.MustCompile(">1.10.99")(ciliumVer):
 		deployFilename = "templates/hubble-ui/deployment.yaml"