Remove helmify / kustomize, switch to helm-chart only.#270
Merged
Conversation
📝 WalkthroughWalkthroughThis PR restructures the project by removing kustomize-based Kubernetes configuration, consolidating CRD generation into the Helm chart directory, updating the image repository to GitHub Container Registry, enabling additional security checks, and simplifying the deployment and test setup. Changes
Estimated code review effort🎯 4 (Complex) | ⏱️ ~45 minutes Possibly related PRs
Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches
🧪 Generate unit tests (beta)
📝 Coding Plan
Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 2
🧹 Nitpick comments (2)
Makefile.maker.yaml (1)
76-76: Hardeninstall-crdsagainst accidental non-CRD YAML matches.Currently, all files in
config/crd/are valid CustomResourceDefinitions, so the glob pattern works correctly. However, as a defensive measure to prevent future misconfigurations, consider filtering explicitly to exclude potential auxiliary files likekustomization.yaml:Proposed change
- kubectl apply -f config/crd/*.yaml + find config/crd -maxdepth 1 -type f -name '*.yaml' \ + ! -name 'kustomization.yaml' -print0 | xargs -0 -n1 kubectl apply -f🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@Makefile.maker.yaml` at line 76, The current install step uses the broad glob "kubectl apply -f config/crd/*.yaml" which can accidentally pick up non-CRD files like kustomization.yaml; update the install step (the line containing "kubectl apply -f config/crd/*.yaml" in the install-crds target) to explicitly match CRD filenames (for example "kubectl apply -f config/crd/*crd*.yaml") or replace it with a safe find invocation that excludes kustomization.yaml (e.g., use find config/crd -maxdepth 1 -type f -name '*.yaml' ! -name 'kustomization.yaml' -print0 | xargs -0 kubectl apply -f) so only actual CRD manifests are applied.charts/openstack-hypervisor-operator/Chart.yaml (1)
4-4: Prefer an immutableappVersionoverlatest.The chart defaults the image tag to
.Chart.AppVersion(deployment.yaml:51). SettingappVersion: latestmakes deployments non-reproducible—the same chart version can deploy different image bytes at different times as the registry tag changes. This also breaks rollback reliability, as rolling back reapplies the same mutable tag rather than the original image.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@charts/openstack-hypervisor-operator/Chart.yaml` at line 4, The Chart.yaml currently sets appVersion: latest which makes .Chart.AppVersion (used by deployment.yaml) mutable; change appVersion to a fixed, immutable semver or exact image digest/tag (e.g., v1.2.3 or sha256:...) instead of "latest" so deployments are reproducible; update the Chart.yaml appVersion value accordingly and ensure the Deployment template (which reads .Chart.AppVersion) continues to reference .Chart.AppVersion for the image tag.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.github/workflows/ci.yaml:
- Line 48: The workflow currently pins the action to
fgrosse/go-coverage-report@v1.2.0 which downgrades from v1.3.0 and loses bug
fixes/features; update the uses entry (fgrosse/go-coverage-report@...) back to
v1.3.0 (or a specific commit SHA for supply-chain integrity) to restore fixes
for duplicate block counting, expired baseline fallbacks, additional
event/branch inputs, and structured outputs, or if v1.2.0 is required, add a
clear commit message and repository documentation explaining the incompatibility
and why v1.2.0 is chosen instead of v1.3.0.
In @.github/workflows/helm-oci-package-ghcr.yaml:
- Line 31: The workflow currently uses a floating major tag for the Helm setup
action (azure/setup-helm@v4); replace this with a pinned version (specific patch
like azure/setup-helm@v4.5.1 or a commit SHA) to ensure reproducible CI; update
the uses entry referencing azure/setup-helm to the chosen fixed tag and apply
the same pinning policy to other actions that use floating major tags across
workflows.
---
Nitpick comments:
In `@charts/openstack-hypervisor-operator/Chart.yaml`:
- Line 4: The Chart.yaml currently sets appVersion: latest which makes
.Chart.AppVersion (used by deployment.yaml) mutable; change appVersion to a
fixed, immutable semver or exact image digest/tag (e.g., v1.2.3 or sha256:...)
instead of "latest" so deployments are reproducible; update the Chart.yaml
appVersion value accordingly and ensure the Deployment template (which reads
.Chart.AppVersion) continues to reference .Chart.AppVersion for the image tag.
In `@Makefile.maker.yaml`:
- Line 76: The current install step uses the broad glob "kubectl apply -f
config/crd/*.yaml" which can accidentally pick up non-CRD files like
kustomization.yaml; update the install step (the line containing "kubectl apply
-f config/crd/*.yaml" in the install-crds target) to explicitly match CRD
filenames (for example "kubectl apply -f config/crd/*crd*.yaml") or replace it
with a safe find invocation that excludes kustomization.yaml (e.g., use find
config/crd -maxdepth 1 -type f -name '*.yaml' ! -name 'kustomization.yaml'
-print0 | xargs -0 kubectl apply -f) so only actual CRD manifests are applied.
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: a390aa53-e0d7-42b0-9c17-c6de9a951cc9
📒 Files selected for processing (41)
.github/workflows/ci.yaml.github/workflows/helm-oci-package-ghcr.yaml.golangci.yaml.pre-commit-config.yamlMakefileMakefile.maker.yamlapi/v1/suite_test.gocharts/openstack-hypervisor-operator/Chart.yamlcharts/openstack-hypervisor-operator/crdscharts/openstack-hypervisor-operator/crds/eviction-crd.yamlcharts/openstack-hypervisor-operator/crds/hypervisor-crd.yamlcharts/openstack-hypervisor-operator/values.yamlconfig/crd/kustomization.yamlconfig/crd/kustomizeconfig.yamlconfig/crd/kvm.cloud.sap_evictions.yamlconfig/crd/kvm.cloud.sap_hypervisors.yamlconfig/default/kustomization.yamlconfig/default/manager_metrics_patch.yamlconfig/default/metrics_service.yamlconfig/manager/kustomization.yamlconfig/manager/manager.yamlconfig/manager/secret.yamlconfig/network-policy/allow-metrics-traffic.yamlconfig/network-policy/kustomization.yamlconfig/prometheus/kustomization.yamlconfig/prometheus/monitor.yamlconfig/rbac/eviction_editor_role.yamlconfig/rbac/eviction_viewer_role.yamlconfig/rbac/hypervisor_editor_role.yamlconfig/rbac/hypervisor_viewer_role.yamlconfig/rbac/kustomization.yamlconfig/rbac/leader_election_role.yamlconfig/rbac/leader_election_role_binding.yamlconfig/rbac/metrics_auth_role.yamlconfig/rbac/metrics_auth_role_binding.yamlconfig/rbac/metrics_reader_role.yamlconfig/rbac/role_binding.yamlconfig/rbac/service_account.yamlconfig/samples/kustomization.yamlconfig/samples/kvm_v1_eviction.yamlinternal/controller/suite_test.go
💤 Files with no reviewable changes (30)
- .golangci.yaml
- config/samples/kvm_v1_eviction.yaml
- config/rbac/metrics_auth_role_binding.yaml
- config/default/kustomization.yaml
- config/manager/secret.yaml
- charts/openstack-hypervisor-operator/crds/hypervisor-crd.yaml
- config/manager/kustomization.yaml
- .pre-commit-config.yaml
- config/rbac/hypervisor_editor_role.yaml
- config/crd/kustomizeconfig.yaml
- config/rbac/metrics_auth_role.yaml
- config/rbac/leader_election_role_binding.yaml
- config/rbac/leader_election_role.yaml
- config/rbac/hypervisor_viewer_role.yaml
- config/rbac/kustomization.yaml
- config/rbac/eviction_viewer_role.yaml
- config/samples/kustomization.yaml
- config/prometheus/monitor.yaml
- config/manager/manager.yaml
- config/crd/kustomization.yaml
- config/rbac/role_binding.yaml
- charts/openstack-hypervisor-operator/crds/eviction-crd.yaml
- config/rbac/service_account.yaml
- config/default/manager_metrics_patch.yaml
- config/network-policy/kustomization.yaml
- config/prometheus/kustomization.yaml
- config/rbac/metrics_reader_role.yaml
- config/network-policy/allow-metrics-traffic.yaml
- config/rbac/eviction_editor_role.yaml
- config/default/metrics_service.yaml
notandy
force-pushed
the
remove-kustomize_helmify
branch
from
f77f4d5 to
f064a62
Compare
There was a problem hiding this comment.
🧹 Nitpick comments (1)
charts/openstack-hypervisor-operator/Chart.yaml (1)
4-5: Consider using a concreteappVersionfor production deployments.Using
appVersion: latestimpacts deployment reproducibility—the same chart version could deploy different application versions over time. This makes rollbacks, auditing, and debugging more difficult.If this is intentional for development workflow, consider:
- Overriding
appVersionduring CI/CD releases with the actual Git tag or commit SHA- Documenting that production deployments should specify an explicit image tag via values override
The version bump to
1.0.0appropriately signals the breaking changes from removing kustomize/helmify.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@charts/openstack-hypervisor-operator/Chart.yaml` around lines 4 - 5, Replace the placeholder appVersion value "latest" with a concrete application release identifier by setting the appVersion field to the actual image tag/Git tag or commit SHA (i.e., change appVersion in Chart.yaml from "latest" to a specific version string); if you need to keep flexibility for development, modify CI/CD to inject/override appVersion during releases (use the Git tag or commit SHA) and add a short note in chart documentation/values that production deployments must supply an explicit image tag via values override.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Nitpick comments:
In `@charts/openstack-hypervisor-operator/Chart.yaml`:
- Around line 4-5: Replace the placeholder appVersion value "latest" with a
concrete application release identifier by setting the appVersion field to the
actual image tag/Git tag or commit SHA (i.e., change appVersion in Chart.yaml
from "latest" to a specific version string); if you need to keep flexibility for
development, modify CI/CD to inject/override appVersion during releases (use the
Git tag or commit SHA) and add a short note in chart documentation/values that
production deployments must supply an explicit image tag via values override.
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 791b319c-29b6-4f0c-8ac0-7ea90d2d7d55
📒 Files selected for processing (40)
.github/workflows/helm-oci-package-ghcr.yaml.golangci.yaml.pre-commit-config.yamlMakefileMakefile.maker.yamlapi/v1/suite_test.gocharts/openstack-hypervisor-operator/Chart.yamlcharts/openstack-hypervisor-operator/crdscharts/openstack-hypervisor-operator/crds/eviction-crd.yamlcharts/openstack-hypervisor-operator/crds/hypervisor-crd.yamlcharts/openstack-hypervisor-operator/values.yamlconfig/crd/kustomization.yamlconfig/crd/kustomizeconfig.yamlconfig/crd/kvm.cloud.sap_evictions.yamlconfig/crd/kvm.cloud.sap_hypervisors.yamlconfig/default/kustomization.yamlconfig/default/manager_metrics_patch.yamlconfig/default/metrics_service.yamlconfig/manager/kustomization.yamlconfig/manager/manager.yamlconfig/manager/secret.yamlconfig/network-policy/allow-metrics-traffic.yamlconfig/network-policy/kustomization.yamlconfig/prometheus/kustomization.yamlconfig/prometheus/monitor.yamlconfig/rbac/eviction_editor_role.yamlconfig/rbac/eviction_viewer_role.yamlconfig/rbac/hypervisor_editor_role.yamlconfig/rbac/hypervisor_viewer_role.yamlconfig/rbac/kustomization.yamlconfig/rbac/leader_election_role.yamlconfig/rbac/leader_election_role_binding.yamlconfig/rbac/metrics_auth_role.yamlconfig/rbac/metrics_auth_role_binding.yamlconfig/rbac/metrics_reader_role.yamlconfig/rbac/role_binding.yamlconfig/rbac/service_account.yamlconfig/samples/kustomization.yamlconfig/samples/kvm_v1_eviction.yamlinternal/controller/suite_test.go
💤 Files with no reviewable changes (30)
- config/rbac/metrics_reader_role.yaml
- .pre-commit-config.yaml
- config/manager/manager.yaml
- config/prometheus/monitor.yaml
- .golangci.yaml
- config/samples/kustomization.yaml
- config/rbac/eviction_viewer_role.yaml
- config/rbac/role_binding.yaml
- config/default/metrics_service.yaml
- config/crd/kustomization.yaml
- config/rbac/hypervisor_editor_role.yaml
- config/default/kustomization.yaml
- config/network-policy/kustomization.yaml
- config/rbac/eviction_editor_role.yaml
- config/prometheus/kustomization.yaml
- charts/openstack-hypervisor-operator/crds/hypervisor-crd.yaml
- config/rbac/leader_election_role.yaml
- config/default/manager_metrics_patch.yaml
- config/rbac/service_account.yaml
- config/rbac/kustomization.yaml
- config/rbac/hypervisor_viewer_role.yaml
- config/rbac/metrics_auth_role_binding.yaml
- config/manager/secret.yaml
- config/crd/kustomizeconfig.yaml
- config/manager/kustomization.yaml
- config/samples/kvm_v1_eviction.yaml
- config/network-policy/allow-metrics-traffic.yaml
- charts/openstack-hypervisor-operator/crds/eviction-crd.yaml
- config/rbac/metrics_auth_role.yaml
- config/rbac/leader_election_role_binding.yaml
🚧 Files skipped from review as they are similar to previous changes (3)
- .github/workflows/helm-oci-package-ghcr.yaml
- internal/controller/suite_test.go
- Makefile.maker.yaml
PhilippMatthes
approved these changes
Mar 16, 2026
Member
PhilippMatthes
left a comment
PhilippMatthes
left a comment
There was a problem hiding this comment.
This is similar to what we did with cortex, just that, in cortex, we directly output the crd into the helm chart's templates directory. Since we don't really use the kustomize scaffold and always deploy from the helm chart.
About the symlinks, have you checked these are fine when you package the helm charts? I think helm is smart enough to resolve these, but just to double check. We had symlinks in cortex as well, but I can't remember why we removed them eventually.
Contributor
Author
Yes, they are fine and helm can resolve them, I've already checked. I thought about putting them directly into the helm chart... The envtest needs the CRD path, which of course can be adapted to be in the helm charts, but I didn't felt strong about it: https://github.com/cobaltcore-dev/openstack-hypervisor-operator/blob/main/internal/controller/suite_test.go#L58 EDIT: |
notandy
force-pushed
the
remove-kustomize_helmify
branch
from
f064a62 to
8f6f5dd
Compare
This PR removes the helmify step and removes kustomize as an option to render the manager/rbacs/crd. Helmify took a lot of work creating a helm-chart based on the boilerplate generated by kubebuilder. But ultimatively, it imposes too many constraints to the outcome of the helm-chart and makes it hard to implement custom renditions (like using .AppVersion as a image tag). Thus this PR is removing the kustomize files, leaving only the generated CRDs in the config directory (which don't need any templating) and symlinks it to the helm chart.
notandy
force-pushed
the
remove-kustomize_helmify
branch
from
8f6f5dd to
40ad6ff
Compare
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@charts/openstack-hypervisor-operator/values.yaml`:
- Line 26: The deployment currently falls back to .Chart.AppVersion which is set
to "latest" in Chart.yaml, producing a non-reproducible image tag; fix by either
setting a concrete semantic version for appVersion in Chart.yaml (e.g., 0.1.0)
or restoring an explicit image.tag in values.yaml (e.g., image.tag: "0.1.0") so
templates/deployment.yaml renders a fixed, immutable tag instead of :latest;
update whichever file you choose (Chart.yaml -> appVersion or values.yaml ->
image.tag) and ensure templates/deployment.yaml continues to reference
.Values.image.tag | default .Chart.AppVersion.
In `@Makefile`:
- Around line 37-38: The install-crds Makefile target is pointing at a
non-existent path (config/crd/*.yaml); update the target named install-crds so
its kubectl apply command uses the actual CRD output directory
charts/openstack-hypervisor-operator/crds/*.yaml (or add a small existence check
before applying) so kubectl applies the correct CRD files; modify the command
that currently calls kubectl apply -f config/crd/*.yaml to reference
charts/openstack-hypervisor-operator/crds/*.yaml and ensure the target still
documents its purpose.
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 9dd4e850-4db0-4ddb-8978-9d98e646cd0b
📒 Files selected for processing (39)
.github/workflows/helm-oci-package-ghcr.yaml.golangci.yaml.pre-commit-config.yamlMakefileMakefile.maker.yamlapi/v1/suite_test.gocharts/openstack-hypervisor-operator/Chart.yamlcharts/openstack-hypervisor-operator/crds/kvm.cloud.sap_evictions.yamlcharts/openstack-hypervisor-operator/crds/kvm.cloud.sap_hypervisors.yamlcharts/openstack-hypervisor-operator/values.yamlconfig/crd/kustomization.yamlconfig/crd/kustomizeconfig.yamlconfig/crd/kvm.cloud.sap_evictions.yamlconfig/crd/kvm.cloud.sap_hypervisors.yamlconfig/default/kustomization.yamlconfig/default/manager_metrics_patch.yamlconfig/default/metrics_service.yamlconfig/manager/kustomization.yamlconfig/manager/manager.yamlconfig/manager/secret.yamlconfig/network-policy/allow-metrics-traffic.yamlconfig/network-policy/kustomization.yamlconfig/prometheus/kustomization.yamlconfig/prometheus/monitor.yamlconfig/rbac/eviction_editor_role.yamlconfig/rbac/eviction_viewer_role.yamlconfig/rbac/hypervisor_editor_role.yamlconfig/rbac/hypervisor_viewer_role.yamlconfig/rbac/kustomization.yamlconfig/rbac/leader_election_role.yamlconfig/rbac/leader_election_role_binding.yamlconfig/rbac/metrics_auth_role.yamlconfig/rbac/metrics_auth_role_binding.yamlconfig/rbac/metrics_reader_role.yamlconfig/rbac/role_binding.yamlconfig/rbac/service_account.yamlconfig/samples/kustomization.yamlconfig/samples/kvm_v1_eviction.yamlinternal/controller/suite_test.go
💤 Files with no reviewable changes (28)
- config/manager/secret.yaml
- .golangci.yaml
- config/rbac/hypervisor_editor_role.yaml
- config/rbac/leader_election_role_binding.yaml
- config/prometheus/kustomization.yaml
- config/network-policy/kustomization.yaml
- config/default/manager_metrics_patch.yaml
- config/crd/kustomization.yaml
- config/default/metrics_service.yaml
- config/manager/kustomization.yaml
- config/rbac/role_binding.yaml
- config/manager/manager.yaml
- config/rbac/eviction_viewer_role.yaml
- config/crd/kustomizeconfig.yaml
- config/prometheus/monitor.yaml
- config/rbac/leader_election_role.yaml
- config/rbac/kustomization.yaml
- config/network-policy/allow-metrics-traffic.yaml
- config/default/kustomization.yaml
- config/rbac/metrics_reader_role.yaml
- config/rbac/metrics_auth_role.yaml
- config/rbac/hypervisor_viewer_role.yaml
- config/samples/kustomization.yaml
- config/rbac/service_account.yaml
- config/rbac/metrics_auth_role_binding.yaml
- config/rbac/eviction_editor_role.yaml
- .pre-commit-config.yaml
- config/samples/kvm_v1_eviction.yaml
✅ Files skipped from review due to trivial changes (1)
- config/crd/kvm.cloud.sap_evictions.yaml
🚧 Files skipped from review as they are similar to previous changes (4)
- internal/controller/suite_test.go
- Makefile.maker.yaml
- .github/workflows/helm-oci-package-ghcr.yaml
- charts/openstack-hypervisor-operator/Chart.yaml
Merging this branch will not change overall coverage
Coverage by fileChanged unit test files
|
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@charts/openstack-hypervisor-operator/Chart.yaml`:
- Line 4: The Chart.yaml currently sets appVersion: latest which makes
deployments non-deterministic; change appVersion to a specific pinned value or a
Git SHA (e.g., match your packaged image tag) and update any references that
expect .AppVersion as the image tag in your templates to use that concrete value
or allow override via helm --set image.tag=<tag> at install/upgrade time so the
chart defaults are deterministic and reproducible; update Chart.yaml's
appVersion and document using --set for dynamic tags.
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 46d15ba3-52b9-4e1f-be7c-717782be10e1
📒 Files selected for processing (39)
.github/workflows/helm-oci-package-ghcr.yaml.golangci.yaml.pre-commit-config.yamlMakefileMakefile.maker.yamlapi/v1/suite_test.gocharts/openstack-hypervisor-operator/Chart.yamlcharts/openstack-hypervisor-operator/crds/eviction-crd.yamlcharts/openstack-hypervisor-operator/crds/hypervisor-crd.yamlcharts/openstack-hypervisor-operator/crds/kvm.cloud.sap_evictions.yamlcharts/openstack-hypervisor-operator/crds/kvm.cloud.sap_hypervisors.yamlcharts/openstack-hypervisor-operator/values.yamlconfig/crd/kustomization.yamlconfig/crd/kustomizeconfig.yamlconfig/default/kustomization.yamlconfig/default/manager_metrics_patch.yamlconfig/default/metrics_service.yamlconfig/manager/kustomization.yamlconfig/manager/manager.yamlconfig/manager/secret.yamlconfig/network-policy/allow-metrics-traffic.yamlconfig/network-policy/kustomization.yamlconfig/prometheus/kustomization.yamlconfig/prometheus/monitor.yamlconfig/rbac/eviction_editor_role.yamlconfig/rbac/eviction_viewer_role.yamlconfig/rbac/hypervisor_editor_role.yamlconfig/rbac/hypervisor_viewer_role.yamlconfig/rbac/kustomization.yamlconfig/rbac/leader_election_role.yamlconfig/rbac/leader_election_role_binding.yamlconfig/rbac/metrics_auth_role.yamlconfig/rbac/metrics_auth_role_binding.yamlconfig/rbac/metrics_reader_role.yamlconfig/rbac/role_binding.yamlconfig/rbac/service_account.yamlconfig/samples/kustomization.yamlconfig/samples/kvm_v1_eviction.yamlinternal/controller/suite_test.go
💤 Files with no reviewable changes (30)
- config/manager/manager.yaml
- .golangci.yaml
- config/default/manager_metrics_patch.yaml
- config/rbac/metrics_reader_role.yaml
- config/prometheus/kustomization.yaml
- config/rbac/metrics_auth_role.yaml
- config/prometheus/monitor.yaml
- config/rbac/kustomization.yaml
- config/samples/kustomization.yaml
- charts/openstack-hypervisor-operator/crds/hypervisor-crd.yaml
- config/network-policy/allow-metrics-traffic.yaml
- config/rbac/leader_election_role.yaml
- config/manager/kustomization.yaml
- config/default/metrics_service.yaml
- config/rbac/role_binding.yaml
- .pre-commit-config.yaml
- config/default/kustomization.yaml
- config/network-policy/kustomization.yaml
- config/rbac/hypervisor_editor_role.yaml
- config/rbac/eviction_viewer_role.yaml
- config/rbac/service_account.yaml
- config/manager/secret.yaml
- config/rbac/hypervisor_viewer_role.yaml
- charts/openstack-hypervisor-operator/crds/eviction-crd.yaml
- config/samples/kvm_v1_eviction.yaml
- config/rbac/metrics_auth_role_binding.yaml
- config/crd/kustomizeconfig.yaml
- config/crd/kustomization.yaml
- config/rbac/eviction_editor_role.yaml
- config/rbac/leader_election_role_binding.yaml
🚧 Files skipped from review as they are similar to previous changes (5)
- .github/workflows/helm-oci-package-ghcr.yaml
- Makefile
- api/v1/suite_test.go
- Makefile.maker.yaml
- charts/openstack-hypervisor-operator/values.yaml
fwiesel
approved these changes
Mar 17, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR removes the helmify step and removes kustomize as an option to
render the manager/rbacs/crd.
Helmify took a lot of work creating a helm-chart based on the
boilerplate generated by kubebuilder. But ultimatively, it imposes too
many constraints to the outcome of the helm-chart and makes it hard to
implement custom renditions (like using .AppVersion as a image tag).
Thus this PR is removing the kustomize files, leaving only the generated
CRDs in the config directory (which don't need any templating) and
symlinks it to the helm chart.
Summary by CodeRabbit