Skip to content

Proposal helmfile for deployment #7879

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
BacLuc merged 2 commits into from
Oct 3, 2025
Merged

Proposal helmfile for deployment #7879

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
e169dc8
ecamp3-logging: switch to helmfile to pass environment-specific varia…
BacLuc Jul 31, 2025
684d288
CI: allow to only run diff in deploy-ecamp3-logging.yml
BacLuc Jul 31, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 13 additions & 0 deletions .github/actions/setup-helmfile/action.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
name: 'Setup helmfile'
description: 'Sets up helmfile in /usr/local/bin/helmfile'
runs:
using: "composite"
steps:
- name: install helmfile
run: |
curl -L https://github.com/helmfile/helmfile/releases/download/v1.1.3/helmfile_1.1.3_linux_amd64.tar.gz -o helmfile.tar.gz
tar -xvf /tmp/helmfile.tar.gz
mv helmfile /usr/local/bin
chmod +x /usr/local/bin/helmfile
working-directory: /tmp
shell: bash
42 changes: 27 additions & 15 deletions .github/workflows/deploy-ecamp3-logging.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,17 @@ on:
workflow_dispatch:
inputs:
environment:
description: 'Choose environment'
description: "Choose environment"
type: environment
required: true
action:
description: "Choose action"
type: choice
required: true
default: diff
options:
- diff
- deploy

jobs:
deploy-ecamp3-logging:
Expand All @@ -25,39 +33,43 @@ jobs:

- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5

- name: Dump secrets to .env
- name: Dump secrets to /tmp/secrets.yaml
run: |
echo '${{ toJSON(secrets) }}' | jq -r 'keys[] as $k | select(.[$k] |contains("\n") | not) | "\($k)=\"\(.[$k])\""' >> .env
working-directory: .ops/ecamp3-logging
cat << 'EOF' | tee -a /tmp/secrets.yaml
${{ toJSON(secrets) }}
EOF
jq '.' /tmp/secrets.yaml

- name: Dump variables to .env
- name: Dump variables to /tmp/env.yaml
run: |
echo '${{ toJSON(vars) }}' | jq -r 'keys[] as $k | select(.[$k] |contains("\n") | not) | "\($k)=\"\(.[$k])\""' >> .env
working-directory: .ops/ecamp3-logging
cat << 'EOF' | tee -a /tmp/env.yaml
${{ toJSON(vars) }}
EOF
jq '.' /tmp/env.yaml

- name: Show .env for debugging
run: echo "$(cat .env | sort)"
- name: Merge secrets and variables
run: |
jq -s '.[0] + .[1]' /tmp/secrets.yaml /tmp/env.yaml > env.yaml
jq '.' env.yaml
working-directory: .ops/ecamp3-logging

- name: Setup helm
run: |
mkdir ~/.kube && echo '${{ secrets.KUBECONFIG }}' > ~/.kube/config && chmod go-r ~/.kube/config

- name: Add helm repositories
run: |
helm repo add fluent https://fluent.github.io/helm-charts
helm repo update
- uses: ./.github/actions/setup-helmfile

- name: Diff deployment
run: |
./deploy.sh diff || true
working-directory: .ops/ecamp3-logging

- name: Show values.out.yaml
run: cat values.out.yaml
- name: Show values.yaml
run: cat values.yaml
working-directory: .ops/ecamp3-logging

- name: Deploy
if: ${{ github.event.inputs.action == 'deploy' }}
run: |
./deploy.sh deploy
working-directory: .ops/ecamp3-logging
3 changes: 2 additions & 1 deletion .ops/ecamp3-logging/.gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
.env
/env.yaml
/charts
/values.out.yaml
/values.yaml
4 changes: 3 additions & 1 deletion .ops/ecamp3-logging/.helmignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
.env
/deploy.sh
/values.out.yaml
/values.yaml
/values.yaml.gotmpl
/env.yaml
7 changes: 1 addition & 6 deletions .ops/ecamp3-logging/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,12 +5,7 @@ ecamp3 is running.

## Prerequisites

You need to add the fluent helm repository:

```shell
helm repo add fluent https://fluent.github.io/helm-charts
helm repo update
```
You need the helmfile in addition to kubectl and helm.
Copy link
Member

@carlobeltrame carlobeltrame Aug 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instructions or a link on how to install the helmfile command might be useful. But maybe the wiki is a better place for that.

Copy link
Contributor Author

@BacLuc BacLuc Aug 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can link the action in the wiki as soon as this is merged:
https://github.com/ecamp/ecamp3/pull/7879/files/16d5d30aa3235f26f0be97ad800d2a23d6c78800#diff-a6c41caf93cca9a01ad670187f58916de37441dec13c5dfb1b91252a7885c947


## Provisioning of Kibana Configuration

Expand Down
22 changes: 6 additions & 16 deletions .ops/ecamp3-logging/deploy.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,39 +5,29 @@ set -ea
SCRIPT_DIR=$(realpath "$(dirname "$0")")
cd $SCRIPT_DIR

ELASTIC_NODE_REQUESTS_MEMORY=1000Mi
ELASTIC_NODE_LIMITS_MEMORY=1000Mi
ELASTIC_NODE_MAX_INDEX_AGE=15
RANDOM_STRING=$(uuidgen)

if [ -f $SCRIPT_DIR/.env ]; then
. $SCRIPT_DIR/.env
fi

if [ -z "${ELASTIC_NODE_STORAGE_SIZE}" ]; then
echo "Please define ELASTIC_NODE_STORAGE_SIZE. There is no good default value."
echo "It can also not be automatically enlarged, see: https://github.com/kubernetes/enhancements/pull/4651 and https://github.com/kubernetes/kubernetes/issues/68737"
exit 1
fi

envsubst < $SCRIPT_DIR/values.yaml > $SCRIPT_DIR/values.out.yaml
echo "ELASTIC_NODE_STORAGE_SIZE can not be automatically enlarged, see: https://github.com/kubernetes/enhancements/pull/4651 and https://github.com/kubernetes/kubernetes/issues/68737"
Copy link
Member

@carlobeltrame carlobeltrame Aug 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So now we always output this warning, but what can be done about it?

Copy link
Contributor Author

@BacLuc BacLuc Aug 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is just a warning that you hopefully find if you accidentally changed the size and now the statefulset does not come up again.


helm dep build
helmfile deps
helmfile write-values --environment default --output-file-template values.yaml

if [ $1 = "deploy" ]; then
# to debug: --dry-run --debug
helm upgrade --install ecamp3-logging \
--namespace ecamp3-logging \
--create-namespace \
$SCRIPT_DIR \
--values $SCRIPT_DIR/values.out.yaml
--values $SCRIPT_DIR/values.yaml
exit 0
fi

if [ $1 = "diff" ]; then
helm template \
--namespace ecamp3-logging --no-hooks --skip-tests ecamp3-logging \
--namespace ecamp3-logging --no-hooks --skip-tests ecamp3-logging \
$SCRIPT_DIR \
--values $SCRIPT_DIR/values.out.yaml | kubectl diff --namespace ecamp3-logging -f -
--values $SCRIPT_DIR/values.yaml | kubectl diff --namespace ecamp3-logging -f -
exit 0
fi
14 changes: 14 additions & 0 deletions .ops/ecamp3-logging/helmfile.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
environments:
default:
values:
- ./env.yaml
---
repositories:
- name: fluent
url: https://fluent.github.io/helm-charts

releases:
- name: ""
chart: .
values:
- ./values.yaml.gotmpl
16 changes: 8 additions & 8 deletions .ops/ecamp3-logging/values.yaml → .ops/ecamp3-logging/values.yaml.gotmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
fluent-operator:
containerRuntime: containerd
operator:
annotations:
trigger-recreate: ${RANDOM_STRING}
container:
annotations:
trigger-recreate: {{ exec "uuidgen" (list) }}
Copy link
Member

@carlobeltrame carlobeltrame Aug 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't understand any of the changes in this file. Care to explain?

Copy link
Contributor Author

@BacLuc BacLuc Aug 16, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The operator is implemented well enough to survive in dev and to recreate the fluentd and fluentbits when we deploy.
In prod in starts to crashloop after a while.
If we deploy then, the fluentbits and fluentd don't get recreated.
This is still a hack to recreate the deployment for the operator after the deployment.
Now everything is in one place, before we created a random string in shell and then injected that with envsubst.

container:
tag: 3.3.0
fluentbit:
enable: true
Expand All @@ -26,7 +26,7 @@ fluent-operator:
- ingress-nginx
envVars:
- name: TRIGGER_FLUENTD_RECREATE
value: ${RANDOM_STRING}
value: {{ exec "uuidgen" (list) }}
enable: true

fluentd:
Expand All @@ -46,16 +46,16 @@ elasticsearch:
elasticNode:
resources:
requests:
memory: ${ELASTIC_NODE_REQUESTS_MEMORY}
memory: {{ .Environment.Values | get "ELASTIC_NODE_REQUESTS_MEMORY" "1000Mi" }}
limits:
memory: ${ELASTIC_NODE_LIMITS_MEMORY}
memory: {{ .Environment.Values | get "ELASTIC_NODE_LIMITS_MEMORY" "1000Mi"}}
persistence:
storageClassName: do-block-storage
resources:
requests:
storage: ${ELASTIC_NODE_STORAGE_SIZE}
storage: {{ .Environment.Values | get "ELASTIC_NODE_STORAGE_SIZE" nil | required "Please define ELASTIC_NODE_STORAGE_SIZE. There is no good default value." }}
removeOldIndexes:
maxIndexAge: ${ELASTIC_NODE_MAX_INDEX_AGE}
maxIndexAge: {{ .Environment.Values | get "ELASTIC_NODE_MAX_INDEX_AGE" "15" }}
image: node:24.8.0

kibana:
Expand Down