Add support to configure multiple helm chart repo using HelmChartRepository CRD

[akashshinde]

This PR adds support to configure multiple helm chart repos in openshift.

It uses HelmChartRepository CRD to add multiple repository support. ref PR: openshift/api#598

How to test

Register HelmChartRepository CRD

oc apply -f https://raw.githubusercontent.com/openshift/api/master/helm/v1beta1/0000_10-helm-chart-repository.crd.yaml

Add two helm chart repository

1. Add Redhat chart repo.

apiVersion: helm.openshift.io/v1beta1
kind: HelmChartRepository
metadata:
  name: redhat-chart-repo
spec:
  name: redhat-chart-repo
  connectionConfig:
    url: https://redhat-developer.github.io/redhat-helm-charts

2. Add Azure sample helm chart repo.

apiVersion: helm.openshift.io/v1beta1
kind: HelmChartRepository
metadata:
  name: azure-sample-repo
spec:
  name: azure-sample-repo
  connectionConfig:
    url: https://raw.githubusercontent.com/Azure-Samples/helm-charts/master/docs

Run console in dev mode

Build

./build.sh

Setup environment to use openshift cluster context

source ./contrib/oc-environment.sh

Start console backend

./bin/bridge

Make rest call to helm chart endpoint

 curl localhost:9000/api/helm/charts/index.yaml

Demo Link: https://youtu.be/r68ZWHzZMVA

[sbose78]

The client should only call /api/helm/charts/index.yaml ( the way it does today ..) and the response should be the plain old index.yaml which the UI can currently parse.

Behind the scenes, it is a..

• A "long" index.yaml which is a concatenated list of index.yamls from multiple HelmChartRepositories, OR
• if there are no HelmChartRepositories, return the index.yaml of the default Red Hat Helm Chart Repo.

As a test, the UI should render fine with zero UI changes.

[sbose78]

@rohitkrai03 @parvathyvr
For a helm chart in the developer catalog, does the UI need to know which chart repo the chart is being served from ?

[sbose78]

@akashshinde
Can we pass additional metadata per index.yaml entry to specify which chart repo a chart is from?

[rohitkrai03]

@rohitkrai03 @parvathyvr
For a helm chart in the developer catalog, does the UI need to know which chart repo the chart is being served from ?

@sbose78 Early designs for the epic used the chart repository name and URL in the side panel of chart in the catalog. We might also need that data to visually distinguish between same charts coming from different repositories similar to how its done in Helm Hub. @parvathyvr can add more details from UX side.

[sbose78]

Gotcha, @rohitkrai03

@akashshinde What's your suggestion on how the UI could get that data from the returned long index.yaml ?

[akashshinde]

@rohitkrai03 Just wondering how UI get to know the chart repo information currently, I see backed only returns https://github.com/helm/helm/blob/9c0fca9aeb9f93c0743c3e234df7e73832b46576/pkg/repo/index.go#L79 struct and this does struct does not really hold the information about the chart repo origin.

[sbose78]

The UI probably doesn't care now since there's only one possible repo.

[akashshinde]

There are following ways to embed chart repo metadata in the IndexFile which gets received from chart repo url.

1. Embed chart metadata in chart annotations.

index.yaml response would be

apiVersion: v1
entries:
  aks-helloworld:
  - apiVersion: v1
    created: "2020-03-30T16:27:13.4350608-05:00"
    description: A Helm chart for Kubernetes
    digest: a9bc374461e31cb1429021a898ef83d0a650783033f3bc121ed536ad99301bbc
    name: aks-helloworld
    urls:
    - https://azure-samples.github.io/helm-charts/aks-helloworld-0.1.1.tgz
    version: 0.1.1
    annotations:
      chart_repo: azure
      url: AZURE_REPO_URL
  - apiVersion: v1
    created: "2020-03-30T16:27:13.433497-05:00"
    description: A Helm chart for Kubernetes
    digest: f4eb20e7116b24c4825861e6ff6f4303bbe83bcee4a7b2b6ea9fe6929852f34d
    name: k8s-helloworld
    urls:
    - https://k8s-samples.github.io/helm-charts/k8s-helloworld-0.1.0.tgz
    version: 0.1.0
    annotations:
      chart_repo: kubernetes
      url: K8S_REPO_URL
  ibm-cpq-prod:
  - apiVersion: v2
    appVersion: 10.0.0.6
    created: "2020-06-23T21:48:51.90919-05:00"
    description: |-
      IBM Sterling Configure, Price, Quote (CPQ) solution enables you to quickly configure, price, quote and order the right products and services.\n
      To sell competitively in today’s multichannel environment, organizations need a way to easily manage product and service configuration and pricing rules that allow prospects, customers, sales staff, call center representatives and Business Partners to quickly find, configure and order the right products and services.\n
      IBM® Sterling Configure, Price, Quote solution automates every step of the configure, price and quote process to help organizations easily create Web storefronts, offer dynamic catalog and pricing information,  and direct customers and partners to find, configure and order the right products and services.\n
      This enables you to transform how you sell complex products and services by removing the internal complexity of multi-tiered selling within your organization and with your partners.\n

      Documentation\n
      Additional information about installation can be found at https://ibm.biz/BdqqUS.

      License\n
      Sterling Configure Price Quote Software is licensed under https://ibm.biz/Bdqqgd which must be accepted during the install of the Product.
    digest: 2d93c570ff47b27858901dacafc22fe64d868e9a8ecb4742867396f2912eded8
    icon: https://raw.githubusercontent.com/IBM/charts/master/logo/ibm-oms-logo.png
    keywords:
    - cpq
    - ifs
    - sterling
    - yantra
    - order
    - fulfillment
    - om
    - amd64
    - framework
    - Commercial
    - RHOCP
    - All items
    - Languages
    - Databases
    - Middleware
    - CI/CD
    - Other
    kubeVersion: '>=1.11.0'
    maintainers:
    - name: IBM
    name: ibm-cpq-prod
    urls:
    - https://redhat-developer.github.com/redhat-helm-charts/charts/ibm-cpq-prod-2.0.0.tgz
    version: 2.0.0
    annotations: 
      chart_repo: IBM
      url: IBM_REPO_URL

Pros

• No need to change UI, since response would be aggregated single index.yaml

Cons

• Backend needs to iterate over entire chart listing to update Annotations field (https://github.com/helm/helm/blob/9c0fca9aeb9f93c0743c3e234df7e73832b46576/pkg/chart/metadata.go#L58)
• Backend would take more time to respond than usual.

2. Have a extra field in the root of each yaml file response, and embed chart metadata in it.

index.yaml response would be

apiVersion: v1
annotations: 
  chart_repo: IBM
  url: IBM_REPO_URL
entries:
  aks-helloworld:
  - apiVersion: v1
    created: "2020-03-30T16:27:13.4350608-05:00"
    description: A Helm chart for Kubernetes
    digest: a9bc374461e31cb1429021a898ef83d0a650783033f3bc121ed536ad99301bbc
    name: aks-helloworld
    urls:
    - https://azure-samples.github.io/helm-charts/aks-helloworld-0.1.1.tgz
    version: 0.1.1
    annotations:
      chart_repo: azure
      url: AZURE_REPO_URL
---
apiVersion: v1
annotations:
  chart_repo: kubernetes
  url: K8S_REPO_URL
entries:
  - apiVersion: v1
    created: "2020-03-30T16:27:13.433497-05:00"
    description: A Helm chart for Kubernetes
    digest: f4eb20e7116b24c4825861e6ff6f4303bbe83bcee4a7b2b6ea9fe6929852f34d
    name: k8s-helloworld
    urls:
    - https://k8s-samples.github.io/helm-charts/k8s-helloworld-0.1.0.tgz
    version: 0.1.0
---
apiVersion: v1
annotations: 
  chart_repo: IBM
  url: IBM_REPO_URL
entries:    
  ibm-cpq-prod:
  - apiVersion: v2
    appVersion: 10.0.0.6
    created: "2020-06-23T21:48:51.90919-05:00"
    description: |-
      IBM Sterling Configure, Price, Quote (CPQ) solution enables you to quickly configure, price, quote and order the right products and services.\n
      To sell competitively in today’s multichannel environment, organizations need a way to easily manage product and service configuration and pricing rules that allow prospects, customers, sales staff, call center representatives and Business Partners to quickly find, configure and order the right products and services.\n
      IBM® Sterling Configure, Price, Quote solution automates every step of the configure, price and quote process to help organizations easily create Web storefronts, offer dynamic catalog and pricing information,  and direct customers and partners to find, configure and order the right products and services.\n
      This enables you to transform how you sell complex products and services by removing the internal complexity of multi-tiered selling within your organization and with your partners.\n

      Documentation\n
      Additional information about installation can be found at https://ibm.biz/BdqqUS.

      License\n
      Sterling Configure Price Quote Software is licensed under https://ibm.biz/Bdqqgd which must be accepted during the install of the Product.
    digest: 2d93c570ff47b27858901dacafc22fe64d868e9a8ecb4742867396f2912eded8
    icon: https://raw.githubusercontent.com/IBM/charts/master/logo/ibm-oms-logo.png
    keywords:
    - cpq
    - ifs
    - sterling
    - yantra
    - order
    - fulfillment
    - om
    - amd64
    - framework
    - Commercial
    - RHOCP
    - All items
    - Languages
    - Databases
    - Middleware
    - CI/CD
    - Other
    kubeVersion: '>=1.11.0'
    maintainers:
    - name: IBM
    name: ibm-cpq-prod
    urls:
    - https://redhat-developer.github.com/redhat-helm-charts/charts/ibm-cpq-prod-2.0.0.tgz
    version: 2.0.0

Pros

1. No need to iterate over entire chart listing, would need to iterate over list of chart repos.

Cons
1, Need to introduce new field annotations to index.yaml in console get repo api call

1. Need to update index.yaml response received from chart repo url
2. Need to update new field annotations to the response before we send back to console UI.
3. Chart repo response would be array of index.yaml instead of single index.yaml, therefore UI needs to be tweaked to support that.

cc: @sbose78 @rohitkrai03

[sbose78]

I'll go for option 1

[akashshinde]

There are couple of use cases we need to tackle.

1. When should we fallback to proxy response ?
   a. If HelmChartRepository CRD does not exist ?

   b. If HelmChartRepository has zero resources exist in the cluster ? (This point will be void If we are going to create redhat
   chart repo CR.)

2. This is something I've not tested yet, but just had a thought about it.
   a. Since HelmChartRepository is a cluster-scoped CRD, we would need enough permissions to access it, this works
   currently since we're using admin privileges, but eventually might fail if logged user doesn't have enough permission.

   b. Do we have special service account/token which would give access to cluster scoped CRD ?

cc: @sbose78

[sbose78]

@akashshinde
If the total number of CRs = 0 or the CRD doesn't exist, we show the default one.

[sbose78]

Non-kube-admin users should be able to have view privileges on HelmChartRepository CRs, we'll have to ensure that works, outside the scope of this PR itself.

[akashshinde]

@akashshinde
If the total number of CRs = 0 or the CRD doesn't exist, we show the default one.

Great, that's the way implementation is done .

[sbose78]

Could you please attach GIFs/screenshots/demo videos, @akashshinde ?

[akashshinde]

Could you please attach GIFs/screenshots/demo videos, @akashshinde ?

uploaded a demo video: https://youtu.be/r68ZWHzZMVA

[sbose78]

uploaded a demo video: https://youtu.be/r68ZWHzZMVA

I see a cache issue there. As discussed, could we address it please?

[akashshinde]

I see a cache issue there. As discussed, could we address it please?
I found why we are getting this issue.

1. Client request for /api/helm/charts/index.yaml the first time - If no HelmChartRepository is configured proxy comes into play. Reverse proxy sets response of redhat helm chart repo and also copies all the headers from redhat chart repo url.
   Which copies header Cache-Control=600, asks browser to cache it for 600secs.
2. Now when we add HelmChartReposiory CRs, then browser makes another call to chart index api to fetch latest yaml. Here browser has already cached response for 600secs so report back the same previous yaml response and ingores the one received from server.

Solution:
Finding a way to ignore Cache-Control header being set in the first attempt.

cc: @sbose78

[akashshinde]

Raised PR #6044 to handle backlisting unwanted headers.

[sbose78]

/assign @spadgett
/assign @pedjak

[spadgett]

Just a heads up that this will conflict with #1862, which switches logging to klog. We might hold #1862 until after this merges.

cc @zherman0 @jhadvig

[akashshinde]

sure

[sbose78]

/lgtm

[sbose78]

/retest

[spadgett]

/approve

[openshift-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: akashshinde, sbose78, spadgett

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [spadgett]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[akashshinde]

/test e2e-gcp-console

[pedjak]

/retest

[sbose78]

/retest

[akashshinde]

/test e2e-gcp-console