This message was deleted Pulumi Community #kubernetes

Join Slack

This message was deleted.

# kubernetes

sparse-intern-71089

04/06/2021, 6:22 AM

This message was deleted.

better-shampoo-48884

04/06/2021, 6:32 AM

once I do this:

Copy code

λ helm repo add csi-secrets-store-provider-azure <https://raw.githubusercontent.com/Azure/secrets-store-csi-driver-provider-azure/master/charts>
"csi-secrets-store-provider-azure" has been added to your repositories
λ helm repo update
Hang tight while we grab the latest from your chart repositories...
...Successfully got an update from the "csi-secrets-store-provider-azure" chart repository
...Successfully got an update from the "bitnami" chart repository
Update Complete. ⎈Happy Helming!⎈

Then it works fine:

Copy code

Previewing update (dev.k8s.infratesting):

 +  pulumi:pulumi:Stack baseline-k8s-dev.k8s.infratesting create
 +  kubernetes:<http://helm.sh/v3:Chart|helm.sh/v3:Chart> keyVaultCSI create
 +  pulumi:pulumi:Stack baseline-k8s-dev.k8s.infratesting create read pulumi:pulumi:StackReference dev.infra.infratesting-reference
 +  pulumi:pulumi:Stack baseline-k8s-dev.k8s.infratesting create read pulumi:pulumi:StackReference dev.infra.infratesting-reference
 +  pulumi:providers:kubernetes clusterProvider create
 +  kubernetes:apps/v1:DaemonSet default/keyVaultCSI-secrets-store-csi-driver create
 +  kubernetes:<http://apiextensions.k8s.io/v1:CustomResourceDefinition|apiextensions.k8s.io/v1:CustomResourceDefinition> <http://secretproviderclasspodstatuses.secrets-store.csi.x-k8s.io|secretproviderclasspodstatuses.secrets-store.csi.x-k8s.io> create
 +  kubernetes:<http://storage.k8s.io/v1:CSIDriver|storage.k8s.io/v1:CSIDriver> <http://secrets-store.csi.k8s.io|secrets-store.csi.k8s.io> create
 +  kubernetes:<http://rbac.authorization.k8s.io/v1:ClusterRole|rbac.authorization.k8s.io/v1:ClusterRole> secretprovidersyncing-role create
 +  kubernetes:<http://rbac.authorization.k8s.io/v1:ClusterRole|rbac.authorization.k8s.io/v1:ClusterRole> secretproviderclasses-role create
 +  kubernetes:<http://rbac.authorization.k8s.io/v1:ClusterRoleBinding|rbac.authorization.k8s.io/v1:ClusterRoleBinding> secretprovidersyncing-rolebinding create
 +  kubernetes:<http://rbac.authorization.k8s.io/v1:ClusterRoleBinding|rbac.authorization.k8s.io/v1:ClusterRoleBinding> secretproviderclasses-rolebinding create
 +  kubernetes:core/v1:ServiceAccount default/csi-secrets-store-provider-azure create
 +  kubernetes:core/v1:ServiceAccount default/secrets-store-csi-driver create
 +  kubernetes:<http://apiextensions.k8s.io/v1:CustomResourceDefinition|apiextensions.k8s.io/v1:CustomResourceDefinition> <http://secretproviderclasses.secrets-store.csi.x-k8s.io|secretproviderclasses.secrets-store.csi.x-k8s.io> create
 +  kubernetes:apps/v1:DaemonSet default/keyVaultCSI-csi-secrets-store-provider-azure create
 +  pulumi:pulumi:Stack baseline-k8s-dev.k8s.infratesting create

Resources:
    + 14 to create

Is it really intended behavior that helm needs to be pre-registered and updated with all the repositories I want to use in pulumi before I begin?

billowy-army-68599

04/06/2021, 6:36 AM

no it's not. Having said that, i've never seen a helm chart be served from a github manifest. I see they've checked their tarballs and

index.yaml

into the repo, but i suspect helm template doesn't support that mechanism

better-shampoo-48884

04/06/2021, 6:37 AM

worked fine with the

helm

command above as you can see 😉

billowy-army-68599

04/06/2021, 6:37 AM

generally a chart will be served from a website, I think what's happening here is that the way we invoke helm charts (using

helm template

) isn't hitting the

index.yaml

for that site correctly

billowy-army-68599

04/06/2021, 6:38 AM

it does seem to work:

Copy code

helm template foo csi-secrets-store-provider-azure --repo <https://raw.githubusercontent.com/Azure/secrets-store-csi-driver-provider-azure/master/charts>

can you open an issue for this? It's probably just an edge case we've missed

better-shampoo-48884

04/06/2021, 6:38 AM

sure

billowy-army-68599

04/06/2021, 6:38 AM

wait hold on, you have an extra slash at the end of your

repo

"<https://raw.githubusercontent.com/Azure/secrets-store-csi-driver-provider-azure/master/charts//>"

billowy-army-68599

04/06/2021, 6:39 AM

can you try remove that and try again?

better-shampoo-48884

04/06/2021, 6:58 AM

Tried all permutations of slashes up to 2x / - as per the "remote chart" example here: https://www.pulumi.com/docs/reference/pkg/kubernetes/helm/v3/chart/

better-shampoo-48884

04/06/2021, 6:58 AM

The example (to save a click):

Copy code

import * as k8s from "@pulumi/kubernetes";

const nginxIngress = new k8s.helm.v3.Chart("nginx-ingress", {
    chart: "nginx-ingress",
    version: "1.24.4",
    fetchOpts:{
        repo: "<https://charts.helm.sh/stable//>",
    },
});

better-shampoo-48884

04/06/2021, 7:20 AM

Error-message wise it looks similar to this closed issue: https://github.com/pulumi/pulumi-kubernetes/issues/1505

better-shampoo-48884

04/06/2021, 7:32 AM

created https://github.com/pulumi/pulumi-kubernetes/issues/1518 regardless.

4 Views

Open in Slack

Previous Next