Refactor fluxcd 2.3 update

Signed-off-by: Andrei Kvapil <kvapss@gmail.com>

packages/core/fluxcd/Makefile

@@ -7,13 +7,15 @@ show:
 	helm template -n $(NAMESPACE) $(NAME) . --no-hooks --dry-run=server $(API_VERSIONS_FLAGS)
 
 apply:
-	helm template -n $(NAMESPACE) $(NAME) . --no-hooks -f valuesFile.yaml -f flux-customizations.yaml \
+	helm template -n $(NAMESPACE) $(NAME) . --no-hooks \
 		--dry-run=server $(API_VERSIONS_FLAGS) | kubectl apply -n $(NAMESPACE) -f-
 
 diff:
-	helm template -n $(NAMESPACE) $(NAME) . --no-hooks -f valuesFile.yaml -f flux-customizations.yaml \
+	helm template -n $(NAMESPACE) $(NAME) . --no-hooks \
 		--dry-run=server $(API_VERSIONS_FLAGS) | kubectl diff -n $(NAMESPACE) -f-
 
 update:
 	rm -rf charts
 	helm pull oci://ghcr.io/controlplaneio-fluxcd/charts/flux-operator --untar --untardir charts
+	patch -p1 --no-backup-if-mismatch < patches/hostNetwork.diff
+	patch -p1 --no-backup-if-mismatch < patches/kubernetesEnvs.diff

packages/core/fluxcd/charts/flux-operator/templates/deployment.yaml

@@ -58,9 +58,7 @@ spec:
             - name: MARKETPLACE_LICENSE
               value: {{ . }}
             {{- end }}
-            {{- if .Values.extraEnvs }}
-              {{- toYaml .Values.extraEnvs | nindent 12 }}
-            {{- end }}
+            {{- include "cozy.kubernetes_envs" . | nindent 12 }}
           securityContext:
             {{- toYaml .Values.securityContext | nindent 12 }}
           image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"

packages/core/fluxcd/charts/flux-operator/values.schema.json

@@ -71,13 +71,6 @@
             "properties": {},
             "type": "object"
         },
-        "extraEnvs": {
-            "items": {
-                "type": "object"
-            },
-            "type": "array",
-            "uniqueItems": true
-        },
         "fullnameOverride": {
             "type": "string"
         },

packages/core/fluxcd/charts/flux-operator/values.yaml

@@ -90,6 +90,3 @@ marketplace:
 
 # -- If `true`, start flux-operator in hostNetwork mode.
 hostNetwork: false
-
-# -- Add environment variables eg. for kubeprism KUBERNETES_SERVICE_HOST and _PORT
-extraEnvs: [ ]

packages/core/fluxcd/patches/hostNetwork.diff

@@ -0,0 +1,52 @@
+diff --git a/charts/flux-operator/README.md b/charts/flux-operator/README.md
+index 071e024..2fccc5f 100644
+--- a/charts/flux-operator/README.md
++++ b/charts/flux-operator/README.md
+@@ -36,6 +36,7 @@ see the Flux Operator [documentation](https://fluxcd.control-plane.io/operator/)
+ | commonAnnotations | object | `{}` | Common annotations to add to all deployed objects including pods. |
+ | commonLabels | object | `{}` | Common labels to add to all deployed objects including pods. |
+ | fullnameOverride | string | `""` |  |
++| hostNetwork | bool | `false` | If `true`, start flux-operator in hostNetwork mode. |
+ | image | object | `{"pullSecrets":[],"repository":"ghcr.io/controlplaneio-fluxcd/flux-operator","tag":""}` | Container image settings. The image tag defaults to the chart appVersion. |
+ | installCRDs | bool | `true` | Install and upgrade the custom resource definitions. |
+ | livenessProbe | object | `{"httpGet":{"path":"/healthz","port":8081},"initialDelaySeconds":15,"periodSeconds":20}` | Container liveness probe settings. |
+diff --git a/charts/flux-operator/templates/deployment.yaml b/charts/flux-operator/templates/deployment.yaml
+index 2d75821..8ffd8d8 100644
+--- a/charts/flux-operator/templates/deployment.yaml
++++ b/charts/flux-operator/templates/deployment.yaml
+@@ -40,6 +40,9 @@ spec:
+       securityContext:
+         {{- toYaml . | nindent 8 }}
+       {{- end }}
++      {{- if .Values.hostNetwork }}
++      hostNetwork: true
++      {{- end }}
+       containers:
+         - name: manager
+           env:
+diff --git a/charts/flux-operator/values.schema.json b/charts/flux-operator/values.schema.json
+index 85e4d02..64270a7 100644
+--- a/charts/flux-operator/values.schema.json
++++ b/charts/flux-operator/values.schema.json
+@@ -74,6 +74,10 @@
+         "fullnameOverride": {
+             "type": "string"
+         },
++        "hostNetwork": {
++            "default": false,
++            "type": "boolean"
++        },
+         "image": {
+             "properties": {
+                 "pullSecrets": {
+diff --git a/charts/flux-operator/values.yaml b/charts/flux-operator/values.yaml
+index 59b8a23..7ecefc0 100644
+--- a/charts/flux-operator/values.yaml
++++ b/charts/flux-operator/values.yaml
+@@ -87,3 +87,6 @@ tolerations: [ ] # @schema item: object ; uniqueItems: true
+ marketplace:
+   license: ""
+   account: ""
++
++# -- If `true`, start flux-operator in hostNetwork mode.
++hostNetwork: false

packages/core/fluxcd/patches/kubernetesEnvs.diff

@@ -0,0 +1,12 @@
+diff --git a/packages/core/fluxcd/charts/flux-operator/templates/deployment.yaml b/packages/core/fluxcd/charts/flux-operator/templates/deployment.yaml
+index 8ffd8d8..5ad96a8 100644
+--- a/charts/flux-operator/templates/deployment.yaml
++++ b/charts/flux-operator/templates/deployment.yaml
+@@ -58,6 +58,7 @@ spec:
+             - name: MARKETPLACE_LICENSE
+               value: {{ . }}
+             {{- end }}
++            {{- include "cozy.kubernetes_envs" . | nindent 12 }}
+           securityContext:
+             {{- toYaml .Values.securityContext | nindent 12 }}
+           image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"

packages/core/fluxcd/templates/_helpers.tpl

@@ -0,0 +1,13 @@
+{{- define "cozy.kubernetes_envs" }}
+{{- $cozyDeployment := lookup "apps/v1" "Deployment" "cozy-system" "cozystack" }}
+{{- $cozyContainers := dig "spec" "template" "spec" "containers" dict $cozyDeployment }}
+{{- range $cozyContainers }}
+{{- if eq .name "cozystack" }}
+{{- range .env }}
+{{- if has .name (list "KUBERNETES_SERVICE_HOST" "KUBERNETES_SERVICE_PORT") }}
+- {{ toJson . }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}

packages/core/fluxcd/values.yaml

@@ -1,3 +1,10 @@
+flux-operator:
+  tolerations:
+    - key: node.kubernetes.io/not-ready
+      operator: Exists
+      effect: NoSchedule
+  hostNetwork: true
+
 fluxInstance:
   # cluster:
   #   domain: cozy.local
@@ -10,4 +17,38 @@ fluxInstance:
     - helm-controller
     - notification-controller
     - image-reflector-controller
-    - image-automation-controller
+    - image-automation-controller
+  kustomize:
+    patches:
+      - target:
+          kind: Deployment
+          name: "(kustomize-controller|helm-controller|source-controller)"
+        patch: |
+          - op: add
+            path: /spec/template/spec/containers/0/args/-
+            value: --concurrent=20
+          - op: add
+            path: /spec/template/spec/containers/0/args/-
+            value: --requeue-dependency=5s
+          - op: replace
+            path: /spec/template/spec/containers/0/resources/limits
+            value:
+              cpu: 2000m
+              memory: 2048Mi
+      - target:
+          kind: Deployment
+          name: source-controller
+        patch: |
+          - op: add
+            path: /spec/template/spec/containers/0/args/-
+            value: --storage-adv-addr=source-controller.cozy-fluxcd.svc
+          - op: add
+            path: /spec/template/spec/containers/0/args/-
+            value: --events-addr=http://notification-controller.cozy-fluxcd.svc/
+      - target:
+          kind: Deployment
+          name: (kustomize-controller|helm-controller|image-reflector-controller|image-automation-controller)
+        patch: |
+          - op: add
+            path: /spec/template/spec/containers/0/args/-
+            value: --events-addr=http://notification-controller.cozy-fluxcd.svc/