cerc-io
/
stack-orchestrator
mirror of https://github.com/cerc-io/stack-orchestrator
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

fix(k8s): template Caddy image by container name, not string match 

Replacing the string `constants.default_caddy_ingress_image` in the
raw YAML missed the intended override when the manifest on disk had
a different hardcoded image than the constant (e.g. shiv built from
an older main where the default was still `caddy/ingress:latest`).
The spec's override silently lost to whatever the manifest happened
to ship with.

Parse the YAML first, find the Deployment named
`caddy-ingress-controller` and its container by the same name, set
image directly. Makes the spec the source of truth regardless of
what's hardcoded in the manifest.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
pull/749/head
Prathamesh Musale 2026-04-21 08:38:29 +00:00
parent 616475ce2d
commit 8712a5ea62
1 changed files with 21 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
stack_orchestrator/deploy/k8s/helpers.py
View File

@ -488,17 +488,29 @@ def install_ingress_for_kind(
if opts.o.debug: if opts.o.debug:
print(f"Configured Caddy with ACME email: {acme_email}") print(f"Configured Caddy with ACME email: {acme_email}")
# Substitute image only when an override is requested; otherwise yaml_objects = list(yaml.safe_load_all(yaml_content))
# leave the hardcoded default in the manifest.
if caddy_image and caddy_image != constants.default_caddy_ingress_image: # Override the Caddy container's image when a spec value is set.
yaml_content = yaml_content.replace( # Works regardless of what's hardcoded in the manifest — we locate
constants.default_caddy_ingress_image, caddy_image # the container by name and overwrite its image field, rather than
) # relying on a string match of the default.
if caddy_image:
for obj in yaml_objects:
if not obj:
continue
if (
obj.get("kind") == "Deployment"
and obj.get("metadata", {}).get("name")
== "caddy-ingress-controller"
):
for c in (
obj["spec"]["template"]["spec"].get("containers") or []
):
if c.get("name") == "caddy-ingress-controller":
c["image"] = caddy_image
if opts.o.debug: if opts.o.debug:
print(f"Configured Caddy image: {caddy_image}") print(f"Configured Caddy image: {caddy_image}")
yaml_objects = list(yaml.safe_load_all(yaml_content))
# Split: apply everything except the Caddy controller Deployment first, # Split: apply everything except the Caddy controller Deployment first,
# so the namespace + secrets exist before the pod can start and read its # so the namespace + secrets exist before the pod can start and read its
# secret_store. Race-free: Caddy has no way to see the cluster until # secret_store. Race-free: Caddy has no way to see the cluster until