If using `ConfigMap`s with `envFrom` there should be an option to add checksum annotation to deployments

[robertaistleitner]

According to https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments one should calculate a checksum for config map contents to be able to automatically roll deployments.

One could easily detect if such envFrom with ConfigMaps are used in a deployment and then add the required annotation to the rendered template:

kind: Deployment
spec:
  template:
    metadata:
      annotations:
        checksum/config/configmap-one: {{ include (print $.Template.BasePath "/configmap-one.yaml") . | sha256sum }}

At the moment I hacked this into kompose but actually the better place is to implement it here since it's specific to helm.

What do you think? I'm not fluent in go but probably could start a PR for this.

[arttor]

Good idea, but this feature should be disabled by default and controlled by feature flag.

If flag is on, helmify should check that:

• Deployment is using a config map. There are multiple places, not only envFrom. For example, volumes.
• The configMap is part of the Helm chart.

To get ideas about potential implementation, it is worth checking usages of metadata.TemplatedName function. The function returns templated object name if k8s object is presented in the chart. For example, Here helmify replaces configMap and secret volume names for pod. The code could be modified to check if configMap should be checksummed:

- v.ConfigMap.Name = appMeta.TemplatedName(v.ConfigMap.Name)
+ cmName := appMeta.TemplatedName(v.ConfigMap.Name)
+   if cmName != v.ConfigMap.Name {
+     // config map v.ConfigMap.Name is used in Helm chart and we can add annotation
+     // add some global logic to add config map v.ConfigMap.Name to deployment annotation if flag is enabled.
+     v.ConfigMap.Name = cmName    
+   }

[robertaistleitner]

This sounds like a reasonable solution, I'll check that out once I find time to do so. 👍