/helm-blob

Helm Plugin that allows you to manage private helm repositories on blob storage(Azure Blob, GCS, S3)

Primary LanguageGoMIT LicenseMIT

helm-blob Build Status

helm-blob plugin allows you to manage helm repositories on the blob storage like Azure Blob, GCS, S3, etc.

This plugin supports operations like uploading or deletion of charts from remote Helm Repository hosted on Blob Storage. It could be used to initialize the new Helm Repository.

helm-blob was inspired by Alex Khaerov's helm-gcs plugin with extending support for Azure Blob storage and S3, which makes helm-blob to support Azure Blob, GCS, S3 storage.

This plugin uses Go Cloud's Blob package.

Installation

helm plugin install https://github.com/C123R/helm-blob.git

To install specific version of:

helm plugin install https://github.com/C123R/helm-blob.git --version 0.3.1

If you are still using Helm Below Version 3:

helm plugin install https://github.com/C123R/helm-blob.git --version 0.1.1

Usage

Note: This plugin will not provide new blob storage, You must first create blob storage container/bucket that will be used as a remote chart repository.

  • Initialize a new chart repository

    helm blob init azblob://helmrepo

OR

helm blob init gs://helmrepo/charts

  • Add your repository to Helm

    helm repo add azurehelm azblob://helmrepo

  • Push a new chart to your repository

    helm blob push mychart.tar.gz azurehelm

    You can also push multiple charts from specific directory:

    helm blob push helm-charts/ gcsblob azurehelm

    This will publish all charts under helm-charts directory.

  • Updating Helm cache (Required after pushing new chart)

    helm repo update

  • Fetch the chart

    helm fetch azurehelm/mychart

  • Delete a chart

    helm blob delete mychart azurehelm

    Note: This will delete all chart versions from remote repository. To delete a specific chart:

    helm blob delete mychart -v 0.3.0 azurehelm

Authentication

Helm blob's plugin authentication varies depending upon the blob provider as mentioned below:

  • S3

    S3 provider support AWS default credential provider chain in the following order:

    • Environment variables.

    • Shared credentials file.

    • If your application is running on an Amazon EC2 instance, IAM role for Amazon EC2.

  • Azure Blob

    Currently it supports authentication only with environment variables:

    • AZURE_STORAGE_ACCOUNT
    • AZURE_STORAGE_KEY or AZURE_STORAGE_SAS_TOKEN

  • GCS

    GCS provider uses Application Default Credentials in the following order:

    • Environment Variable (GOOGLE_APPLICATION_CREDENTIALS)
    • Default Service Account from the compute instance(Compute Engine, Kubernetes Engine, Cloud function etc).

    To authenticate against GCS you can:

    See the GCP documentation for more information.