carvel-dev/kapp-controller

Cannot set nested value path via downward API

mamachanko opened this issue · 1 comments

mamachanko commented

What steps did you take:

  1. Create a package with a values schema
  2. Set a nested value path via the downward API
#! package.yaml

---
apiVersion: data.packaging.carvel.dev/v1alpha1
kind: Package
metadata: 
  name: test.example.com.0.1.0
  namespace: default
spec: 
  refName: test.example.com
  version: 0.1.0
  template: 
    spec: 
      deploy: 
        - kapp: {}
      fetch: 
        - path: config
          inline: 
            paths: 
              config/schema.yaml: |
                #@data/values-schema
                ---
                #@schema/type any=True
                internal: null
              config/values.yaml: |
                #@data/values
                ---
                internal:
                  secret_message: hello cool
              config/config.yaml: |
                #@ load("@ytt:data", "data")
                #@ load("@ytt:yaml", "yaml")
                ---
                apiVersion: v1
                kind: ConfigMap
                metadata: 
                  name: test.example.com
                data: 
                  values: #@ yaml.encode(data.values)
      template: 
        - ytt: 
            paths: 
              - ./config
            valuesFrom: 
              - downwardAPI: 
                  items: 
                    - name: internal.version
                      fieldPath: "metadata.annotations['packaging\\.carvel\\.dev/package-version']"
                    - name: internal.kubernetes_version
                      kubernetesVersion: {}
                    - name: internal.kubernetes_gvs
                      kubernetesAPIs: {}

---
apiVersion: packaging.carvel.dev/v1alpha1
kind: PackageInstall
metadata: 
  name: test
  namespace: default
spec: 
  packageRef: 
    refName: test.example.com
    versionSelection: 
      constraints: "> 0.0.0"
  serviceAccountName: install-sa

---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: install-sa
  namespace: default

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: install-admin
rules:
  - apiGroups:
      - '*'
    resources:
      - '*'
    verbs:
      - '*'

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: install-admin
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: install-admin
subjects:
  - kind: ServiceAccount
    name: install-sa
    namespace: default

What happened:

The package fails to install:

ytt -f package.yaml | kapp d -c -y -f- -a test
Target cluster 'https://127.0.0.1:54182' (nodes: kind-cert-manager-control-plane)

# ...

8:14:17AM: ---- waiting on 1 changes [4/5 done] ----
8:14:20AM: fail: reconcile packageinstall/test (packaging.carvel.dev/v1alpha1) namespace: default
8:14:20AM:  ^ Reconcile failed:  (message: ytt: Error: Overlaying data values (in following order: config/values.yaml, additional data values):
One or more data values were invalid
====================================

Given data value is not declared in schema
downwardapi_1.yaml:
    |
  1 | internal.kubernetes_version: 1.29.2
    |

    = found: internal.kubernetes_version
    = expected: a map item with the key named "internal" (from config/schema.yaml:2)


)

kapp: Error: waiting on reconcile packageinstall/test (packaging.carvel.dev/v1alpha1) namespace: default:
  Finished unsuccessfully (Reconcile failed:  (message: ytt: Error: Overlaying data values (in following order: config/values.yaml, additional data values):
One or more data values were invalid
====================================

Given data value is not declared in schema
downwardapi_1.yaml:
    |
  1 | internal.kubernetes_version: 1.29.2
    |

    = found: internal.kubernetes_version
    = expected: a map item with the key named "internal" (from config/schema.yaml:2)


))

What did you expect:

The package install and the nested value paths are set as expected:

❯ k get cm test.example.com -oyaml | yq .data
values: |
  internal:
    secret_message: hello cool
    version: 0.1.0
    kubernetes_version: 1.29.2
    kubernetes_gvs:
    - v1
    - apiregistration.k8s.io/v1
    - apps/v1
    #! ...

Anything else you would like to add:

note: fieldpath is not affected. only kappControllerVersion, kubernetesVersion and kubernetesAPIs

When we omit the schema from the package we can see that values are set but not nested:

❯ k get cm test.example.com -oyaml | yq .data
values: |
  internal:
    secret_message: hello cool
    version: 0.1.0
  internal.kubernetes_version: 1.29.2
  internal.kubernetes_gvs:
  - v1
  - apiregistration.k8s.io/v1
  - apps/v1
  #! ...

That's because DownwardAPI.AsYAMLs() only handles nestedness for fieldPath but not the others. here

Environment:

  • kapp Controller version v0.48.2

Vote on this request

This is an invitation to the community to vote on issues, to help us prioritize our backlog. Use the "smiley face" up to the right of this comment to vote.

👍 "I would like to see this addressed as soon as possible"
👎 "There are other more important things to focus on right now"

We are also happy to receive and review Pull Requests if you want to help working on this issue.

praveenrewar commented

Thank you @mamachanko for reporting this issue. I think this was missed as kappControllerVersion, kubernetesVersion and kubernetesAPIs were added sometime after downwardAPI.
Thank you so much for creating the PR ❤️

  • ❤️1