Use sub-chart for CRDs to reduce chart size

[jukie]

We're now at the point where any CRD change will bring us over the size limit and we need to adjust the helm chart setup.

The size limit for the helm release secret is 1,048,576 bytes and an install via make create-cluster kube-install-image kube-deploy on the main branch at e56785c is 1,047,388 bytes.

kubectl get secret -n envoy-gateway-system sh.helm.release.v1.eg.v1 -o jsonpath='{.data.release}' | base64 -d | wc -c
 1047388

Failing example: https://github.com/envoyproxy/gateway/actions/runs/22075275197/job/63789996939

This change moves the crds to a separate sub-chart which won't be included in the generated helm release secret to and keeps the size under the limit (down to ~24k bytes):

kubectl get secret -n envoy-gateway-system sh.helm.release.v1.eg.v1 -o jsonpath='{.data.release}' | base64 -d | wc -c
   23904

This is a similar approach to what victoria-metrics did when hitting the same issue - ref VictoriaMetrics/helm-charts#603

Helm discussion: helm/helm#11493

[netlify]

✅ Deploy Preview for cerulean-figolla-1f9435 ready!

Name	Link
🔨 Latest commit	4d84d7e
🔍 Latest deploy log	https://app.netlify.com/projects/cerulean-figolla-1f9435/deploys/6994dfeb21c4960008e09451
😎 Deploy Preview	https://deploy-preview-8283--cerulean-figolla-1f9435.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[codecov]

Codecov Report

❌ Patch coverage is 0% with 5 lines in your changes missing coverage. Please review.
✅ Project coverage is 73.57%. Comparing base (e56785c) to head (4d84d7e).

Files with missing lines	Patch %	Lines
internal/utils/helm/package.go	0.00%	5 Missing ⚠️

❌ Your patch check has failed because the patch coverage (0.00%) is below the target coverage (60.00%). You can increase the patch coverage or adjust the target coverage.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #8283      +/-   ##
==========================================
- Coverage   73.57%   73.57%   -0.01%     
==========================================
  Files         242      242              
  Lines       37000    37003       +3     
==========================================
+ Hits        27224    27225       +1     
- Misses       7854     7858       +4     
+ Partials     1922     1920       -2     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[zhaohuabing]

Looks good!
Should we add a release note to the current.yaml(probably in the breaking changes section)? This changes how users install/upgrade gateway helm.

[jukie]

This shouldn't have any affect on the normal user flow if I've understood it correctly

[jukie]

/retest

[zhaohuabing]

If users install CRDs separately (for example via gateway-crds-helm), they should update the install command:

helm install eg oci://docker.io/envoyproxy/gateway-helm 
  -n envoy-gateway-system 
  --create-namespace 
  --version v0.0.0-latest 
  --set crds.enabled=false

vs before:

helm install eg oci://docker.io/envoyproxy/gateway-helm 
  -n envoy-gateway-system 
  --create-namespace 
  --version v0.0.0-latest 
  --skip-crds

[jukie]

Good catch, thanks I'll update it.

[shahar-h]

I wonder why we need this flag since helm --skip-crds flag affects also sub charts.

[jukie]

I didn't know that, thanks!

[jukie]

Fixed

[zirain]

/retest

[jukie]

/retest