From 307d122a845c3fd210ffd35f1b6b5165523565c2 Mon Sep 17 00:00:00 2001
From: Max Gautier <max.gautier@objectif-libre.com>
Date: Mon, 14 Mar 2022 16:29:58 +0100
Subject: [PATCH] Helm-apps role for installing helm charts (#8347)

* Sketch of helm-apps role interface

* helm-apps: Early implementation and settings

* helm-apps: Fix README.md example playbook

* fixup! Sketch of helm-apps role interface

* Make the argument specs more explicit

* Remove exposed options from hardcoded default

* Simplify example playbook in README.md

- Define directly the roles parameters
- Add an example of option override for one chart only

* Use release instead of charts

Make explicit that the role is mananing releases, not charts.
Simplify parameters naming
---
 roles/helm-apps/README.md               | 39 +++++++++++
 roles/helm-apps/meta/argument_specs.yml | 93 +++++++++++++++++++++++++
 roles/helm-apps/tasks/main.yml          | 17 +++++
 roles/helm-apps/vars/main.yml           |  7 ++
 4 files changed, 156 insertions(+)
 create mode 100644 roles/helm-apps/README.md
 create mode 100644 roles/helm-apps/meta/argument_specs.yml
 create mode 100644 roles/helm-apps/tasks/main.yml
 create mode 100644 roles/helm-apps/vars/main.yml

diff --git a/roles/helm-apps/README.md b/roles/helm-apps/README.md
new file mode 100644
index 000000000..27b480cb0
--- /dev/null
+++ b/roles/helm-apps/README.md
@@ -0,0 +1,39 @@
+Role Name
+=========
+
+This role is intended to be used to fetch and deploy Helm Charts as part of
+cluster installation or upgrading with kubespray.
+
+Requirements
+------------
+
+The role needs to be executed on a host with access to the Kubernetes API, and
+with the helm binary in place.
+
+Role Variables
+--------------
+
+See meta/argument_specs.yml
+
+Playbook example:
+
+```yaml
+---
+- hosts: kube_control_plane[0]
+  gather_facts: no
+  roles:
+    - name: helm-apps
+      releases:
+        - name: app
+          namespace: app
+          chart_ref: simple-app/simple-app
+        - name: app2
+          namespace: app
+          chart_ref: simple-app/simple-app
+          wait_timeout: "10m" # override the same option in `release_common_opts`
+      repositories: "{{ repos }}"
+        - repo_name: simple-app
+          repo_url: "https://blog.leiwang.info/simple-app"
+      release_common_opts: "{{ helm_params }}"
+        wait_timeout: "5m"
+```
diff --git a/roles/helm-apps/meta/argument_specs.yml b/roles/helm-apps/meta/argument_specs.yml
new file mode 100644
index 000000000..d1be9a815
--- /dev/null
+++ b/roles/helm-apps/meta/argument_specs.yml
@@ -0,0 +1,93 @@
+---
+argument_specs:
+  main:
+    short_description: Install a list of Helm charts.
+    options:
+      releases:
+        type: list
+        elements: dict
+        required: true
+        description: |
+          List of dictionaries passed as arguments to kubernetes.core.helm.
+          Arguments passed here will override  those in `helm_settings`.  For
+          structure of the dictionary, see the documentation for
+          kubernetes.core.helm ansible module.
+        options:
+          chart_ref:
+            type: path
+            required: true
+          chart_version:
+            type: str
+          name:
+            type: str
+            required: true
+          namespace:
+            type: str
+            required: true
+          values:
+            type: dict
+          # Possibly general options
+          create_namespace:
+            type: bool
+          chart_repo_url:
+            type: str
+          disable_hook:
+            type: bool
+          history_max:
+            type: int
+          purge:
+            type: bool
+          replace:
+            type: bool
+          skip_crds:
+            type: bool
+          wait:
+            type: bool
+            default: true
+          wait_timeout:
+            type: str
+
+      repositories:
+        type: list
+        elements: dict
+        description: |
+          List of dictionaries passed as arguments to
+          kubernetes.core.helm_repository.
+        default: []
+        options:
+          name:
+            type: str
+            required: true
+          password:
+            type: str
+          username:
+            type: str
+          url:
+            type: str
+      release_common_opts:
+        type: dict
+        description: |
+          Common arguments for every helm invocation.
+        default: {}
+        options:
+          create_namespace:
+            type: bool
+            default: true
+          chart_repo_url:
+            type: str
+          disable_hook:
+            type: bool
+          history_max:
+            type: int
+          purge:
+            type: bool
+          replace:
+            type: bool
+          skip_crds:
+            type: bool
+          wait:
+            type: bool
+            default: true
+          wait_timeout:
+            type: str
+            default: "5m"
diff --git a/roles/helm-apps/tasks/main.yml b/roles/helm-apps/tasks/main.yml
new file mode 100644
index 000000000..ed55c5ae8
--- /dev/null
+++ b/roles/helm-apps/tasks/main.yml
@@ -0,0 +1,17 @@
+---
+- name: Add Helm repositories
+  kubernetes.core.helm_repository: "{{ helm_repository_defaults | combine(item) }}"
+  loop: "{{ repositories }}"
+
+- name: Update Helm repositories
+  kubernetes.core.helm:
+    state: absent
+    binary_path: "{{ bin_dir }}/helm"
+    release_name: dummy  # trick needed to refresh in separate step
+    release_namespace: kube-system
+    update_repo_cache: true
+  when: repositories != []
+
+- name: Install Helm Applications
+  kubernetes.core.helm: "{{ helm_defaults | combine(release_common_opts, item) }}"
+  loop: "{{ releases }}"
diff --git a/roles/helm-apps/vars/main.yml b/roles/helm-apps/vars/main.yml
new file mode 100644
index 000000000..a7baa66bd
--- /dev/null
+++ b/roles/helm-apps/vars/main.yml
@@ -0,0 +1,7 @@
+---
+helm_defaults:
+  atomic: true
+  binary_path: "{{ bin_dir }}/helm"
+
+helm_repository_defaults:
+  binary_path: "{{ bin_dir }}/helm"