|
|
|
@ -117,52 +117,79 @@ repository and omits all other files.
|
|
|
|
HTTP/S basic and SSH authentication can be configured for private
|
|
|
|
HTTP/S basic and SSH authentication can be configured for private
|
|
|
|
Git repositories. See the [`GitRepository` CRD docs](../components/source/gitrepositories.md)
|
|
|
|
Git repositories. See the [`GitRepository` CRD docs](../components/source/gitrepositories.md)
|
|
|
|
for more details.
|
|
|
|
for more details.
|
|
|
|
|
|
|
|
|
|
|
|
### Bucket
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Charts from S3 compatible storage buckets can be released by declaring
|
|
|
|
### Cloud Storage
|
|
|
|
a `Bucket`, the source-controller will fetch the contents of the bucket
|
|
|
|
|
|
|
|
on an interval and expose it as an artifact.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
**There is one caveat you should be aware of:** to make the
|
|
|
|
It is inadvisable while still possible to use a `Bucket` as a source for a `HelmRelease`,
|
|
|
|
source-controller produce a new chart artifact, the `version` in the
|
|
|
|
as the whole storage bucket will be downloaded by source controller at each sync. The
|
|
|
|
`Chart.yaml` of the chart must be bumped.
|
|
|
|
bucket can easily become very large if there are frequent releases of multiple charts
|
|
|
|
|
|
|
|
that are stored in the same bucket.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
A better option is to use [Chartmuseum](https://github.com/helm/chartmuseum) and run a cluster
|
|
|
|
|
|
|
|
local Helm repository that can be used by source controller. Chartmuseum has support
|
|
|
|
|
|
|
|
for multiple different cloud storage solutions such as S3, GCS, and Azure Blob Storage,
|
|
|
|
|
|
|
|
meaning that you are not limited to only using storage providers that support the S3 protocol.
|
|
|
|
|
|
|
|
|
|
|
|
An example `Bucket`:
|
|
|
|
You can deploy a Chartmuseum instance with a `HelmRelease` that exposes a Helm repository stored
|
|
|
|
|
|
|
|
in a S3 bucket. Please refer to [Chartmuseums how to run documentation](https://chartmuseum.com/docs/#how-to-run)
|
|
|
|
|
|
|
|
for details about how to use other storage backends.
|
|
|
|
|
|
|
|
|
|
|
|
```yaml
|
|
|
|
```yaml
|
|
|
|
apiVersion: source.toolkit.fluxcd.io/v1beta1
|
|
|
|
apiVersion: source.toolkit.fluxcd.io/v1beta1
|
|
|
|
kind: Bucket
|
|
|
|
kind: HelmRepository
|
|
|
|
metadata:
|
|
|
|
metadata:
|
|
|
|
name: podinfo
|
|
|
|
name: chartmuseum
|
|
|
|
namespace: gotk-system
|
|
|
|
namespace: flux-system
|
|
|
|
spec:
|
|
|
|
spec:
|
|
|
|
interval: 1m
|
|
|
|
url: https://chartmuseum.github.io/charts
|
|
|
|
provider: generic
|
|
|
|
interval: 10m
|
|
|
|
bucketName: podinfo
|
|
|
|
---
|
|
|
|
endpoint: minio.minio.svc.cluster.local:9000
|
|
|
|
apiVersion: helm.toolkit.fluxcd.io/v2beta1
|
|
|
|
ignore: |
|
|
|
|
kind: HelmRelease
|
|
|
|
# exclude all
|
|
|
|
metadata:
|
|
|
|
/*
|
|
|
|
name: chartmuseum
|
|
|
|
# include charts directory
|
|
|
|
namespace: flux-system
|
|
|
|
!/charts/
|
|
|
|
spec:
|
|
|
|
|
|
|
|
interval: 5m
|
|
|
|
|
|
|
|
chart:
|
|
|
|
|
|
|
|
spec:
|
|
|
|
|
|
|
|
chart: chartmuseum
|
|
|
|
|
|
|
|
version: "2.14.2"
|
|
|
|
|
|
|
|
sourceRef:
|
|
|
|
|
|
|
|
kind: HelmRepository
|
|
|
|
|
|
|
|
name: chartmuseum
|
|
|
|
|
|
|
|
namespace: flux-system
|
|
|
|
|
|
|
|
interval: 1m
|
|
|
|
|
|
|
|
values:
|
|
|
|
|
|
|
|
env:
|
|
|
|
|
|
|
|
open:
|
|
|
|
|
|
|
|
AWS_SDK_LOAD_CONFIG: true
|
|
|
|
|
|
|
|
STORAGE: amazon
|
|
|
|
|
|
|
|
STORAGE_AMAZON_BUCKET: "bucket-name"
|
|
|
|
|
|
|
|
STORAGE_AMAZON_PREFIX: ""
|
|
|
|
|
|
|
|
STORAGE_AMAZON_REGION: "region-name"
|
|
|
|
|
|
|
|
serviceAccount:
|
|
|
|
|
|
|
|
create: true
|
|
|
|
|
|
|
|
annotations:
|
|
|
|
|
|
|
|
eks.amazonaws.com/role-arn: "role-arn"
|
|
|
|
|
|
|
|
securityContext:
|
|
|
|
|
|
|
|
enabled: true
|
|
|
|
|
|
|
|
fsGroup: 65534
|
|
|
|
```
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
The `interval` defines at which interval the Git repository contents
|
|
|
|
After Chartmuseum is up and running it should be possible to use the accompanying
|
|
|
|
are fetched, and should be at least `1m`. Setting this to a higher
|
|
|
|
service as the url for the `HelmRepository`.
|
|
|
|
value means newer chart versions will be detected at a slower pace,
|
|
|
|
|
|
|
|
a push-based fetch can be introduced using [webhook receivers](webhook-receivers.md)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The `provider`, `bucketName` and `endpoint` together define what
|
|
|
|
|
|
|
|
S3 compatible storage should be connected to. For more information,
|
|
|
|
|
|
|
|
see the [`Bucket` CRD docs](../components/source/buckets.md).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
```yaml
|
|
|
|
The `ignore` defines file and folder exclusion for the
|
|
|
|
apiVersion: source.toolkit.fluxcd.io/v1beta1
|
|
|
|
artifact produced, and follows the [`.gitignore` pattern
|
|
|
|
kind: HelmRepository
|
|
|
|
format](https://git-scm.com/docs/gitignore#_pattern_format).
|
|
|
|
metadata:
|
|
|
|
The above example only includes the `charts` directory of the
|
|
|
|
name: helm-charts
|
|
|
|
repository and omits all other files.
|
|
|
|
namespace: flux-system
|
|
|
|
|
|
|
|
spec:
|
|
|
|
|
|
|
|
interval: 1m
|
|
|
|
|
|
|
|
url: http://chartmuseum-chartmuseum:8080
|
|
|
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
## Define a Helm release
|
|
|
|
## Define a Helm release
|
|
|
|
|
|
|
|
|
|
|
|
|
Philip Laine
4 years ago