Skip to content

feat: Option to auto-upgrade CRDs with Helm #2192

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

feat: Option to auto-upgrade CRDs with Helm #2192

wants to merge 1 commit into from
+72 −5

Conversation

denis-ryzhkov
Copy link

  • Closes Option to auto-upgrade CRDs with Helm #2159
  • Added crds.immutable with safe backward-compatible default value and detailed docstring.
  • Moved CRDs from special crds/ directory to files/crds/ for templating.
  • Updated Makefile to generate CRDs in the new location.
  • Added conditional crds subchart with a special crds/ directory being a symlink to the files/crds/ in the main chart.
  • Updated the docs to mention the new upgrade option.
  • Tested few cases below in grafana-operator/deploy/helm/grafana-operator/ dir.
  • Default values: 
    cat values.yaml | yq .crds

  # -- Immutable CustomResourceDefinitions are installed only once using `crds/` directory
  # and require manual upgrade by `kubectl apply`.
  # Mutable CRDs are installed and upgraded together with the Helm chart using `templates/` directory
  # without manual `kubectl apply` step required.
  # Use `helm upgrade -i --take-ownership` when switching to mutable CRDs for the first time only.
  # Both types of CRDs are protected on the Helm chart uninstall to avoid cascading deletion.
  immutable: true

kubectl get crd | grep graf | wc -l

  0

helm upgrade -i grafana-operator .

  Release "grafana-operator" does not exist. Installing it now.
  walk.go:75: found symbolic link in path:
    REDACTED/helm/grafana-operator/charts/crds/crds resolves to
    REDACTED/helm/grafana-operator/files/crds. Contents of linked file included and used
  NAME: grafana-operator
  NAMESPACE: default
  STATUS: deployed
  REVISION: 1

kubectl get crd | grep graf | wc -l

  12

kubectl get crd grafanas.grafana.integreatly.org -o yaml | yq .metadata

  annotations:
    controller-gen.kubebuilder.io/version: v0.17.3
  ...

kubectl get deploy/grafana-operator

  NAME               READY   UP-TO-DATE   AVAILABLE
  grafana-operator   1/1     1            1        

kubectl logs deploy/grafana-operator | tail -1

  INFO	GrafanaReconciler	Grafana status sync complete

helm uninstall grafana-operator

  release "grafana-operator" uninstalled

kubectl get crd | grep graf | wc -l

  12
  • Upgrade to mutable CRDs: 
    helm upgrade -i --set crds.immutable=false grafana-operator .

  Error: Unable to continue with install:
  CustomResourceDefinition "grafanaalertrulegroups.grafana.integreatly.org"
  in namespace "" exists and cannot be imported into the current release: invalid ownership metadata;
  label validation error: missing key "app.kubernetes.io/managed-by": must be set to "Helm";
  annotation validation error: missing key "meta.helm.sh/release-name": must be set to "grafana-operator";
  annotation validation error: missing key "meta.helm.sh/release-namespace": must be set to "default"

helm upgrade -i --take-ownership --set crds.immutable=false grafana-operator .

  Release "grafana-operator" has been upgraded. Happy Helming!
  ...
  STATUS: deployed

kubectl get crd | grep graf | wc -l

  12

kubectl get crd grafanas.grafana.integreatly.org -o yaml | yq .metadata

  annotations:
    controller-gen.kubebuilder.io/version: v0.17.3
    helm.sh/resource-policy: keep
    meta.helm.sh/release-name: grafana-operator
    meta.helm.sh/release-namespace: default
  labels:
    app.kubernetes.io/managed-by: Helm
  ...

kubectl get deploy/grafana-operator

  NAME               READY   UP-TO-DATE   AVAILABLE
  grafana-operator   1/1     1            1        

kubectl logs deploy/grafana-operator | tail -1

  INFO	GrafanaReconciler	Grafana status sync complete

helm uninstall grafana-operator

  These resources were kept due to the resource policy:
  [CustomResourceDefinition] grafanaalertrulegroups.grafana.integreatly.org
  ...11 more...

  release "grafana-operator" uninstalled

kubectl get crd | grep graf | wc -l

  12
  • Clean install with mutable CRDs: 
    kubectl get crd -o name | grep grafana | xargs kubectl delete

  customresourcedefinition.apiextensions.k8s.io "grafanaalertrulegroups.grafana.integreatly.org" deleted
  ...11 more...

helm upgrade -i --set crds.immutable=false grafana-operator .

  Release "grafana-operator" does not exist. Installing it now.
  ...
  STATUS: deployed
    The rest of the tests showed the same output as in the "Upgrade to mutable CRDs" case.

@CLAassistant
Copy link

CLAassistant commented Sep 9, 2025
edited
Loading

CLA assistant check
All committers have signed the CLA.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nissessenap nissessenap Awaiting requested review from nissessenap nissessenap is a code owner

@weisdd weisdd Awaiting requested review from weisdd weisdd is a code owner

@ishanjainn ishanjainn Awaiting requested review from ishanjainn ishanjainn is a code owner

@theSuess theSuess Awaiting requested review from theSuess theSuess is a code owner

@hubeadmin hubeadmin Awaiting requested review from hubeadmin hubeadmin is a code owner

@pb82 pb82 Awaiting requested review from pb82 pb82 is a code owner

@Baarsgaard Baarsgaard Awaiting requested review from Baarsgaard Baarsgaard is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Option to auto-upgrade CRDs with Helm
2 participants
@denis-ryzhkov @CLAassistant