WIP: Refactor deployment and yaml generation to use Helm

Signed-off-by: John McBride <[email protected]>

.github/workflows/deploy-helm-charts.yaml

@@ -0,0 +1,34 @@
+name: Release Helm Charts
+
+on:
+  release:
+    # Only cut new helm charts when a new release is published
+    types: [published]
+
+jobs:
+  release:
+    permissions:
+      contents: write
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout brupop
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Configure Git
+        run: |
+          git config user.name "$GITHUB_ACTOR"
+          git config user.email "[email protected]"
+
+      - name: Install Helm
+        uses: azure/setup-helm@v3
+        with:
+          version: v3.10.0
+
+      - name: Run chart-releaser
+        uses: helm/[email protected]
+        with:
+          charts_dir: deploy/charts
+        env:
+          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"

Cargo.toml

@@ -4,6 +4,6 @@ members = [
     "apiserver",
     "controller",
     "models",
-    "yamlgen",
+    "deploy",
     "integ",
 ]

Makefile

@@ -74,3 +74,10 @@ dist: brupop-image
 clean:
 	-rm -rf target
 	rm -f -- '$(DISTFILE)'
+
+build-manifest:
+	kubectl create namespace brupop-bottlerocket-aws \
+		--dry-run=client \
+		-o yaml > bottlerocket-update-operator.yaml && \
+	helm template deploy/charts/bottlerocket-shadow >> bottlerocket-update-operator.yaml && \
+	helm template deploy/charts/bottlerocket-update-operator >> bottlerocket-update-operator.yaml

README.md

@@ -20,7 +20,7 @@ kubectl apply -f \
   https://github.com/cert-manager/cert-manager/releases/download/v1.8.2/cert-manager.yaml
 ```
 
-2. The Bottlerocket update operator can then be installed using the recommended configuration defined in [bottlerocket-update-operator.yaml](https://github.com/bottlerocket-os/bottlerocket-update-operator/blob/1.0.0/yamlgen/deploy/bottlerocket-update-operator.yaml).
+2. The Bottlerocket update operator can then be installed using the recommended configuration defined in [bottlerocket-update-operator.yaml](https://github.com/bottlerocket-os/bottlerocket-update-operator/blob/1.0.0/deploy/manifests/bottlerocket-update-operator.yaml).
 This YAML file can also be found in the [Brupop release artifacts](https://github.com/bottlerocket-os/bottlerocket-update-operator/releases):
 
 ```sh
@@ -261,12 +261,12 @@ brs-node-2                                         Idle    1.5.1     StagedUpdat
 The update operator provides metrics endpoints which can be scraped by [Prometheus](https://prometheus.io/).
 This allows you to monitor the history of update operations using popular metrics analysis and visualization tools.
 
-We provide a [sample configuration](./yamlgen/telemetry/prometheus-resources.yaml) which demonstrates a Prometheus deployment into the cluster that is configured to gather metrics data from the update operator.
+We provide a [sample configuration](./deploy/telemetry/prometheus-resources.yaml) which demonstrates a Prometheus deployment into the cluster that is configured to gather metrics data from the update operator.
 
 To deploy the sample configuration, you can use `kubectl`:
 
 ```sh
-kubectl apply -f ./yamlgen/telemetry/prometheus-resources.yaml
+kubectl apply -f ./deploy/telemetry/prometheus-resources.yaml
 ```
 
 Now that Prometheus is running in the cluster, you can use the UI provided to visualize the cluster's history.
@@ -335,7 +335,7 @@ Example regional image URI:
 
 ## Troubleshooting
 
-When installed with the [default deployment](https://github.com/bottlerocket-os/bottlerocket-update-operator/blob/v1.0.0/yamlgen/deploy/bottlerocket-update-operator.yaml), the logs can be fetched through Kubernetes deployment logs.
+When installed with the [default deployment](https://github.com/bottlerocket-os/bottlerocket-update-operator/blob/v1.0.0/deploy/manifests/bottlerocket-update-operator.yaml), the logs can be fetched through Kubernetes deployment logs.
 Because mutations to a node are orchestrated through the API server component, searching those deployment logs for a node ID can be useful.
 To get logs for the API server, run the following:
 
@@ -406,7 +406,7 @@ Firstly, modify the `.env` file to contain the desired image name, as well as a
 Then run the following to regenerate the `.yaml` resource definitions:
 
 ```sh
-cargo build -p yamlgen
+cargo build -p deploy
 ```
 
 These can of course be deployed using `kubectl apply` or the automatic integration testing tool [integ](https://github.com/bottlerocket-os/bottlerocket-update-operator/tree/develop/integ).

agent/src/main.rs

@@ -7,8 +7,7 @@ use kube::runtime::reflector;
 use kube::runtime::watcher::watcher;
 use kube::runtime::WatchStreamExt;
 use kube::Api;
-use models::agent::{AGENT_TOKEN_PATH, TOKEN_PROJECTION_MOUNT_PATH};
-use models::constants::NAMESPACE;
+use models::constants::{AGENT_TOKEN_PATH, AGENT_TOKEN_PROJECTION_MOUNT_PATH, NAMESPACE};
 
 use models::node::{brs_name_from_node_name, BottlerocketShadow};
 
@@ -45,7 +44,7 @@ async fn run_agent() -> Result<()> {
         .context(agent_error::ClientCreateSnafu)?;
 
     // Configure our brupop apiserver client to use the auth token mounted to our Pod.
-    let token_path = Path::new(TOKEN_PROJECTION_MOUNT_PATH).join(AGENT_TOKEN_PATH);
+    let token_path = Path::new(AGENT_TOKEN_PROJECTION_MOUNT_PATH).join(AGENT_TOKEN_PATH);
     let token_path = token_path.to_str().context(agent_error::AssertionSnafu {
         message: "Token path (defined in models/agent.rs) is not valid unicode.",
     })?;