Skip to content

feat(plugins): load helm chart from flux artifact for oci mirror flow#1993

Open
abhijith-darshan wants to merge 1 commit into
mainfrom
feat/flux-helm-template
Open

feat(plugins): load helm chart from flux artifact for oci mirror flow#1993
abhijith-darshan wants to merge 1 commit into
mainfrom
feat/flux-helm-template

Conversation

@abhijith-darshan
Copy link
Copy Markdown
Contributor

@abhijith-darshan abhijith-darshan commented May 18, 2026
edited
Loading

Description

This PR replaces the upstream registry pull during plugin reconciliation with a fetch from the Flux source-controller artifact already produced for the plugin's HelmChart. The chart .tgz is persisted on disk via a shared flux.IArtifactory, then handed directly to the helm chart loader — avoiding repeated upstream pulls during post-render image transformation.

The artifact fetcher (previously catalog-internal) is generalized into a reusable internal/flux package. The interface now takes artifactID per call, exposes GetRaw for raw bytes (no tar/gzip extraction), and adds Path so callers can resolve the on-disk location of a cached artifact. Both catalog and plugin reconcilers construct one shared instance in SetupWithManager.

The chart now mounts a capped 1Gi emptyDir at the artifact storage path so the on-disk cache is bounded and isolated from the node's writable layer. The CLI flags are renamed from --catalog-artifact-* to --artifact-* to reflect their broader use, and the storage path is wired from a single values key so the mount and flag cannot drift.

What type of PR is this? (check all applicable)

  • 🍕 Feature
  • 🐛 Bug Fix
  • 📝 Documentation Update
  • 🎨 Style
  • 🧑‍💻 Code Refactor
  • 🔥 Performance Improvements
  • ✅ Test
  • 🤖 Build
  • 🔁 CI
  • 📦 Chore (Release)
  • ⏩ Revert

Related Tickets & Documents

Closes #1844

Added tests?

  • 👍 yes
  • 🙅 no, because they aren't needed
  • 🙋 no, because I need help
  • Separate ticket for tests # (issue/pr)

Added to documentation?

  • 📜 README.md
  • 🤝 Documentation pages updated
  • 🙅 no documentation needed
  • (if applicable) generated OpenAPI docs for CRD changes

Checklist

  • My code follows the style guidelines of this project
  • I have performed a self-review of my code
  • I have commented my code, particularly in hard-to-understand areas
  • My changes generate no new warnings
  • New and existing unit tests pass locally with my changes

Copilot AI review requested due to automatic review settings May 18, 2026 22:41
@abhijith-darshan abhijith-darshan requested a review from a team as a code owner May 18, 2026 22:41
@abhijith-darshan abhijith-darshan force-pushed the feat/flux-helm-template branch from 71209ce to 1d30eda Compare May 18, 2026 22:45
mikolajkucinski
mikolajkucinski reviewed May 19, 2026
View reviewed changes
Comment thread internal/flux/artifact.go
Comment thread internal/flux/artifact.go Outdated
Copy link
Copy Markdown
Contributor

@mikolajkucinski mikolajkucinski May 19, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I know its not in the scope of the PR but since we touch these funcs might be worth to change that to errors.Is(err, os.ErrNotExist)?

IvoGoman
IvoGoman reviewed May 19, 2026
View reviewed changes
Comment thread internal/controller/plugin/plugin_controller.go Outdated
Comment thread cmd/greenhouse/controllers.go Outdated
Comment thread internal/controller/catalog/catalog_controller.go Outdated
@abhijith-darshan abhijith-darshan requested a review from a team as a code owner May 22, 2026 09:43
@abhijith-darshan abhijith-darshan force-pushed the feat/flux-helm-template branch from 96cbe80 to 7a06ad9 Compare May 22, 2026 09:52
@github-actions github-actions Bot added size/L and removed size/XXL labels May 22, 2026
@abhijith-darshan
refactor(flux): generalize artifactory for multi-consumer use
0f7a54e 
This commit promotes the catalog-internal artifact fetcher into a
reusable internal/flux package so multiple controllers can share a
single instance. The IArtifactory interface now takes artifactID per
call instead of binding it to the constructor, exposes GetRaw to
return raw bytes without tar/gzip extraction, and adds Path so
callers can resolve the on-disk location of a cached artifact. The
catalog controller is updated to construct one artifactory in
SetupWithManager and pass an artifactID per source.

Signed-off-by: abhijith-darshan <abhijith.ravindra@sap.com>

feat(plugins): load helm chart from flux artifact for oci mirror flow

This commit replaces the upstream registry pull during plugin
reconciliation with a fetch from the Flux source-controller artifact
already produced for the plugin's HelmChart. The plugin reconciler
now constructs a flux.IArtifactory in SetupWithManager and uses
GetRaw + Save + Path to persist the chart .tgz on disk; the helm
package's TemplateHelmChartFromPluginOptionValues loads the chart
directly from that path, avoiding repeated upstream pulls during
post-render image transformation. The CLI flags are renamed from
--catalog-artifact-* to --artifact-* to reflect their broader use.

Signed-off-by: abhijith-darshan <abhijith.ravindra@sap.com>

feat(charts): mount capped emptyDir for artifact storage

This commit adds a 1Gi emptyDir volume mounted at the configured
artifact storage path so the controller's on-disk cache is bounded
and isolated from the node's writable layer. The new
controllerManager.artifactStorage values block lets operators
override the path or size limit, and the storage path is wired
through to the new --artifact-storage-path flag from a single
source so the mount and the flag cannot drift.

Signed-off-by: abhijith-darshan <abhijith.ravindra@sap.com>

chore(dev-env): align local dev with new artifact storage and zot mirrors

This commit adds the artifactStorage values to the local dev values
file so the manager chart renders cleanly when only dev.values.yaml
is supplied (the local helm tooling does not merge chart defaults).
The sample organization manifest grows a containerRegistryConfig
ConfigMap pointing at the local zot mirrors used by kind setup, and
the extensions catalog sample switches the perses ref to a tagged
release sourced from the local mirror so end-to-end flows work
without internet pulls.

Signed-off-by: abhijith-darshan <abhijith.ravindra@sap.com>

(chore): improve err check

Signed-off-by: abhijith-darshan <abhijith.ravindra@sap.com>

refactor(flux): generalize artifactory for multi-consumer use

This commit promotes the catalog-internal artifact fetcher into a
reusable internal/flux package so multiple controllers can share a
single instance. The IArtifactory interface now takes artifactID per
call instead of binding it to the constructor, exposes GetRaw to
return raw bytes without tar/gzip extraction, and adds Path so
callers can resolve the on-disk location of a cached artifact. The
catalog controller is updated to construct one artifactory in
SetupWithManager and pass an artifactID per source.

Signed-off-by: abhijith-darshan <abhijith.ravindra@sap.com>

feat(plugins): load helm chart from flux artifact for oci mirror flow

This commit replaces the upstream registry pull during plugin
reconciliation with a fetch from the Flux source-controller artifact
already produced for the plugin's HelmChart. The plugin reconciler
now constructs a flux.IArtifactory in SetupWithManager and uses
GetRaw + Save + Path to persist the chart .tgz on disk; the helm
package's TemplateHelmChartFromPluginOptionValues loads the chart
directly from that path, avoiding repeated upstream pulls during
post-render image transformation. The CLI flags are renamed from
--catalog-artifact-* to --artifact-* to reflect their broader use.

Signed-off-by: abhijith-darshan <abhijith.ravindra@sap.com>

feat(charts): mount capped emptyDir for artifact storage

This commit adds a 1Gi emptyDir volume mounted at the configured
artifact storage path so the controller's on-disk cache is bounded
and isolated from the node's writable layer. The new
controllerManager.artifactStorage values block lets operators
override the path or size limit, and the storage path is wired
through to the new --artifact-storage-path flag from a single
source so the mount and the flag cannot drift.

Signed-off-by: abhijith-darshan <abhijith.ravindra@sap.com>

chore(dev-env): align local dev with new artifact storage and zot mirrors

This commit adds the artifactStorage values to the local dev values
file so the manager chart renders cleanly when only dev.values.yaml
is supplied (the local helm tooling does not merge chart defaults).
The sample organization manifest grows a containerRegistryConfig
ConfigMap pointing at the local zot mirrors used by kind setup, and
the extensions catalog sample switches the perses ref to a tagged
release sourced from the local mirror so end-to-end flows work
without internet pulls.

Signed-off-by: abhijith-darshan <abhijith.ravindra@sap.com>

Apply suggestions from code review

Co-authored-by: IvoGoman <ivo.gosemann@sap.com>

(chore): replace http retry in missing places

Signed-off-by: abhijith-darshan <abhijith.ravindra@sap.com>
@abhijith-darshan abhijith-darshan force-pushed the feat/flux-helm-template branch from 7a06ad9 to 0f7a54e Compare May 22, 2026 12:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@IvoGoman IvoGoman IvoGoman approved these changes

Copilot code review Copilot Awaiting requested review from Copilot

@mikolajkucinski mikolajkucinski Awaiting requested review from mikolajkucinski

Assignees

No one assigned

Labels

dependencies feature helm-charts size/L

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[FEAT] - Use flux helm release to template Plugin manifest for container image replacement

3 participants

@abhijith-darshan @IvoGoman @mikolajkucinski