├── LICENSE
├── README.md
├── getfile.sh
└── plugin.yaml


/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2017 Diwakar
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Plugin to use github/gitlab/bitbucket as helm repo
 2 | 
 3 | This plugin makes it possible to use a private/public repository on github/gitlab/bitbucket as a helm repository also. You can keep the charts beside your code in the same repository.
 4 | 
 5 | ## Why this plugin
 6 | 
 7 | Using git repo itself as the helm repo is better in my opinion because
 8 | - It will cut down the need of having one more component to serve the charts. One less webserver to deal with and making it highly available.
 9 | - No need of extra security layer to secure charts. They remain as secure as your code is. They use same authentication and authorisation as of your git repository.
10 | - No dependence of extra storage layer like EBS, S3 and its security/replication.
11 | - Charts live beside its code in the same repo and remain tightly version controlled with the code.
12 | 
13 | Helm allows adding http and https repositories. So public repositories are not a problem. But it does not have any authentication/authorisation feature for adding/accessing the charts in the repository yet. Adding a private repo is not straight forward. You have to create private access token ([github](https://help.github.com/articles/creating-a-personal-access-token-for-the-command-line/)/[gitlab](https://docs.gitlab.com/ee/api/README.html#personal-access-tokens)) and embed directly in the URI of the repo. Example: https://gitlab.com/username/repo/raw/master/kubernetes/helm-chart?private_token=2xMusKyEgA7BRw5TaJYA. The problems with this approach are:
14 | - Security. You will have to make sure that you keep the token secure all the time.
15 | - Expiry. The token comes with a expiry. You will have to update the token in all repo's URI once it expires.
16 | - Running `helm repo list` prints the token in plain text every time. There is no way to hide it.
17 | 
18 | You will have to make these compromises without this plugin. If you are able to, then there is no need of using the plugin otherwise this plugin solves these problems.
19 | 
20 | ## Creating the helm repository
21 | 
22 | Lets say that this is structure of your repository
23 | ```
24 | .
25 | ├── Dockerfile
26 | ├── README.md
27 | ├── kubernetes
28 | │   └── helm-chart
29 | │       └── myapplication
30 | │           ├── Chart.yaml
31 | │           ├── templates
32 | │           │   ├── NOTES.txt
33 | │           │   ├── _helpers.tpl
34 | │           │   ├── deployment.yaml
35 | │           │   └── service.yaml
36 | │           └── values.yaml
37 | ├── src
38 | └── tests
39 | ```
40 | 
41 | Run the following commands to create repo index
42 | ```bash
43 | cd ./kubernetes/helm-chart
44 | helm package myapplication # generates myapplication.tgz
45 | helm repo index --url=gitlab://username/project:master/kubernetes/helm-chart . # generates index.yaml
46 | ```
47 | 
48 | Notice the url flag for `helm repo index` command. This is key for this plugin to work. The structure of the URI should be
49 | provider://username/repository-name:branch/dir-containing-index.yaml
50 | 
51 | Commit the files generated by the helm commands and push to the repo. Now the repository is setup.
52 | 
53 | The `provider` in the url can be
54 | - github
55 | - gitlab
56 | - bitbucket
57 | 
58 | Here are some examples of URI
59 | - github://diwakar-s-maurya/myapp:master/kubernetes/helm-chart
60 | - gitlab://diwakar-s-maurya/myproject:dev/kubernetes/helm-chart
61 | - bitbucket://diwakar-s-maurya/myoperator:prod/kubernetes/helm-chart
62 | 
63 | ## Adding the helm repository
64 | 
65 | Before using the plugin, you need to setup your machine to access your private/public git repository without manual username-password input. Best is to setup ssh keys in [github](https://help.github.com/articles/adding-a-new-ssh-key-to-your-github-account/)/[gitlab](https://www.packtpub.com/mapt/book/application_development/9781783986842/2/ch02lvl1sec20/adding-your-ssh-key-to-gitlab)
66 | 
67 | On same or another computer which has the above requirement fulfilled, install the plugin
68 | 
69 | ```bash
70 | helm plugin install https://github.com/diwakar-s-maurya/helm-git
71 | ```
72 | 
73 | Now add the repo,
74 | ```bash
75 | helm repo add myhelmrepo gitlab://username/project:master/kubernetes/helm-chart
76 | helm repo list
77 | ```
78 | 
79 | Now that you have added the repository, start using it as any other regular repository.
80 | 
81 | ```bash
82 | helm install myhelmrepo/myapplication
83 | ```
84 | 


--------------------------------------------------------------------------------
/getfile.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env sh
 2 | 
 3 | set -e
 4 | 
 5 | URI=$@ # eg: gitlab://username/project:master/kubernetes/helm-chart
 6 | PROVIDER=$(echo $URI | cut -d: -f1) # eg: gitlab
 7 | REPO=$(echo $URI | cut -d: -f2 | sed -e "s/\/\///") # eg: username/project
 8 | BRANCH=$(echo $URI | cut -d: -f3 | cut -d/ -f1) # eg: master
 9 | FILEPATH=$(echo $URI | cut -d: -f3 | sed -e "s/$BRANCH\///") # eg: kubernetes/helm-chart
10 | 
11 | # echo $URI $REPO $BRANCH $FILEPATH >&2
12 | 
13 | # make a temporary dir
14 | TMPDIR="$(mktemp -d)"
15 | cd $TMPDIR
16 | 
17 | git init --quiet
18 | git remote add origin git@$PROVIDER.com:$REPO.git
19 | git pull --depth=1 --quiet origin $BRANCH
20 | 
21 | if [ -f $FILEPATH ]; then # if a file named $FILEPATH exists
22 |   cat $FILEPATH
23 | else
24 |   echo "Error in plugin 'helm-git': $BRANCH:$FILEPATH does not exists" >&2
25 |   exit 1
26 | fi
27 | 
28 | # remove the temporary dir
29 | rm -rf $TMPDIR
30 | 


--------------------------------------------------------------------------------
/plugin.yaml:
--------------------------------------------------------------------------------
 1 | name: "helm-git"
 2 | version: "1.1.0"
 3 | description: |-
 4 |   Let's you use private github/gitlab/bitbucket repositories easily
 5 | downloaders:
 6 | - command: "getfile.sh"
 7 |   protocols:
 8 |     - "gitlab"
 9 |     - "github"
10 |     - "bitbucket"
11 | 


--------------------------------------------------------------------------------