helm-diff: Failure to honor lookup function
Unpack diffdemo.zip whose interesting part is
apiVersion: v1
kind: Secret
metadata:
name: x
type: Opaque
data:
{{- $existing := (lookup "v1" "Secret" .Release.Namespace "x" ) }}
{{- if $existing }}
text: {{ index $existing.data "text" }}
{{- else }}
text: {{ (randAlpha 10) | b64enc}}
{{- end }}
and then run
$ helm install test .
NAME: test
LAST DEPLOYED: Mon Mar 1 09:13:24 2021
NAMESPACE: difftest
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
kubectl get secret --namespace difftest x -o go-template="{{.data.text | base64decode}}{{\"\n\"}}"
$ kubectl get secret --namespace difftest x -o go-template="{{.data.text | base64decode}}{{\"\n\"}}"
eLbQJJESrO
$ helm upgrade test .
Release "test" has been upgraded. Happy Helming!
NAME: test
LAST DEPLOYED: Mon Mar 1 09:13:37 2021
NAMESPACE: difftest
STATUS: deployed
REVISION: 2
TEST SUITE: None
NOTES:
kubectl get secret --namespace difftest x -o go-template="{{.data.text | base64decode}}{{\"\n\"}}"
$ kubectl get secret --namespace difftest x -o go-template="{{.data.text | base64decode}}{{\"\n\"}}"
eLbQJJESrO
$ helm diff upgrade test .
difftest, x, Secret (v1) has changed:
# Source: diffdemo/templates/secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: x
data:
- text: '-------- # (10 bytes)'
+ text: '++++++++ # (10 bytes)'
type: Opaque
helm diff upgrade claims that secret/x would change if helm upgrade were run, when in fact it would not. See #176 and https://github.com/helm/charts/issues/5167#issuecomment-641558251.
(Helm 3.5.2, Microk8s 1.20.2, kubectl 1.20.4, helm-diff freshly installed so I suppose 3.1.3.)
About this issue
- Original URL
- State: closed
- Created 3 years ago
- Reactions: 9
- Comments: 17 (2 by maintainers)
I do not think this should be considered stale as it is an ongoing problem with no known workaround.
We now have the ability to use
helm upgrade --dry-runinstead ofhelm templateto render the chart (#330). Andupgrade --dry-runseems to have a chance to get cluster access(even though it doesn’t look exactly like what I’d expect for adry-runoperation…So, this should be possible with HELM_DIFF_USE_UPGARDE_DRY_RUN=true once https://github.com/helm/helm/pull/9426 gets merged upstream.