Merge branch 'master' into v2

mgoltzsche · Feb 7, 2021 · 2abc383 · 2abc383
2 parents 79f6718 + 0db2d37
commit 2abc383
Show file tree

Hide file tree

Showing 5 changed files with 19 additions and 6 deletions.
diff --git a/Makefile b/Makefile
@@ -71,9 +71,11 @@ fmt:
 
 clean:
 	rm -f $(BUILD_DIR)/bin/khelm
+	rm -f $(BUILD_DIR)/bin/khelm-static
 
 clean-all:
 	rm -rf $(BUILD_DIR)
+	find . -name charts -type d -exec rm -rf {} \;
 
 check: gofmt vet golint gosec ## Runs all linters
 

diff --git a/README.md b/README.md
@@ -81,6 +81,8 @@ Kpt can also be leveraged to pull charts from other git repositories into your o
 
 If necessary the chart output can be transformed using kustomize.
 This can be done by declaring the khelm and a kustomize function orderly within a file and specifying the chart output kustomization as input for the kustomize function as shown in the [cert-manager example](example/kpt/cert-manager).
+A more complex example that uses a Helm chart directly from another git repository can be found [here](example/kpt/linkerd):
+The linkerd chart is managed locally as kpt dependency and transformed into a static manifest with all Secrets generated by cert-manager.
 
 
 ### kustomize exec plugin

diff --git a/e2e/kpt-linkerd-test.sh b/e2e/kpt-linkerd-test.sh
@@ -14,7 +14,7 @@ rm -f "$GENERATED_FILE"
 
 (
 	set -ex
-	make -C "$EXAMPLE_DIR/kpt/linkerd" update generate
+	make -C "$EXAMPLE_DIR/kpt/linkerd" update manifest
 
 	[ -f "$GENERATED_FILE" ]
 	grep -Eq ' name: linkerd-config-tpl$' "$GENERATED_FILE" || (echo 'FAIL: output does not contain linkerd-config-tpl' >&2; false)

diff --git a/example/kpt/linkerd/Makefile b/example/kpt/linkerd/Makefile
@@ -1,6 +1,6 @@
-all: generate
+all: manifest
 
-generate:
+manifest:
 	kpt fn run --as-current-user --mount "type=bind,src=`pwd`,dst=/source,rw=true" manifests
 
 update:
@@ -13,6 +13,3 @@ deploy:
 
 undeploy:
 	kpt live destroy manifests/static
-
-install-cert-manager:
-	kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.1.0/cert-manager.yaml
diff --git a/example/kpt/linkerd/README.md b/example/kpt/linkerd/README.md
@@ -0,0 +1,12 @@
+# example: static linkerd manifest
+
+This example project includes the [linkerd2](https://github.com/linkerd/linkerd2) charts as kpt dependency and converts them to a static manifest which does not contain any `Secrets` but [cert-manager](https://cert-manager.io) `Certificates` instead. The transformations are specified within `manifests/helm-kustomize-pipeline.yaml`.  
+
+However currently the static manifest is not functional since linkerd does not allow to specify the `-identity-trust-anchors-pem` option as environment variable that could be loaded from a Secret (see the related [linkerd issue](https://github.com/linkerd/linkerd2/issues/3843)).
+
+## Workflow
+
+1) Update dependencies: `make update`
+2) Generate the static manifest: `make manifest`
+3) Commit the changes (including generated manifests) if any
+4) Within a CD pipeline deploy the manifest: `make deploy` or rather `kpt live apply manifests/static` (the latter requires cert-manager to be installed beforehand)