From 896a47c221cef8eba63e592143cc3311d9b68341 Mon Sep 17 00:00:00 2001 From: Derek Nola Date: Wed, 6 Sep 2023 09:47:25 -0700 Subject: [PATCH 1/2] Update helm chart fields Signed-off-by: Derek Nola --- docs/helm.md | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/docs/helm.md b/docs/helm.md index 658e2596..319a0b68 100644 --- a/docs/helm.md +++ b/docs/helm.md @@ -48,14 +48,24 @@ spec: | Field | Default | Description | Helm Argument / Flag Equivalent | |-------|---------|-------------|-------------------------------| -| name | | Helm Chart name | NAME | +| metadata.name | | Helm Chart name | NAME | | spec.chart | | Helm Chart name in repository, or complete HTTPS URL to chart archive (.tgz) | CHART | | spec.targetNamespace | default | Helm Chart target namespace | `--namespace` | +| spec.createNamespace | false | Create target namespace if not present | `--create-namespace` | | spec.version | | Helm Chart version (when installing from repository) | `--version` | | spec.repo | | Helm Chart repository URL | `--repo` | +| spec.repoCA | | Verify certificates of HTTPS-enabled servers using this CA bundle. Should be a string containing one or more PEM-encoded CA Certificates. | `--ca-file` | +| spec.repoCAConfigMap | | Reference to a ConfigMap containing CA Certificates to be be trusted by Helm. Can be used along with or instead of `repoCA` | `--ca-file` | | spec.helmVersion | v3 | Helm version to use (`v2` or `v3`) | | | spec.bootstrap | False | Set to True if this chart is needed to bootstrap the cluster (Cloud Controller Manager, etc) | | | spec.set | | Override simple default Chart values. These take precedence over options set via valuesContent. | `--set` / `--set-string` | +| spec.jobImage | | Specify the image to use when installing the helm chart. E.g. rancher/klipper-helm:v0.3.0 . | | +| spec.backOffLimit | 1000 | Specify the number of retries before considering a job failed. | | +| spec.timeout | 300s | Timeout for Helm operations, as a [duration string](https://pkg.go.dev/time#ParseDuration) (`300s`, `10m`, `1h`, etc) | `--timeout` | +| spec.failurePolicy | reinstall | Set to `abort` which case the Helm operation is aborted, pending manual intervention by the operator. | | +| spec.authSecret | | Reference to Secret of type `kubernetes.io/basic-auth` holding Basic auth credentials for the Chart repo. | | +| spec.authPassCredentials | false | Pass Basic auth credentials to all domains. | `--pass-credentials` | +| spec.dockerRegistrySecret | | Reference to Secret of type `kubernetes.io/dockerconfigjson` holding Docker auth credentials for the OCI-based registry acting as the Chart repo. | | | spec.valuesContent | | Override complex default Chart values via YAML file content | `--values` | | spec.chartContent | | Base64-encoded chart archive .tgz - overrides spec.chart | CHART | From 2c23d7f2eb932b15f2794e29a53d18a801535883 Mon Sep 17 00:00:00 2001 From: Derek Nola Date: Tue, 12 Sep 2023 10:10:34 -0700 Subject: [PATCH 2/2] Add authentication example chart Signed-off-by: Derek Nola --- docs/helm.md | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/docs/helm.md b/docs/helm.md index 319a0b68..870353e8 100644 --- a/docs/helm.md +++ b/docs/helm.md @@ -44,6 +44,50 @@ spec: enabled: true ``` +An example of deploying a helm chart from a private repo with authentication: + +```yaml +apiVersion: helm.cattle.io/v1 +kind: HelmChart +metadata: + namespace: kube-system + name: example-app +spec: + targetNamespace: example-space + createNamespace: true + version: v1.2.3 + chart: example-app + repo: https://secure-repo.example.com + authSecret: + name: example-repo-auth + repoCAConfigMap: + name: example-repo-ca + valuesContent: |- + image: + tag: v1.2.2 +--- +apiVersion: v1 +kind: Secret +metadata: + namespace: kube-system + name: example-repo-auth +type: kubernetes.io/basic-auth +stringData: + username: user + password: pass +--- +apiVersion: v1 +kind: ConfigMap +metadata: + namespace: kube-system + name: example-repo-ca +data: + ca.crt: |- + -----BEGIN CERTIFICATE----- + + -----END CERTIFICATE----- +``` + #### HelmChart Field Definitions | Field | Default | Description | Helm Argument / Flag Equivalent |