fix: process resource quota as list (#2055)

Author: merll

charts/team-ns/values.yaml

@@ -8,8 +8,10 @@ cluster:
     disableHttp2: false
 namespace: ""
 resourceQuota:
-  pods: "50"
-  services.loadbalancers: 0
+  - name: pods
+    value: "50"
+  - name: services.loadbalancers
+    value: "0"
 apps: {}
 services: []
 selfService:

helmfile.d/snippets/defaults.gotmpl

@@ -193,8 +193,10 @@ environments:
                 egressPublic: true
                 ingressPrivate: true
             resourceQuota:
-                pods: "50"
-                services.loadbalancers: "0"
+                - name: pods
+                  value: "50"
+                - name: services.loadbalancers
+                  value: "0"
             selfService:
                 apps: []
                 policies:

src/cmd/migrate.ts

@@ -5,7 +5,7 @@ import { randomUUID } from 'crypto'
 import { diff } from 'deep-diff'
 import { copy, createFileSync, move, pathExists, renameSync, rm } from 'fs-extra'
 import { mkdir, readFile, writeFile } from 'fs/promises'
-import { cloneDeep, each, get, isObject, mapKeys, mapValues, omit, pick, pull, set, unset } from 'lodash'
+import { cloneDeep, each, get, isUndefined, isObject, mapKeys, mapValues, omit, pick, pull, set, unset } from 'lodash'
 import { basename, dirname, join } from 'path'
 import { prepareEnvironment } from 'src/common/cli'
 import { decrypt, encrypt } from 'src/common/crypt'
@@ -51,6 +51,7 @@ interface Change {
     [mutation: string]: string
   }>
   networkPoliciesMigration?: boolean
+  teamResourceQuotaMigration?: boolean
 }
 
 export type Changes = Array<Change>
@@ -300,6 +301,23 @@ const networkPoliciesMigration = async (values: Record<string, any>): Promise<vo
   )
 }
 
+const teamResourceQuotaMigration = (values: Record<string, any>) => {
+  Object.entries(values?.teamConfig as Record<string, any>).forEach(([teamName, teamValues]) => {
+    const resourceQuota = teamValues?.settings?.resourceQuota
+    if (!isUndefined(resourceQuota) && !Array.isArray(resourceQuota)) {
+      set(
+        teamValues,
+        'settings.resourceQuota',
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-argument
+        Object.entries(resourceQuota || {}).map(([name, value]) => ({ name, value })),
+      )
+      console.log('Completed migration of resourceQuota for team', teamName)
+    } else {
+      console.log('No migration needed of resourceQuota for team', teamName)
+    }
+  })
+}
+
 const bulkAddition = (path: string, values: any, filePath: string) => {
   // eslint-disable-next-line @typescript-eslint/no-var-requires
   const val = require(filePath)
@@ -362,6 +380,7 @@ export const applyChanges = async (
     }
 
     if (c.networkPoliciesMigration) await networkPoliciesMigration(values)
+    if (c.teamResourceQuotaMigration) teamResourceQuotaMigration(values)
 
     Object.assign(values, { version: c.version })
   }
@@ -530,7 +549,7 @@ export const migrate = async (): Promise<boolean> => {
   }
   const changes: Changes = (await loadYaml(`${rootDir}/values-changes.yaml`))?.changes
   const versions = await loadYaml(`${env.ENV_DIR}/env/settings/versions.yaml`, { noError: true })
-  const prevVersion: number = versions?.specVersion
+  const prevVersion: number = versions?.spec?.specVersion
   if (!prevVersion) {
     d.log('No changes detected, skipping')
     return false

tests/fixtures/env/teams/demo/settings.yaml

@@ -25,7 +25,8 @@ spec:
     oidc:
         groupMapping: somesecretvalue
     resourceQuota:
-        services.loadbalancers: '1'
+        - name: services.loadbalancers
+          value: '1'
     selfService:
         access:
             - shell

values-changes.yaml

@@ -341,3 +341,5 @@ changes:
       - 'databases.keycloak.imported'
       - 'databases.gitea.imported'
       - 'databases.gitea.useOtomiDB'
+  - version: 34
+    teamResourceQuotaMigration: true

values-schema.yaml

@@ -1131,7 +1131,17 @@ definitions:
             x-secret: ''
           resourceQuota:
             description: 'List of kubernetes resource quota. Should adhere to the "spec.hard" format as described here: https://kubernetes.io/docs/concepts/policy/resource-quotas/. Not validated as there is no schema published. Change at your own risk.'
-            type: object
+            type: array
+            items:
+              type: object
+              properties:
+                name:
+                  type: string
+                value:
+                  type: string
+              required:
+                - name
+                - value
           selfService:
             $ref: '#/definitions/teamSelfService'
           alerts:

values/team-ns/team-ns.gotmpl

@@ -17,6 +17,11 @@
   {{- end }}
 {{- end }}
 
+{{- $teamResourceQuotas := dict }}
+{{- range $team | get "settings.resourceQuota" list }}
+{{- $_ := set $teamResourceQuotas .name .value }}
+{{- end }}
+
 apps:
   harbor:
     enabled: {{ $a.harbor.enabled }}
@@ -48,7 +53,7 @@ teamApps: {{- toYaml $teamApps | nindent 2 }}
 teamIds: {{- toYaml (keys $v.teamConfig) | nindent 2 }}
 tracingEnabled: {{ $a.istio.tracing.enabled }}
 services: {{- concat $coreTeamServices $teamServices | toYaml | nindent 2 }}
-resourceQuota: {{- $team | get "settings.resourceQuota" dict | toYaml | nindent 2 }}
+resourceQuota: {{- $teamResourceQuotas | toYaml | nindent 2 }}
 
 gitOps:
   adminPassword: {{ $a.gitea.adminPassword }}