refactor(helm): Unified Naming Truncation and Bug Fixes (#8143)

* refactor(helm): add componentName helper for truncation * fix(helm): unify ingress backend naming with truncation * fix(helm): unify statefulset/deployment naming with truncation * fix(helm): add missing labels to services for servicemonitor discovery * chore(helm): secure secrets and add upgrade notes * fix(helm): truncate context instead of suffix in componentName * revert(docs): remove upgrade notes per feedback * fix(helm): use componentName for COSI serviceAccountName * helm: update master -ip to use component name for correct truncation * helm: refactor masterServers helper to use truncated component names * helm: update volume -ip to use component name and cleanup redundant printf * helm: refine helpers with robustness check and updated docs
2 days ago · 4f5f1f6be7
18 changed files with 56 additions and 35 deletions
--- a/k8s/charts/seaweedfs/README.md
+++ b/k8s/charts/seaweedfs/README.md
@ -1,6 +1,5 @@
 # SEAWEEDFS - helm chart (2.x+)

-## Getting Started

 ### Add the helm repo

--- a/k8s/charts/seaweedfs/templates/admin/admin-ingress.yaml
+++ b/k8s/charts/seaweedfs/templates/admin/admin-ingress.yaml
@ -42,11 +42,11 @@ spec:
        backend:
 {{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion }}
          service:
-            name: {{ include "seaweedfs.fullname" . }}-admin
+            name: {{ include "seaweedfs.componentName" (list . "admin") }}
            port:
              number: {{ .Values.admin.port }}
 {{- else }}
-          serviceName: {{ include "seaweedfs.fullname" . }}-admin
+          serviceName: {{ include "seaweedfs.componentName" (list . "admin") }}
          servicePort: {{ .Values.admin.port }}
 {{- end }}
 {{- end }}
--- a/k8s/charts/seaweedfs/templates/admin/admin-statefulset.yaml
+++ b/k8s/charts/seaweedfs/templates/admin/admin-statefulset.yaml
@ -8,7 +8,7 @@
 apiVersion: apps/v1
 kind: StatefulSet
 metadata:
-  name: {{ include "seaweedfs.fullname" . }}-admin
+  name: {{ include "seaweedfs.componentName" (list . "admin") }}
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ template "seaweedfs.name" . }}
@ -21,7 +21,7 @@ metadata:
    {{- toYaml .Values.admin.annotations | nindent 4 }}
 {{- end }}
 spec:
-  serviceName: {{ include "seaweedfs.fullname" . }}-admin
+  serviceName: {{ include "seaweedfs.componentName" (list . "admin") }}
  podManagementPolicy: {{ .Values.admin.podManagementPolicy }}
  replicas: {{ .Values.admin.replicas }}
  selector:
--- a/k8s/charts/seaweedfs/templates/cosi/cosi-deployment.yaml
+++ b/k8s/charts/seaweedfs/templates/cosi/cosi-deployment.yaml
@ -57,7 +57,7 @@ spec:
      priorityClassName: {{ .Values.cosi.priorityClassName | quote }}
      {{- end }}
      enableServiceLinks: false
-      serviceAccountName: {{ .Values.global.serviceAccountName }}-objectstorage-provisioner
+      serviceAccountName: {{ include "seaweedfs.componentName" (list . "objectstorage-provisioner") }}
      {{- if .Values.cosi.initContainers }}
      initContainers:
        {{ tpl .Values.cosi.initContainers . | nindent 8 | trim }}
@ -78,16 +78,16 @@ spec:
              {{- else if .Values.s3.ingress.enabled }}
              value: "{{ printf "https://%s" .Values.s3.ingress.host }}"
              {{- else if .Values.s3.enabled }}
-              value: "{{ printf "https://%s-s3.%s.svc" (include "seaweedfs.fullname" .) .Release.Namespace }}"
+              value: "{{ printf "https://%s.%s.svc" (include "seaweedfs.componentName" (list . "s3")) .Release.Namespace }}"
              {{- else }}
-              value: "{{ printf "https://%s-filer.%s.svc" (include "seaweedfs.fullname" .) .Release.Namespace }}"
+              value: "{{ printf "https://%s.%s.svc" (include "seaweedfs.componentName" (list . "filer")) .Release.Namespace }}"
              {{- end }}
            {{- with .Values.cosi.region }}
            - name: REGION
              value: "{{ . }}"
            {{- end }}
            - name: SEAWEEDFS_FILER
-              value: "{{ include "seaweedfs.fullname" . }}-filer:{{ .Values.filer.grpcPort }}"
+              value: "{{ include "seaweedfs.componentName" (list . "filer") }}:{{ .Values.filer.grpcPort }}"
            {{- if .Values.global.enableSecurity }}
            - name: WEED_GRPC_CLIENT_KEY
              value: /usr/local/share/ca-certificates/client/tls.key
--- a/k8s/charts/seaweedfs/templates/filer/filer-ingress.yaml
+++ b/k8s/charts/seaweedfs/templates/filer/filer-ingress.yaml
@ -2,7 +2,7 @@
 {{- $filerEnabled := or .Values.filer.enabled .Values.allInOne.enabled }}
 {{- if and $filerEnabled .Values.filer.ingress.enabled }}
 {{- /* Determine service name based on deployment mode */}}
-{{- $serviceName := ternary (printf "%s-all-in-one" (include "seaweedfs.fullname" .)) (printf "%s-filer" (include "seaweedfs.fullname" .)) .Values.allInOne.enabled }}
+{{- $serviceName := ternary (include "seaweedfs.componentName" (list . "all-in-one")) (include "seaweedfs.componentName" (list . "filer")) .Values.allInOne.enabled }}
 {{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion }}
 apiVersion: networking.k8s.io/v1
 {{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion }}
--- a/k8s/charts/seaweedfs/templates/filer/filer-statefulset.yaml
+++ b/k8s/charts/seaweedfs/templates/filer/filer-statefulset.yaml
@ -2,7 +2,7 @@
 apiVersion: apps/v1
 kind: StatefulSet
 metadata:
-  name: {{ include "seaweedfs.fullname" . }}-filer
+  name: {{ include "seaweedfs.componentName" (list . "filer") }}
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ template "seaweedfs.name" . }}
@ -15,7 +15,7 @@ metadata:
    {{- toYaml .Values.filer.annotations | nindent 4 }}
 {{- end }}
 spec:
-  serviceName: {{ include "seaweedfs.fullname" . }}-filer
+  serviceName: {{ include "seaweedfs.componentName" (list . "filer") }}
  podManagementPolicy: {{ .Values.filer.podManagementPolicy }}
  replicas: {{ .Values.filer.replicas }}
  {{- if (gt (int .Values.filer.updatePartition) 0) }}
--- a/k8s/charts/seaweedfs/templates/master/master-ingress.yaml
+++ b/k8s/charts/seaweedfs/templates/master/master-ingress.yaml
@ -33,15 +33,15 @@ spec:
            backend:
 {{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion }}
              service:
-                name: {{ include "seaweedfs.fullname" . }}-master
+                name: {{ include "seaweedfs.componentName" (list . "master") }}
                port:
                  number: {{ .Values.master.port }}
                  #name:
 {{- else }}
-              serviceName: {{ include "seaweedfs.fullname" . }}-master
+              serviceName: {{ include "seaweedfs.componentName" (list . "master") }}
              servicePort: {{ .Values.master.port }}
 {{- end }}
-{{- if .Values.filer.ingress.host }}
+{{- if .Values.master.ingress.host }}
      host: {{ .Values.master.ingress.host }}
 {{- end }}
 {{- end }}
--- a/k8s/charts/seaweedfs/templates/master/master-service.yaml
+++ b/k8s/charts/seaweedfs/templates/master/master-service.yaml
@ -9,6 +9,7 @@ metadata:
    app.kubernetes.io/component: master
    helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
  annotations:
    service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
 {{- if .Values.master.annotations }}
--- a/k8s/charts/seaweedfs/templates/master/master-statefulset.yaml
+++ b/k8s/charts/seaweedfs/templates/master/master-statefulset.yaml
@ -2,7 +2,7 @@
 apiVersion: apps/v1
 kind: StatefulSet
 metadata:
-  name: {{ include "seaweedfs.fullname" . }}-master
+  name: {{ include "seaweedfs.componentName" (list . "master") }}
  namespace: {{ .Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ template "seaweedfs.name" . }}
@ -15,7 +15,7 @@ metadata:
    {{- toYaml .Values.master.annotations | nindent 4 }}
 {{- end }}
 spec:
-  serviceName: {{ include "seaweedfs.fullname" . }}-master
+  serviceName: {{ include "seaweedfs.componentName" (list . "master") }}
  podManagementPolicy: {{ .Values.master.podManagementPolicy }}
  replicas: {{ .Values.master.replicas }}
  {{- if (gt (int .Values.master.updatePartition) 0) }}
@ -183,7 +183,7 @@ spec:
              {{- if .Values.master.garbageThreshold }}
              -garbageThreshold={{ .Values.master.garbageThreshold }} \
              {{- end }}
-              -ip=${POD_NAME}.${SEAWEEDFS_FULLNAME}-master.{{ .Release.Namespace }} \
+              -ip=${POD_NAME}.{{ include "seaweedfs.componentName" (list . "master") }}.{{ .Release.Namespace }} \
              -peers={{ include "seaweedfs.masterServers" . }} \
              {{- range .Values.master.extraArgs }}
              {{ . }} \
--- a/k8s/charts/seaweedfs/templates/s3/s3-deployment.yaml
+++ b/k8s/charts/seaweedfs/templates/s3/s3-deployment.yaml
@ -149,7 +149,7 @@ spec:
              {{- if .Values.s3.auditLogConfig }}
              -auditLogConfig=/etc/sw/s3_auditLogConfig.json \
              {{- end }}
-              -filer={{ include "seaweedfs.fullname" . }}-filer-client.{{ .Release.Namespace }}:{{ .Values.filer.port }} \
+              -filer={{ include "seaweedfs.componentName" (list . "filer-client") }}.{{ .Release.Namespace }}:{{ .Values.filer.port }} \
              {{- range .Values.s3.extraArgs }}
              {{ . }} \
              {{- end }}
--- a/k8s/charts/seaweedfs/templates/s3/s3-ingress.yaml
+++ b/k8s/charts/seaweedfs/templates/s3/s3-ingress.yaml
@ -2,7 +2,7 @@
 {{- $s3Enabled := or .Values.s3.enabled (and .Values.filer.s3.enabled (not .Values.allInOne.enabled)) (and .Values.allInOne.enabled .Values.allInOne.s3.enabled) }}
 {{- if and $s3Enabled .Values.s3.ingress.enabled }}
 {{- /* Determine service name based on deployment mode */}}
-{{- $serviceName := ternary (printf "%s-all-in-one" (include "seaweedfs.fullname" .)) (printf "%s-s3" (include "seaweedfs.fullname" .)) .Values.allInOne.enabled }}
+{{- $serviceName := ternary (include "seaweedfs.componentName" (list . "all-in-one")) (include "seaweedfs.componentName" (list . "s3")) .Values.allInOne.enabled }}
 {{- $s3Port := .Values.allInOne.s3.port | default .Values.s3.port }}
 {{- /* Build hosts list - support both legacy .host (string) and new .hosts (array) for backwards compatibility */}}
 {{- $hosts := list }}
--- a/k8s/charts/seaweedfs/templates/s3/s3-secret.yaml
+++ b/k8s/charts/seaweedfs/templates/s3/s3-secret.yaml
@ -1,6 +1,11 @@
 {{- if or (and (or .Values.s3.enabled .Values.allInOne.enabled) .Values.s3.enableAuth (not .Values.s3.existingConfigSecret)) (and .Values.filer.s3.enabled .Values.filer.s3.enableAuth (not .Values.filer.s3.existingConfigSecret)) }}
 {{- $secretName := printf "%s-s3-secret" (include "seaweedfs.fullname" .) }}
-{{- $existingSecret := lookup "v1" "Secret" .Release.Namespace (default $secretName .Values.s3.legacySecretName) }}
+{{- $legacySecretName := "seaweedfs-s3-secret" }}
+{{- $lookupName := $secretName }}
+{{- if .Values.s3.reuseLegacySecret }}
+{{-   $lookupName = default $legacySecretName .Values.s3.legacySecretName }}
+{{- end }}
+{{- $existingSecret := lookup "v1" "Secret" .Release.Namespace $lookupName }}
 {{- $reuse := false }}
 {{- if and .Values.s3.reuseLegacySecret $existingSecret }}
 {{- $reuse = true }}
--- a/k8s/charts/seaweedfs/templates/s3/s3-service.yaml
+++ b/k8s/charts/seaweedfs/templates/s3/s3-service.yaml
@ -9,6 +9,7 @@ metadata:
    app.kubernetes.io/component: s3
    helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/instance: {{ .Release.Name }}
 {{- if .Values.s3.annotations }}
  annotations:
    {{- toYaml .Values.s3.annotations | nindent 4 }}
--- a/k8s/charts/seaweedfs/templates/sftp/sftp-deployment.yaml
+++ b/k8s/charts/seaweedfs/templates/sftp/sftp-deployment.yaml
@ -171,7 +171,7 @@ spec:
              -key.file=/usr/local/share/ca-certificates/client/tls.key \
              {{- end }}
              -userStoreFile=/etc/sw/seaweedfs_sftp_config \
-              -filer={{ include "seaweedfs.fullname" . }}-filer-client.{{ .Release.Namespace }}:{{ .Values.filer.port }}
+              -filer={{ include "seaweedfs.componentName" (list . "filer-client") }}.{{ .Release.Namespace }}:{{ .Values.filer.port }}
          volumeMounts:
            {{- if or (eq .Values.sftp.logs.type "hostPath") (eq .Values.sftp.logs.type "emptyDir") }}
            - name: logs
--- a/k8s/charts/seaweedfs/templates/shared/_helpers.tpl
+++ b/k8s/charts/seaweedfs/templates/shared/_helpers.tpl
@ -17,6 +17,22 @@ be used as a full name.
 {{- end -}}
 {{- end -}}

+{{/*
+Create a truncated component name.
+Usage: {{ include "seaweedfs.componentName" (list . "component-suffix") }}
+*/}}
+{{- define "seaweedfs.componentName" -}}
+{{- $context := index . 0 -}}
+{{- $suffix := index . 1 -}}
+{{- if gt (len $suffix) 61 -}}
+{{-   fail (printf "Suffix '%s' is too long for componentName helper. Max length is 61." $suffix) -}}
+{{- end -}}
+{{- $fullname := include "seaweedfs.fullname" $context -}}
+{{- $maxLen := sub 62 (len $suffix) | int -}}
+{{- $truncatedFullname := trunc $maxLen $fullname | trimSuffix "-" -}}
+{{- printf "%s-%s" $truncatedFullname $suffix -}}
+{{- end -}}
+
 {{/*
 Create chart name and version as used by the chart label.
 */}}
@ -261,7 +277,7 @@ If allInOne is enabled, point to the all-in-one service; otherwise, point to the
 {{- if .Values.allInOne.enabled -}}
 {{-   $serviceNameSuffix = "-all-in-one" -}}
 {{- end -}}
-{{- printf "%s%s.%s:%d" (include "seaweedfs.fullname" .) $serviceNameSuffix .Release.Namespace (int .Values.master.port) -}}
+{{- printf "%s.%s:%d" (printf "%s%s" (include "seaweedfs.fullname" .) $serviceNameSuffix | trunc 63 | trimSuffix "-") .Release.Namespace (int .Values.master.port) -}}
 {{- end -}}

 {{/*
@ -273,19 +289,19 @@ If allInOne is enabled, point to the all-in-one service; otherwise, point to the
 {{- if .Values.allInOne.enabled -}}
 {{-   $serviceNameSuffix = "-all-in-one" -}}
 {{- end -}}
-{{- printf "%s%s.%s:%d" (include "seaweedfs.fullname" .) $serviceNameSuffix .Release.Namespace (int .Values.filer.port) -}}
+{{- printf "%s.%s:%d" (printf "%s%s" (include "seaweedfs.fullname" .) $serviceNameSuffix | trunc 63 | trimSuffix "-") .Release.Namespace (int .Values.filer.port) -}}
 {{- end -}}

 {{/*
 Generate comma-separated list of master server addresses.
 Usage: {{ include "seaweedfs.masterServers" . }}
-Output example: ${SEAWEEDFS_FULLNAME}-master-0.${SEAWEEDFS_FULLNAME}-master.namespace:9333,${SEAWEEDFS_FULLNAME}-master-1...
+Output example: my-release-master-0.my-release-master.namespace:9333,my-release-master-1...
 */}}
 {{- define "seaweedfs.masterServers" -}}
-{{- $fullname := include "seaweedfs.fullname" . -}}
+{{- $masterName := include "seaweedfs.componentName" (list . "master") -}}
 {{- range $index := until (.Values.master.replicas | int) -}}
 {{- if $index }},{{ end -}}
-${SEAWEEDFS_FULLNAME}-master-{{ $index }}.${SEAWEEDFS_FULLNAME}-master.{{ $.Release.Namespace }}:{{ $.Values.master.port }}
+{{ $masterName }}-{{ $index }}.{{ $masterName }}.{{ $.Release.Namespace }}:{{ $.Values.master.port }}
 {{- end -}}
 {{- end -}}

--- a/k8s/charts/seaweedfs/templates/shared/secret-seaweedfs-db.yaml
+++ b/k8s/charts/seaweedfs/templates/shared/secret-seaweedfs-db.yaml
@ -15,7 +15,6 @@ metadata:
    app.kubernetes.io/instance: {{ .Release.Name }}
 stringData:
  user: "YourSWUser"
-  password: "HardCodedPassword"
-  # better to random generate and create in DB
-  # password: {{ randAlphaNum 10 | sha256sum | b64enc | trunc 32 }}
+  # auto-generated password
+  password: {{ randAlphaNum 10 | sha256sum | b64enc | trunc 32 }}
 {{- end }}
--- a/k8s/charts/seaweedfs/templates/volume/volume-ingress.yaml
+++ b/k8s/charts/seaweedfs/templates/volume/volume-ingress.yaml
@ -42,11 +42,11 @@ spec:
        backend:
 {{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion }}
          service:
-            name: {{ include "seaweedfs.fullname" . }}-volume
+            name: {{ include "seaweedfs.componentName" (list . "volume") }}
            port:
              number: {{ .Values.volume.port }}
 {{- else }}
-          serviceName: {{ include "seaweedfs.fullname" . }}-volume
+          serviceName: {{ include "seaweedfs.componentName" (list . "volume") }}
          servicePort: {{ .Values.volume.port }}
 {{- end }}
 {{- end }}
--- a/k8s/charts/seaweedfs/templates/volume/volume-statefulset.yaml
+++ b/k8s/charts/seaweedfs/templates/volume/volume-statefulset.yaml
@ -8,7 +8,7 @@
 apiVersion: apps/v1
 kind: StatefulSet
 metadata:
-  name: {{ include "seaweedfs.fullname" $ }}-{{ $volumeName }}
+  name: {{ include "seaweedfs.componentName" (list $ $volumeName) }}
  namespace: {{ $.Release.Namespace }}
  labels:
    app.kubernetes.io/name: {{ template "seaweedfs.name" $ }}
@ -21,7 +21,7 @@ metadata:
    {{- toYaml $volume.annotations | nindent 4 }}
 {{- end }}
 spec:
-  serviceName: {{ include "seaweedfs.fullname" $ }}-{{ $volumeName }}
+  serviceName: {{ include "seaweedfs.componentName" (list $ $volumeName) }}
  replicas: {{ $volume.replicas }}
  podManagementPolicy: {{ $volume.podManagementPolicy }}
  selector:
@ -197,7 +197,7 @@ spec:
                -fileSizeLimitMB={{ $volume.fileSizeLimitMB }} \
                {{- end }}
                -minFreeSpacePercent={{ $volume.minFreeSpacePercent }} \
-                -ip=${POD_NAME}.${SEAWEEDFS_FULLNAME}-{{ $volumeName }}.{{ $.Release.Namespace }} \
+                -ip=${POD_NAME}.{{ include "seaweedfs.componentName" (list $ $volumeName) }}.{{ $.Release.Namespace }} \
                -compactionMBps={{ $volume.compactionMBps }} \
                -master={{ include "seaweedfs.masterServerArg" $ }} \
                {{- range $volume.extraArgs }}