Charts: [bitnami/common] Password validation ignores global setting

Created on 14 Aug 2020  路  4Comments  路  Source: bitnami/charts

Which chart:
Common (and PostgreSQL)

Describe the bug
Since upgrading the postgresql chart to 9.2.0, I observe that if I define my postgresqlPassword using the global namespace, I am met with the new password validation error/failure. It _appears_ as though the new validation template is not respecting postgresqlPassword's that are defined under the global namespace. Note, I am using the postgresql chart as a subchart.

To Reproduce
If I have a yaml values file that sets up the PG password using global as follows:

...
global:
  postgresql:
    postgresqlUsername: user
    postgresqlPassword: password
    postgresqlDatabase: database
....

And I run an initial helm install everything works as expected.

If, after a successful install, I then do a helm upgrade, I am met with:

history.go:52: [debug] getting history for release hifive-67595530
upgrade.go:121: [debug] preparing upgrade for hifive-67595530
Error: UPGRADE FAILED: template: hifive/charts/postgresql/templates/NOTES.txt:59:4: executing "hifive/charts/postgresql/templates/NOTES.txt" at <include "common.errors.upgrade.passwords.empty" (dict "validationErrors" (list $passwordValidationErrors) "context" $)>: error calling include: template: hifive/charts/postgresql/charts/common/templates/_errors.tpl:18:48: executing "common.errors.upgrade.passwords.empty" at <fail>: error calling fail:
PASSWORDS ERROR: you must provide your current passwords when upgrade the release
    'postgresqlPassword' must not be empty, please add '--set postgresqlPassword=$POSTGRESQL_PASSWORD' to the command. To get the current value:

        export POSTGRESQL_PASSWORD=$(kubectl get secret --namespace highfive-review hifive-67595530-postgresql -o jsonpath="{.data.postgresql-password}" | base64 --decode)

helm.go:84: [debug] template: hifive/charts/postgresql/templates/NOTES.txt:59:4: executing "hifive/charts/postgresql/templates/NOTES.txt" at <include "common.errors.upgrade.passwords.empty" (dict "validationErrors" (list $passwordValidationErrors) "context" $)>: error calling include: template: hifive/charts/postgresql/charts/common/templates/_errors.tpl:18:48: executing "common.errors.upgrade.passwords.empty" at <fail>: error calling fail:
PASSWORDS ERROR: you must provide your current passwords when upgrade the release
    'postgresqlPassword' must not be empty, please add '--set postgresqlPassword=$POSTGRESQL_PASSWORD' to the command. To get the current value:

        export POSTGRESQL_PASSWORD=$(kubectl get secret --namespace highfive-review hifive-67595530-postgresql -o jsonpath="{.data.postgresql-password}" | base64 --decode)

UPGRADE FAILED
main.newUpgradeCmd.func1
    helm.sh/helm/v3/cmd/helm/upgrade.go:146
github.com/spf13/cobra.(*Command).execute
    github.com/spf13/[email protected]/command.go:842
github.com/spf13/cobra.(*Command).ExecuteC
    github.com/spf13/[email protected]/command.go:950
github.com/spf13/cobra.(*Command).Execute
    github.com/spf13/[email protected]/command.go:887
main.main
    helm.sh/helm/v3/cmd/helm/helm.go:83
runtime.main
    runtime/proc.go:203
runtime.goexit
    runtime/asm_amd64.s:1373

Changing that original values yaml file to remove the global prefix:

  postgresql:
    postgresqlUsername: user
    postgresqlPassword: password
    postgresqlDatabase: database

And then re-running the upgrade (in debug mode or otherwise), I am able to successfully upgrade.

Expected behavior
A clear and concise description of what you expected to happen.

Version of Helm and Kubernetes:

  • Output of helm version:
version.BuildInfo{Version:"v3.2.4", GitCommit:"0ad800ef43d3b826f31a5ad8dfbb4fe05d143688", GitTreeState:"clean", GoVersion:"go1.14.4"}
  • Output of kubectl version:
Client Version: version.Info{Major:"1", Minor:"18", GitVersion:"v1.18.5", GitCommit:"e6503f8d8f769ace2f338794c914a96fc335df0f", GitTreeState:"archive", BuildDate:"2020-07-01T16:28:46Z", GoVersion:"go1.14.4", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"14", GitVersion:"v1.14.6", GitCommit:"96fac5cd13a5dc064f7d9f4f23030a6aeface6cc", GitTreeState:"clean", BuildDate:"2019-08-19T11:05:16Z", GoVersion:"go1.12.9", Compiler:"gc", Platform:"linux/amd64"}

Additional context
Add any other context about the problem here.

on-hold

Most helpful comment

Hi @mcritchlow we have recently opened a PR fixing this issue, please let's move the conversation there.

All 4 comments

Hi @mcritchlow, thanks for opening this issue. We are going to look into it and we will get back to you.

Hi again @mcritchlow, it seems common.validations.values.postgresql.passwords lacks from validations in the case globals are used for the password. https://github.com/bitnami/charts/blob/377c51be686f0d5afa20e18f2f5935c93518ad38/bitnami/common/templates/_validations.tpl#L88-L136

We will try to cover that case, we will open a PR soon.

Just curious, why are you using globals in this chart (it doesn't have subcharts, other than common) instead of using the direct values?

@andresbono - Hello, thank you! I would open a PR myself but honestly I'm not fully clear the common validations that you all recently introduced and figured you all would know better what makes the most sense.

Just curious, why are you using globals in this chart (it doesn't have subcharts, other than common) instead of using the direct values?

Fair question :) Initially for this particular application we were intending on needing the global functionality, but that never materialized. So I am probably going to drop using globals for us. Still it seemed worth reporting upstream.

Thank you again!

Hi @mcritchlow we have recently opened a PR fixing this issue, please let's move the conversation there.

Was this page helpful?
0 / 5 - 0 ratings