helm-blob
plugin allows you to manage helm repositories on the blob storage like Azure Blob, GCS, S3, etc.
This plugin supports operations like uploading or deletion of charts from remote Helm Repository hosted on Blob Storage. It could be used to initialize the new Helm Repository.
helm-blob
was inspired by Alex Khaerov's helm-gcs plugin with extending support for Azure Blob storage and S3, which makes helm-blob to support Azure Blob, GCS, S3 storage.
This plugin uses Go Cloud's Blob package.
helm plugin install https://github.com/C123R/helm-blob.git
To install specific version of:
helm plugin install https://github.com/C123R/helm-blob.git --version 0.3.1
helm plugin install https://github.com/C123R/helm-blob.git --version 0.1.1
Note: This plugin will not provide new blob storage, You must first create blob storage container/bucket that will be used as a remote chart repository.
-
helm blob init azblob://helmrepo OR helm blob init gs://helmrepo/charts
-
helm repo add azurehelm azblob://helmrepo
-
helm blob push mychart.tar.gz azurehelm
You can also push multiple charts from specific directory:
helm blob push helm-charts/ gcsblob azurehelm
This will publish all charts under helm-charts directory.
-
helm repo update
-
helm fetch azurehelm/mychart
-
helm blob delete mychart azurehelm
Note: This will delete all chart versions from remote repository. To delete a specific chart:
helm blob delete mychart -v 0.3.0 azurehelm
Helm blob's plugin authentication varies depending upon the blob provider as mentioned below:
-
S3 provider support AWS default credential provider chain in the following order:
-
Environment variables.
-
Shared credentials file.
-
If your application is running on an Amazon EC2 instance, IAM role for Amazon EC2.
-
-
Currently it supports authentication only with environment variables:
- AZURE_STORAGE_ACCOUNT
- AZURE_STORAGE_KEY or AZURE_STORAGE_SAS_TOKEN
-
GCS provider uses Application Default Credentials in the following order:
- Environment Variable (GOOGLE_APPLICATION_CREDENTIALS)
- Default Service Account from the compute instance(Compute Engine, Kubernetes Engine, Cloud function etc).
To authenticate against GCS you can:
-
Use the application default credentials
-
Use a service account via the global flag
--service-account
See the GCP documentation for more information.