version |
---|
v3.5.2 |
With lifecycle hooks, you can declaratively define certain operations to perform before and/or after helmsman operations. These operations can be running installing dependencies (e.g. CRDs), executing certain tests, sending custom notifications, etc. Another useful use-case is if you are using a 3rd party chart which does not define native helm lifecycle hooks that you wish to have.
- Hook operations can be defined in a Kubernetes manifest. They can be any kubernetes resource(s) (jobs, cron jobs, deployments, pods, etc).
- You can only define one manifest file for each lifecycle hook. So make sure all your needed resources are in this manifest.
- Hook operations can also be a script or a command.
- Script or manifest paths must be either absolute or relative to the DSF.
- Hook k8s manifests can also be defined as an URL.
hook types are case sensitive. Also, note the camleCase.
preInstall
: before installing a release.postInstall
: after installing a release.preUpgrade
: before upgrading a release.postUpgrade
: after upgrading a release.preDelete
: before uninstalling a release.postDelete
: after uninstalling a release.
The following items can be defined in the hooks stanza:
pre/postInstall, pre/postUpgrade, pre/postDelete:
A valid path (URL, cloud bucket, local file path) to your hook's k8s manifest or a valid path to a script or a shell command.
The following options only apply to kubernetes manifest type of hooks.
successCondition:
The Kubernetes status condition that indicates that your resources have finished their job successfully. You can find out what the status conditions are for different k8s resources with a kubectl command similar to: kubectl get job -o=jsonpath='{range .items[*]}{.status.conditions[0].type}{"\n"}{end}'
- For jobs, it is
Complete
- For pods, it is
Initialized
- For deployments, it is
Available
successTimeout: (default 30s)
How much time to wait for the successCondition
deleteOnSuccess: (true/false)
Indicates if you wish to delete the hook's manifest after the hook succeeds. This is only used if you define successCondition
Note: successCondition, deleteOnSuccess and successTimeout are ignored when the
--dry-run
flag is used.
You can define two types of hooks in your desired state file:
Global hooks:
Are defined in the settings
stanza and are inherited by all releases in the DSF if they haven't defined their own.
These are defined as follows:
[settings]
#...
[settings.globalHooks]
successCondition= "Initialized"
deleteOnSuccess= true
postInstall= "job.yaml"
settings:
#...
globalHooks:
successCondition: "Initialized"
deleteOnSuccess: true
postInstall: "job.yaml"
#...
App-specific hooks:
Each app (release) can define its own hooks which override any global ones.
These are defined as follows:
[apps]
[apps.argo]
namespace = "production" # maps to the namespace as defined in namespaces above
enabled = true # change to false if you want to delete this app release [default = false]
chart = "argo/argo" # changing the chart name means delete and recreate this release
version = "0.6.4" # chart version
[apps.argo.hooks]
successCondition= "Complete"
successTimeout= "90s"
deleteOnSuccess= true
preInstall="job.yaml"
preInstall="https://github.com/jetstack/cert-manager/releases/download/v0.14.0/cert-manager.crds.yaml"
postInstall="https://raw.githubusercontent.com/jetstack/cert-manager/release-0.14/deploy/manifests/00-crds.yaml"
preUpgrade="job.yaml"
postUpgrade="job.yaml"
preDelete="job.yaml"
postDelete="job.yaml"
apps:
argo:
namespace: "staging" # maps to the namespace as defined in namespaces above
enabled: true # change to false if you want to delete this app release empty: false:
chart: "argo/argo" # changing the chart name means delete and recreate this chart
version: "0.6.5" # chart version
hooks:
successCondition: "Complete"
successTimeout: "90s"
deleteOnSuccess: true
preInstall: "job.yaml"
preInstall: "https://github.com/jetstack/cert-manager/releases/download/v0.14.0/cert-manager.crds.yaml"
postInstall: "https://raw.githubusercontent.com/jetstack/cert-manager/release-0.14/deploy/manifests/00-crds.yaml"
postInstall: "job.yaml"
preUpgrade: "job.yaml"
postUpgrade: "job.yaml"
preDelete: "job.yaml"
postDelete: "job.yaml"
You can do that by setting deleteOnSuccess
to true in the globalHooks
stanza under settings
. If you need to make an exception for some app, you can set it to false
in the hooks
stanza of this app. This overrides the global hooks.
You can expand variables/parameters in the hook manifests at run time in one of the following ways:
-
use env variables (defined as
$MY_VAR
in your manifests) and run helmsman with--subst-env-values
. Environment variables can be read from the environment or you can load them from an env file -
use AWS SSM parameters (defined as
{{ssm: MY_PARAM }}
in your manifests) and run helmsman with--subst-ssm-values
. -
Pass encrypted values with hiera-eyaml
- You can only have one manifest file per lifecycle.
- If you have multiple k8s resources in your hook manifest file,
successCondition
may not work. - pre/postDelete hooks are not respected before/after deleting untracked releases (releases which are no longer defined in your desired state file).