CDK EKS model has a helm module making it possible to point out a helm repo, the chart and so forth.
I keep my helm charts in a private bitbucket and is possible to use command-line helm to add that repo using credentials, like this:
helm repo add my-helm https://api.bitbucket.org/2.0/repositories/myaccount/my-helm/src/master/ --username my#email.com --password mypass
How can I provide my credentials for my CDK stack to process the helm repo correct?
I use Typescript
Just hit the same limitation. It is not supported at the moment see here: https://github.com/aws/aws-cdk/issues/11031
Related
I had written the role task for adding the jumpstart repo and Next how can I pull the image from jumpstart repo
helm repo add jumpstart https://project.github.io/jumpstart
- name: Add jumpstart chart repo
community.kubernetes.helm_repository:
name: jumpstart
repo_url: "https://charts.jumpstart.io"
(below pull command how to use through kubernetes.core.helm using ansible)
helm pull jumpstart/patchfile
And after pulling want to install the chart
helm install patchfile -f patchfile.yaml jumpstart/patchfile -n test --create-namespace
Note: shell and command not to used
I am trying to add the Jfrog Artifactory to spinnaker so that spinnaker will be able to fetch the helm chart and makes the deployment. I am trying this command but it's not working
hal config artifact helm account add my-helm-account \
--username-password-file $USERNAME_PASSWORD_FILE
When I run the pipeline it shows me this error
Status: 500, URL: http://spin-clouddriver.spinnaker:7002/artifacts/fetch/, Message: Failed to download index.yaml file in
You'll need to provide the --repository flag as well. I'm guessing that spin-clouddriver URL is the default if a repository isn't specified.
The final hal command may look like this:
hal config artifact helm account add my-helm-account --username-password-file $USERNAME_PASSWORD_FILE --repository https://my.artifactory.com/artifactory/helm
Reference for the command: https://spinnaker.io/docs/reference/halyard/commands/#hal-config-artifact-helm-account-add
I'm attempting to use a Docker Registry to host Helm charts (see https://helm.sh/docs/topics/registries/). We use Spinnaker to Bake the Helm charts and deploy the resulting manifest.
We have it set up so that the Helm chart is one of the Artifacts in the Configuration step of the pipeline. When we set it up so that we reference the helm chart in the docker image field using the format {host}/{org}/{imagename}:{tag} with the appropriate docker-registry's account selected we get an Failed on startup: Unmatched expected artifact ExpectedArtifact.
Are we approaching this the right way? Would Spinnaker even support pulling a Helm chart from a Docker Registry?
It seems plausible we could introspect the manifest of that Docker Registry entry, get the sha256 of the blob for the helm chart and directly call the docker-registry blobs endpoint (https://docs.docker.com/registry/spec/api/#pulling-an-image) but that seems very roundabout and not obvious which helm chart we're looking at.
This is totally possible and it might just be a configuration issue in how you've set up the pipeline. In your configuration stage you want to include the artifact and then have a bake from manifest stage before the deploy stage. Hopefully this link helps: https://spinnaker.io/guides/user/kubernetes-v2/deploy-helm/#configure-the-bake-manifest-stage and you can always reach out in https://spinnakerteam.slack.com/ for more help.
I want to use Helm with Gitlab to deploy my services to OpenShift.
I have a Gitlab Runner deployed in OpenShift.
I already have Tiller installed in Openshift under the tiller namespace and am using the docker image docker.greater.com.au/platform/images/dtzar/helm-kubectl:latest
My system is also behind a proxy which I won't be able to get past.
As part of one of my Gitlab CI build steps I have the following:
$ helm init --client-only
Creating /root/.helm
Creating /root/.helm/repository
Creating /root/.helm/repository/cache
Creating /root/.helm/repository/local
Creating /root/.helm/plugins
Creating /root/.helm/starters
Creating /root/.helm/cache/archive
Creating /root/.helm/repository/repositories.yaml
Adding stable repo with URL: https://kubernetes-charts.storage.googleapis.com
Error: Looks like "https://kubernetes-charts.storage.googleapis.com" is not a valid chart repository or cannot be reached: Get https://kubernetes-charts.storage.googleapis.com/index.yaml: Proxy Authorization Required
My main question is I am wondering if it's possible to disable Helm from trying to add https://kubernetes-charts.storage.googleapis.com as a repostiory as part of helm init?
It might be worth noting that I do not know if helm init --client-only is a required step in using helm with this setup.
I have also tried a simple helm version and the server is responding with a Proxy Authorization Required error.
Client: &version.Version{SemVer:"v2.12.1",
GitCommit:"02a47c7249b1fc6d8fd3b94e6b4babf9d818144e", GitTreeState:"clean"}
Error: Get https://---.---.---.---:---/api/v1/namespaces/tiller/pods?labelSelector=app%3Dhelm%2Cname%3Dtiller: Proxy Authorization Required
I've removed the IP address but it's trying to resolve the Tiller server from the wrong IP address when running this helm version command.
You can define which stable repository you would like to use with option -o --stable-repo-url url.
Example: helm init --client-only --stable-repo-url https://path.to.my.repo
You could found more info here
I'm trying to load a Helm chart into IBM Cloud Private. When I run the bx pr load-ppa-archive --archive command or the bx pr load-helm-chart --archive command, I get an error that says that it can't load my Helm chart:
FAILED
Post https://mycluster.icp:8443/helm-repo/import: Service Unavailable
How do I make this work?
If you're trying to load the Helm chart from a node in the IBM Cloud Private cluster, this error can be caused by your http_proxy or HTTP_PROXY settings. You can try two things:
1. Install the CLI on a computer that's not in the cluster and upload the chart from there.
2. Add mycluster and mycluster.icp to the NO_PROXY variable on the cluster node and try again.