docs: add example of patching a helm chart

[bburky]

Not sure if you're interested in this, or if this is the best place in the examples, but I thought I'd document this pattern we discovered that pretty cleanly can be used to carry patches on upstream Helm charts. This is useful when the upstream chart doesn't provide sufficient options in values overrides to make the required changes.

Description

Adding an example of patching a helm chart

This is a simple method to apply modifications to a helm chart that is not under your control, if value overrides are not sufficient.

*.patch files are stored beside the zarf.yaml and applied in an onCreate action that clones the chart's git repository, applies the patches and then loads the patched chart from the local filesystem with localPath in the component definition.

Related Issue

Checklist before merging

• Test, docs, adr added or updated as needed
• Contributor Guide Steps followed

[netlify]

✅ Deploy Preview for zarf-docs canceled.

Name	Link
🔨 Latest commit	a0a50a3
🔍 Latest deploy log	https://app.netlify.com/projects/zarf-docs/deploys/69e67c6afe468a000895a555

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[bburky]

Changes split into a new demo-patched-helm-chart component in the same Zarf package. This will prevent the example from showing at https://docs.zarf.dev/ref/components/#helm-charts

Instead, a description was added to readme.md which will be shown at https://docs.zarf.dev/ref/examples/helm-charts/.

Let me know if you want more detail in the README, but I don't think a full git tutorial there is appropriate? I included a link to online git format-patch documentation.

[bburky]

Also, not sure if I need to do anything to handle Windows? I saw one of the tests fail at one point. This should be POSIX-compatible sh which won't work on Windows (alternative Powershell code could do the same though).

[brandtkeller]

One observation otherwise this is a neat callout.

[brandtkeller]

What are your thoughts on cleaning up the cloned repository? Could we have an after action for cleaning up? It removes some of the step-by-step subtlety but I also don't want an (even an ignored) directory remaining behind if possible.

[bburky]

If you get an error during the onCreate before action, I think the after action would be skipped. This action is expected to fail if the patches fail to apply cleanly (which may happen when bumping the git tag and the user would need to examine the repo and see what has changed).

uds-k3d does an rm in their onDeploy after, I've seen it litter my current directory with files when deploy fails. This rm never gets run on error.

For onCreate, a gitignore is pretty easy and should work well. But I can add an rm in to after if you'd like.

Because the after can be skipped, it is not possible to remove the first rm command currently present in the before

[brandtkeller]

agree with the semantics around errors. I was thinking merely for testing that we have cleanup as that example is used in our testing.

We are seeing the side-effect of that in the tests though - where we can't run a find images on the manifest as Zarf hasn't performed the clone yet and as such the local path doesn't exist for templating the chart....

[bburky]

Anyways, if you'd like an rm in after, you can apply this GitHub suggestion

Suggested change

	after:
	- cmd: rm -rf podinfo

I tested locally.

[brandtkeller]

Existing tests that attempt to run zarf dev find-images on this package will now fail because the localPath doesn't exist until the action runs.

We'll need to make a decision here around this being solely documentation or looking at the behaviors/testing for updates.