Skip to content

fix(deployment): checksum only data of the ConfigMap and Secret#557

Merged
tarioch merged 5 commits intoWeblateOrg:mainfrom
RisingOpsNinja:checksum_only_data
May 7, 2025
Merged

fix(deployment): checksum only data of the ConfigMap and Secret#557
tarioch merged 5 commits intoWeblateOrg:mainfrom
RisingOpsNinja:checksum_only_data

Conversation

@RisingOpsNinja
Copy link
Copy Markdown
Contributor

@RisingOpsNinja RisingOpsNinja commented Mar 25, 2025

Only trigger a reload of the pod, if the actual data of a ConfigMap or Secret is changed.

I took the idea from the bitnami helm charts:

Benefits

in the current situation, deploying an upgrade of the chart (version change in Chart.yaml) will trigger a reload of the pods, even it the pod template and configmap config data are not changed.

This happens because the version of the chart is included in "helm.sh/chart" in metadata.labels (printf "%s-%s" .Chart.Name .Chart.Version) of the configmap,

so a change of chart version changes the configmap metadata.labels which changes the checksum.

With this change, only changes to data will be considered, so reload of pod will happen only if the pod template change or the configuration changes.

Source: bitnami/charts#17302

This affects the checksum of a ConfigMap and Secret in weblate helm chart:

helm template test . | grep checksum | head -n2
        checksum/config: ac6d167686cced3b1c0cdf70d3ef8ccf668c3b7afd195c6579497017490f805d
        checksum/secret: 52e2e79382b95dc0e3a62c59e873816160412c0369a75ed84fc627fc6af11720

helm template test --set 'labels.test1=value1'  . | grep checksum | head -n2
        checksum/config: a2ea5c213fac4509ed4e5fd9cd0f1fc94fbf65a2ebe39664288df3f83e3a36fd
        checksum/secret: 87f494353d8e102ec95e79151885b055b138e24c99063cce779c6cdcf28b3d4a

helm template test --set 'labels.test2=value2'  . | grep checksum | head -n2
        checksum/config: fe8819c1e8d85392aef0c3b5bb0333da394c1792832c531df7304264387a46f7
        checksum/secret: a3f11897b528fdcf5600243e6f85561a1aea79ebb2703843eb6e617d0e59702f

After the change the checksums stay the same:

helm template test . | grep checksum | head -n2
        checksum/config: 31cd2429e56c2097a7ffc25230df66cf619b3ea9eb784ae2f632cedb538fd534
        checksum/secret: 34cd985159b47faa127e7dd0933aeccac0eb653540837fba59fe1aa6fa821370

helm template test --set 'labels.test1=value1'  . | grep checksum | head -n2
        checksum/config: 31cd2429e56c2097a7ffc25230df66cf619b3ea9eb784ae2f632cedb538fd534
        checksum/secret: 34cd985159b47faa127e7dd0933aeccac0eb653540837fba59fe1aa6fa821370

helm template test --set 'labels.test2=value2'  . | grep checksum | head -n2
        checksum/config: 31cd2429e56c2097a7ffc25230df66cf619b3ea9eb784ae2f632cedb538fd534
        checksum/secret: 34cd985159b47faa127e7dd0933aeccac0eb653540837fba59fe1aa6fa821370

@RisingOpsNinja
fix(deployment): checksum only data of the ConfigMap
1039348 
Only trigger a reload of the pod, if the data of a ConfigMap is changed.
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 4, 2025

This pull request has been automatically marked as stale because there wasn’t any recent activity.

It will be closed soon if no further action occurs.

Thank you for your contributions!

@github-actions github-actions Bot added the wontfix Nobody will work on this. label May 4, 2025
@nijel nijel requested review from Mart-Kuc and tarioch May 7, 2025 08:09
@tarioch tarioch merged commit 3aa01de into WeblateOrg:main May 7, 2025
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tarioch tarioch tarioch approved these changes

@Mart-Kuc Mart-Kuc Awaiting requested review from Mart-Kuc

Assignees

No one assigned

Labels

wontfix Nobody will work on this.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@RisingOpsNinja @tarioch