From 27b1e4e46c233d2922e0f3a562c752aba9264350 Mon Sep 17 00:00:00 2001
From: edias <edson.dias@windriver.com>
Date: Thu, 20 Mar 2025 15:33:40 -0300
Subject: [PATCH] Parameterize kustomize controller template variables.

A new fluxcd kustomize controller was added to ansible playbook in
this commit:
https://review.opendev.org/c/starlingx/ansible-playbooks/+/940832

This commit parameterizes the values.yaml file, aiming to allow the
new controller to be optionally enabled via an ansible variable
evaluated during bootstrap.
The create parameter for the kustomize controller is set to false
as a default.

Test plan:
PASS: build-pkgs && build-image.
PASS: AIO-SX fresh install.
PASS: check if only helm-controller and source-controller pods are up
      in the flux-helm namespace.

PASS: stop AIO-SX installation before the ansible bootstrap step.
PASS: manually run ansible-playbook setting the variable
      enable_kustomize_controller to true.
PASS: check if kustomize-controller pod is up in the flux-helm
      namespace.

PASS: build-pkgs && build-image.
PASS: AIO-DX fresh install.
PASS: check if only helm-controller and source-controller pods are up
      on flux-helm namespace.

PASS: stop AIO-DX installation before the ansible bootstrap step.
PASS: manually run ansible-playbook setting the variable
      enable_kustomize_controller to true.
PASS: check if kustomize-controller pod is up in the flux-helm
      namespace.

PASS: Do a STANDARD installation setting the variable
      enable_kustomize_controller to true.
PASS: check if kustomize-controller pod is up in the flux-helm
      namespace and only on the controller node.

Story: 2011354
Task: 51703

Change-Id: I3ed2dc9ecf3db81eda0452f0216aac9d5f559667
Signed-off-by: edias <edson.dias@windriver.com>
---
 .../templates/values.yaml.j2                  | 56 ++++++++-----------
 .../common/fluxcd-controllers/vars/main.yml   |  6 ++
 .../load-images-information/tasks/main.yml    |  1 +
 .../vars/k8s-v1.24.4/system-images.yml        |  1 +
 .../vars/k8s-v1.25.3/system-images.yml        |  1 +
 .../vars/k8s-v1.29.2/system-images.yml        |  1 +
 .../vars/k8s-v1.30.6/system-images.yml        |  1 +
 7 files changed, 35 insertions(+), 32 deletions(-)

diff --git a/playbookconfig/src/playbooks/roles/common/fluxcd-controllers/templates/values.yaml.j2 b/playbookconfig/src/playbooks/roles/common/fluxcd-controllers/templates/values.yaml.j2
index fed4313b0..12352a07f 100644
--- a/playbookconfig/src/playbooks/roles/common/fluxcd-controllers/templates/values.yaml.j2
+++ b/playbookconfig/src/playbooks/roles/common/fluxcd-controllers/templates/values.yaml.j2
@@ -103,21 +103,22 @@ imageReflectionController:
   create: false
 
 kustomizeController:
-  create: false
-  image: ghcr.io/fluxcd/kustomize-controller
-  tag: v1.3.0
+  create: {{ enable_kustomize_controller }}
+  image: "{{ local_registry }}/{{ flux_kustomize_controller_image }}"
+  tag: {{ flux_kustomize_controller_tag }}
   resources:
-    limits: {}
-    # cpu: 1000m
-    # memory: 1Gi
+    limits:
+      cpu: 1000m
+      memory: 1Gi
     requests:
-      cpu: 100m
-      memory: 64Mi
+      cpu: 0
+      memory: {{ flux_kustomize_controller_memory_request }}
   priorityClassName: ""
   annotations:
     prometheus.io/port: "8080"
     prometheus.io/scrape: "true"
-  labels: {}
+  labels:
+    app.starlingx.io/component: platform
   container:
     additionalArgs: []
   extraEnv: []
@@ -126,29 +127,20 @@ kustomizeController:
     automount: true
     annotations: {}
   imagePullPolicy: ""
-  secret:
-    # -- Create a secret to use it with extraSecretMounts. Defaults to false.
-    create: false
-    name: ""
-    data: {}
-  # -- Defines envFrom using a configmap and/or secret.
-  envFrom:
-    map:
-      name: ""
-    secret:
-      name: ""
-  # -- Defines additional mounts with secrets.
-  # Secrets must be manually created in the namespace or with kustomizeController.secret
-  extraSecretMounts: []
-  # - name: secret-files
-  #   mountPath: /etc/secrets
-  #   subPath: ""
-  #   secretName: secret-files
-  #   readOnly: true
-
-  nodeSelector: {}
-  affinity: {}
-  tolerations: []
+  terminationGracePeriodSeconds: 10
+  readinessProbe:
+    timeoutSeconds: {{ flux_kustomize_controller_readiness_timeout }}
+  livenessProbe:
+    timeoutSeconds: {{ flux_kustomize_controller_liveness_timeout }}
+  nodeSelector:
+    node-role.kubernetes.io/control-plane: ""
+  tolerations:
+    - key: "node-role.kubernetes.io/master"
+      operator: "Exists"
+      effect: "NoSchedule"
+    - key: "node-role.kubernetes.io/control-plane"
+      operator: "Exists"
+      effect: "NoSchedule"
 
 notificationController:
   create: {{ enable_notification_controller }}
diff --git a/playbookconfig/src/playbooks/roles/common/fluxcd-controllers/vars/main.yml b/playbookconfig/src/playbooks/roles/common/fluxcd-controllers/vars/main.yml
index 54b37a1e8..ae2a761ba 100644
--- a/playbookconfig/src/playbooks/roles/common/fluxcd-controllers/vars/main.yml
+++ b/playbookconfig/src/playbooks/roles/common/fluxcd-controllers/vars/main.yml
@@ -18,6 +18,11 @@ flux_notification_controller_tag: v1.3.0
 flux_notification_controller_liveness_timeout: 5
 flux_notification_controller_readiness_timeout: 10
 flux_notification_controller_memory_request: 0
+flux_kustomize_controller_image: ghcr.io/fluxcd/kustomize-controller
+flux_kustomize_controller_tag: v1.3.0
+flux_kustomize_controller_liveness_timeout: 5
+flux_kustomize_controller_readiness_timeout: 10
+flux_kustomize_controller_memory_request: 0
 local_registry: registry.local:9001
 async_timeout: 240
 async_retries: 80
@@ -26,3 +31,4 @@ check_kubernetes_health_retries: 5
 delay_time: 6
 fluxcd_retries: 5
 enable_notification_controller: false
+enable_kustomize_controller: false
diff --git a/playbookconfig/src/playbooks/roles/common/load-images-information/tasks/main.yml b/playbookconfig/src/playbooks/roles/common/load-images-information/tasks/main.yml
index dfd9a1235..61ec3af84 100644
--- a/playbookconfig/src/playbooks/roles/common/load-images-information/tasks/main.yml
+++ b/playbookconfig/src/playbooks/roles/common/load-images-information/tasks/main.yml
@@ -116,6 +116,7 @@
         - "{{ flux_helm_controller_img }}"
         - "{{ flux_source_controller_img }}"
         - "{{ flux_notification_controller_img }}"
+        - "{{ flux_kustomize_controller_img }}"
       storage_images:
         - "{{ snapshot_controller_img }}"
       security_images:
diff --git a/playbookconfig/src/playbooks/roles/common/load-images-information/vars/k8s-v1.24.4/system-images.yml b/playbookconfig/src/playbooks/roles/common/load-images-information/vars/k8s-v1.24.4/system-images.yml
index b778cb7d5..fdcf546b7 100644
--- a/playbookconfig/src/playbooks/roles/common/load-images-information/vars/k8s-v1.24.4/system-images.yml
+++ b/playbookconfig/src/playbooks/roles/common/load-images-information/vars/k8s-v1.24.4/system-images.yml
@@ -40,3 +40,4 @@ flux_source_controller_img: docker.io/fluxcd/source-controller:v1.3.0
 flux_helm_controller_img_2212: docker.io/fluxcd/helm-controller:v0.27.0
 flux_source_controller_img_2212: docker.io/fluxcd/source-controller:v0.32.1
 flux_notification_controller_img: ghcr.io/fluxcd/notification-controller:v1.3.0
+flux_kustomize_controller_img: ghcr.io/fluxcd/kustomize-controller:v1.3.0
diff --git a/playbookconfig/src/playbooks/roles/common/load-images-information/vars/k8s-v1.25.3/system-images.yml b/playbookconfig/src/playbooks/roles/common/load-images-information/vars/k8s-v1.25.3/system-images.yml
index f6390341b..b26ecebcc 100644
--- a/playbookconfig/src/playbooks/roles/common/load-images-information/vars/k8s-v1.25.3/system-images.yml
+++ b/playbookconfig/src/playbooks/roles/common/load-images-information/vars/k8s-v1.25.3/system-images.yml
@@ -29,3 +29,4 @@ pause_img: k8s.gcr.io/pause:3.4.1
 flux_helm_controller_img: docker.io/fluxcd/helm-controller:v1.0.1
 flux_source_controller_img: docker.io/fluxcd/source-controller:v1.3.0
 flux_notification_controller_img: ghcr.io/fluxcd/notification-controller:v1.3.0
+flux_kustomize_controller_img: ghcr.io/fluxcd/kustomize-controller:v1.3.0
diff --git a/playbookconfig/src/playbooks/roles/common/load-images-information/vars/k8s-v1.29.2/system-images.yml b/playbookconfig/src/playbooks/roles/common/load-images-information/vars/k8s-v1.29.2/system-images.yml
index 14b34f1ef..f6911d613 100644
--- a/playbookconfig/src/playbooks/roles/common/load-images-information/vars/k8s-v1.29.2/system-images.yml
+++ b/playbookconfig/src/playbooks/roles/common/load-images-information/vars/k8s-v1.29.2/system-images.yml
@@ -29,3 +29,4 @@ pause_img: k8s.gcr.io/pause:3.4.1
 flux_helm_controller_img: docker.io/fluxcd/helm-controller:v1.0.1
 flux_source_controller_img: docker.io/fluxcd/source-controller:v1.3.0
 flux_notification_controller_img: ghcr.io/fluxcd/notification-controller:v1.3.0
+flux_kustomize_controller_img: ghcr.io/fluxcd/kustomize-controller:v1.3.0
diff --git a/playbookconfig/src/playbooks/roles/common/load-images-information/vars/k8s-v1.30.6/system-images.yml b/playbookconfig/src/playbooks/roles/common/load-images-information/vars/k8s-v1.30.6/system-images.yml
index f8dcdfad1..a41b56535 100644
--- a/playbookconfig/src/playbooks/roles/common/load-images-information/vars/k8s-v1.30.6/system-images.yml
+++ b/playbookconfig/src/playbooks/roles/common/load-images-information/vars/k8s-v1.30.6/system-images.yml
@@ -29,3 +29,4 @@ pause_img: k8s.gcr.io/pause:3.4.1
 flux_helm_controller_img: docker.io/fluxcd/helm-controller:v1.0.1
 flux_source_controller_img: docker.io/fluxcd/source-controller:v1.3.0
 flux_notification_controller_img: ghcr.io/fluxcd/notification-controller:v1.3.0
+flux_kustomize_controller_img: ghcr.io/fluxcd/kustomize-controller:v1.3.0