Resolve “Error loading Login” and ShiftedDate frontend error in Headlamp Helm chart (#4033)

[Manas-Dikshit]

Fixes #4033
— “Digital Ocean - Error loading Login”
Summary
This PR addresses both the backend login issue and frontend rendering error reported in issue #4033 when deploying Headlamp via Helm on DigitalOcean Kubernetes (and similar managed clusters).

Root Cause
The backend was not correctly configured to use the in-cluster Kubernetes config, leading to:
error loading kubeconfig files: error reading kubeconfig file: open : no such file or directory

The frontend was using an older image version that triggered:
TypeError: Class constructor ShiftedDate cannot be invoked without 'new'

Fix Implemented
Enabled in-cluster mode explicitly:

config:
inCluster: true

Added explicit backend arguments and environment variables:

extraArgs:

• "--in-cluster"
  extraEnv:
• name: HEADLAMP_IN_CLUSTER
  value: "true"

Pinned Headlamp image version to 0.37.0, which resolves the ShiftedDate frontend error.
Ensured service account and cluster role binding are properly created for OIDC login.

Files Updated
charts/headlamp/values.yaml
Testing
Deployed updated chart via Helm:
helm upgrade --install headlamp ./charts/headlamp -f values.yaml

Verified:
Backend successfully loads in-cluster configuration.
OIDC login flow completes without “Error loading login”.
Frontend loads correctly without ShiftedDate error.

Tested on:
DigitalOcean Kubernetes
Minikube (local)

Result
Headlamp now authenticates properly via OIDC, runs cleanly in-cluster, and the frontend loads without JS exceptions.

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: Manas-Dikshit
Once this PR has been reviewed and has the lgtm label, please assign sniok for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[linux-foundation-easycla]

The committers listed above are authorized under a signed CLA.

• ✅ login: Manas-Dikshit / name: Manas Ranjan Dikshit (83904a1)

[k8s-ci-robot]

Welcome @Manas-Dikshit!

It looks like this is your first PR to kubernetes-sigs/headlamp 🎉. Please refer to our pull request process documentation to help your PR have a smooth ride to approval.

You will be prompted by a bot to use commands during the review process. Do not be afraid to follow the prompts! It is okay to experiment. Here is the bot commands documentation.

You can also check if kubernetes-sigs/headlamp has its own contribution guidelines.

You may want to refer to our testing guide if you run into trouble with your tests not passing.

If you are having difficulty getting your pull request seen, please follow the recommended escalation practices. Also, for tips and tricks in the contribution process you may want to read the Kubernetes contributor cheat sheet. We want to make sure your contribution gets all the attention it needs!

Thank you, and welcome to Kubernetes. 😃

[skoeva]

Hi, it would be great if you could sign the CLA as it's required for contributing to the repo

[Manas-Dikshit]

signed
@skoeva

[Copilot]

Pull Request Overview

This PR fixes backend authentication and frontend rendering issues in the Headlamp Helm chart when deploying to managed Kubernetes clusters like DigitalOcean. The root causes were improper in-cluster configuration and an outdated frontend image causing a JavaScript error.

Key changes:

• Enabled in-cluster mode explicitly with backend arguments and environment variables
• Pinned Headlamp image to version 0.37.0 to resolve the ShiftedDate frontend error
• Added explicit service account naming and ensured proper RBAC bindings

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The extraArgs and extraEnv keys are duplicated - they already exist at lines 67 and 70-72. This creates conflicting configuration definitions in the same values file. Either remove the duplicates or consolidate them into single definitions with all required values.

[Copilot]

The HEADLAMP_IN_CLUSTER environment variable is set twice in the file (lines 71-72 and 291-292). Remove this duplicate entry to avoid confusion.

Suggested change

	- name: HEADLAMP_IN_CLUSTER
	value: "true"

[Copilot]

This persistentVolume configuration appears to be a new top-level key that differs from the existing persistentVolumeClaim at line 143. This creates inconsistent volume configuration options. Consider using the existing persistentVolumeClaim structure or clearly document why both are needed.

Suggested change

	persistentVolume:
	enabled: false
	mountPath: "/home/headlamp/.config/Headlamp"
	size: 1Gi
	# Please use the persistentVolumeClaim section above for persistent storage configuration.

[Copilot]

The resources key is duplicated - it already exists at line 187 with an empty value. This second definition overrides the first one. Remove the duplicate at line 187 or consolidate these into a single definition.

[Copilot]

These keys (nodeSelector, tolerations, affinity) are duplicated from lines 247-249. Remove these duplicate entries to maintain a clean configuration file.

Suggested change

	nodeSelector: {}
	tolerations: []
	affinity: {}

[Copilot]

The automountServiceAccountToken key is duplicated - it already exists at line 75 with the same value. Remove this duplicate entry.

Suggested change

automountServiceAccountToken: true

[ashu8912]

Hii @Manas-Dikshit most of this code doesn't justify why things are added or removed, can you please provide better commit messages and description for them