feat: prompt password input#10
Open
MoeexT wants to merge 11 commits into
Open
Conversation
- install.sh: default image.registry to docker.io when REPO is empty, preventing invalid image name '/bitnami/...' from blank --set value - generate-sealed-secrets.sh: detect non-runnable bundled kubeseal (e.g. linux binary on macOS) and fall back to system kubeseal - generate-sealed-secrets.sh: fix --namespace to --controller-namespace so kubeseal can locate the sealed-secrets service
- tools/node-setup.sh: interactive node selection with keyboard navigation - tools/node-cleanup.sh: remove labels and taints from nodes - tools/install.sh: integrate node-setup.sh before sealed-secrets install - tools/install.sh: add --skip-node-setup flag to disable node isolation - tools/install.sh: source Helm args from /tmp/datamate-helm-args.sh - tools/uninstall.sh: integrate node-cleanup.sh after Helm uninstall - tools/uninstall.sh: add --skip-node-cleanup flag to skip cleanup - tools/README-node-isolation.md: comprehensive documentation Features: - Interactive node selection (↑/↓ or j/k navigation) - Apply labels: node-role.kubernetes.io/datamate=true - Apply taints: node-role.kubernetes.io/datamate=true:NoSchedule - Generate Helm nodeSelector and tolerations args - Support --dry-run for testing without applying changes - Cross-platform support (Linux, macOS) Equivalent to open source version in DataMate/scripts/k8s/
- tools/node-setup.sh: generate HELM_MILVUS_TOLERATIONS for Milvus chart - tools/install.sh: apply HELM_MILVUS_TOLERATIONS during Milvus install Problem: Commercial version inherited hardcoded tolerations from open source, causing scheduling failures when no nodes were tainted (dev/test environments). Solution: - Generate Milvus-specific tolerations only when node isolation is configured - Apply via HELM_MILVUS_TOLERATIONS during Milvus install - Now Milvus can be installed without node isolation Note: This fix aligns with open source version commit in DataMate repository.
- tools/node-setup.sh: generate HELM_SEALED_SECRETS_TOLERATIONS - tools/install.sh: apply tolerations during sealed-secrets install Problem: sealed-secrets controller was installed before tolerations were applied, causing scheduling failures on tainted nodes. Solution: - Generate HELM_SEALED_SECRETS_TOLERATIONS in node-setup.sh - Source and apply tolerations in install_sealed_secrets() - Ensures sealed-secrets can run on isolated nodes Flow: 1. node-setup.sh generates all tolerations (datamate, milvus, sealed-secrets) 2. install_sealed_secrets() applies tolerations during Helm install 3. install_datamate() applies tolerations during Helm install 4. install_milvus() applies tolerations during Helm install All system components now support node isolation.
- tools/install.sh: use direct string expansion instead of arrays
- install_datamate(): pass tolerations_args directly
- install_milvus(): pass tolerations_args directly
- install_sealed_secrets(): already uses direct expansion
Problem: Using arrays to pass multi-parameter strings caused Helm errors:
Error: unknown flag: --set-string tolerations[0].key
Root cause:
- extra_args+=("") added entire string as ONE array element
- "" passed entire string as ONE Helm parameter
- Helm received "--set-string tolerations[0].key=value --set-string ..." as single malformed flag
Solution:
- Use direct string expansion:
- Bash automatically splits string into multiple parameters (word splitting)
- Each --set-string parameter is passed correctly to Helm
Flow:
# Before (incorrect):
extra_args+=("--set-string key=val --set-string key2=val2") # Single element
helm install ... "" # Single malformed parameter
# After (correct):
tolerations_args="--set-string key=val --set-string key2=val2" # String
helm install ... # Multiple parameters via word splitting
All three functions (sealed-secrets, datamate, milvus) now correctly pass tolerations.
- tools/install.sh: remove rm from install_datamate, add to install() end - install_sealed_secrets sources → install_datamate sources → install_milvus sources → install() cleans up Matching open source fix: args file now persists across all component installs so every component can read tolerations for node isolation.
- tools/node-setup.sh: add etcd.tolerations and minio.tolerations - Matching open source fix: sub-charts need explicit tolerations
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.