I have a GitOps cluster that uses FluxCD (Kubernetes:v1.25.6-eks-48e63af and Flux: v0.40.2). Currently, each app is a separate HelmRelease in a different file. The Kustomization file lists all the resources and does nothing else. I would like to centralize all the versions of my apps in the Kustomization file. Please note that I am using an image policy to automatically upgrade the apps.
An example of a HelmRelease app I have:
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: linker
namespace: my-apps
spec:
releaseName: linker
interval: 5m
chart:
spec:
chart: linker
version: '0.0.1'
sourceRef:
kind: HelmRepository
name: my-charts
namespace: my-apps
interval: 1m
values:
replicaCount: 1
image:
tag: 1.0.0 # {"$imagepolicy": "flux-system:linker:tag"}
---
apiVersion: image.toolkit.fluxcd.io/v1beta1
kind: ImagePolicy
metadata:
name: linker
namespace: flux-system
spec:
imageRepositoryRef:
name: linker
policy:
semver:
range: '>=1.0.0'
And my Kustomization file (I removed lots of resources for the sake of simplicity):
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- linker.yaml
From there, I thought that I could use patches to centralize versions in my Kustomization file. I've tried the following:
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: linker
namespace: my-apps
spec:
releaseName: linker
interval: 5m
chart:
spec:
chart: linker
sourceRef:
kind: HelmRepository
name: my-charts
namespace: my-apps
interval: 1m
values:
replicaCount: 1
image:
---
apiVersion: image.toolkit.fluxcd.io/v1beta1
kind: ImagePolicy
metadata:
name: linker
namespace: flux-system
spec:
imageRepositoryRef:
name: linker
policy:
semver:
range: '>=1.0.0'
And my Kustomization:
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- linker.yaml
patches:
- target:
name: linker
kind: HelmRelease
patch: |-
- op: add
path: /spec/values/image
value:
tag: 1.0.0 # {"$imagepolicy": "flux-system:linker:tag"}
- op: add
path: /spec/chart/spec
value:
version: 0.0.1
When I run the command kubectl kustomize . to see the manifest it returns, it successfully patches the HelmRelease. However, when I push it with FluxCD, I get the following error: HelmRelease/my-apps/linker dry-run failed, reason: Invalid, error: HelmRelease.helm.toolkit.fluxcd.io "linker" is invalid: [spec.chart.spec.chart: Required value, spec.chart.spec.sourceRef: Required value].
For some reason, it seems that FluxCD doesn't patch the HelmRelease. In addition, I don't even know if the image policy would work in such setting.
What am I doing wrong?
