https://pulumi.com logo
Powered by
c

cool-egg-852

09/17/2019, 7:07 PM
Does pulumi currently support a git repo as a helm chart repo? For example, Hashicorp’s vault chart is on https://github.com/hashicorp/vault-helm
g

gorgeous-egg-16927

09/17/2019, 7:08 PM
Yep, you can customize the repo settings with FetchOpts: https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/kubernetes/helm/v2/#FetchOpts
c

cool-egg-852

09/17/2019, 7:09 PM
Then I’m not sure what I’m doing wrong because:
Copy code
Error: Looks like "<https://github.com/hashicorp/vault-helm/archive/v0.1.2.tar.gz>" is not a valid chart repository or cannot be reached: Failed to fetch <https://github.com/hashicorp/vault-helm/archive/v0.1.2.tar.gz/index.yaml> : 404 Not Found
    Error: Error: Command failed: helm fetch vault --untar --version 0.1.2 --destination /var/folders/dn/t652qw8j7g5378d66qqng_dh0000gn/T/tmp-15397WP5I3XXuaXhP --repo https\://github.com/hashicorp/vault-helm/archive/v0.1.2.tar.gz
    Error: Looks like "<https://github.com/hashicorp/vault-helm/archive/v0.1.2.tar.gz>" is not a valid chart repository or cannot be reached: Failed to fetch <https://github.com/hashicorp/vault-helm/archive/v0.1.2.tar.gz/index.yaml> : 404 Not Found
        at /Users/harrison/code/linio/infrastructure/node_modules/@pulumi/kubernetes/helm/v2/helm.js:109:23
        at OutputImpl.<anonymous> (/Users/harrison/code/linio/infrastructure/node_modules/@pulumi/pulumi/output.js:110:47)
        at Generator.next (<anonymous>)
        at fulfilled (/Users/harrison/code/linio/infrastructure/node_modules/@pulumi/pulumi/output.js:18:58)

    error: Error: Command failed: helm fetch vault --untar --version 0.1.2 --destination /var/folders/dn/t652qw8j7g5378d66qqng_dh0000gn/T/tmp-15397WP5I3XXuaXhP --repo https\://github.com/hashicorp/vault-helm/archive/v0.1.2.tar.gz
    Error: Looks like "<https://github.com/hashicorp/vault-helm/archive/v0.1.2.tar.gz>" is not a valid chart repository or cannot be reached: Failed to fetch <https://github.com/hashicorp/vault-helm/archive/v0.1.2.tar.gz/index.yaml> : 404 Not Found
g

gorgeous-egg-16927

09/17/2019, 7:10 PM
Can I see the Chart code you’re using?
c

cool-egg-852

09/17/2019, 7:10 PM
Sure
Copy code
new k8s.helm.v2.Chart(config.project, {
  chart: 'vault',
  version: 'v0.1.2',
  fetchOpts: {
    repo: '<https://github.com/hashicorp/vault-helm.git>'
  },
  namespace: namespace.metadata.name,
  values: {
    fullnameOverride: 'vault',
    ha: {
      enabled: true,
      config: pulumi.interpolate`
ui = true

listener "tcp" {
  tls_disable = 1
  address = "[::]:8200"
  cluster_address = "[::]:8201"
}

storage "spanner" {
  database = "projects/${config.gcp.require('project')}/instances/${gcp.spannerInstance.name}/databases/${gcp.spannerDatabase.name}"
  ha_enabled  = "true"
}

seal "gcpckms" {
  project = "${config.gcp.get('project')}"
  region = "${config.gcp.get('region')}"
  key_ring = "${gcp.keyRing.name}"
  crypto_key = "${gcp.cryptoKey.name}"
}
`
    },
    ui: {
      enabled: true
    },
    extraEnvironmentVars: {
      GOOGLE_APPLICATION_CREDENTIALS: '/vault/gcp-credentials.json'
    },
    extraVolumes: [
      {
        type: 'secret',
        name: gcpCredentials.metadata.name,
        path: '/vault/gcp-credentials.json'
      }
    ],
    annotations: {
      '<http://ad.datadoghq.com/vault.check_names|ad.datadoghq.com/vault.check_names>': JSON.stringify(['http_check', 'vault']),
      '<http://ad.datadoghq.com/vault.init_configs|ad.datadoghq.com/vault.init_configs>': JSON.stringify([{}, {}]),
      '<http://ad.datadoghq.com/vault.instances|ad.datadoghq.com/vault.instances>': JSON.stringify([
        [
          {
            name: config.project,
            url: `https://${config.appDnsHost}/`,
            // eslint-disable-next-line @typescript-eslint/camelcase
            disable_ssl_validation: false
          }
        ],
        [
          {
            // eslint-disable-next-line @typescript-eslint/camelcase
            api_url: `https://${config.appDnsHost}/v1`
          }
        ]
      ]),
      '<http://ad.datadoghq.com/vault.logs|ad.datadoghq.com/vault.logs>': JSON.stringify([{}])
    }
  }
});
I’ve tried a few variations, I’m still trying it out, but no matter what I get an error.
My guess is pulumi is not setup for it to work without the index.yaml
As in, it’s still just calling helm repo add internally rather than cloning the repo or downloading the tarball and running helm template
Or detecting the .git and cloning it and doing that, etc.
g

gorgeous-egg-16927

09/17/2019, 7:23 PM
Yeah, it looks like they don’t have it set up as a Helm repo, so 
helm fetch
isn’t working properly. As a workaround, you can download the repo at the desired tag and then install it as a local chart. e.g.
Copy code
new k8s.helm.v2.Chart("vault", {
    path: "vault-helm",
    ...
});
c

cool-egg-852

09/17/2019, 7:24 PM
That’s unfortunate. I would have hoped Pulumi would have supported this given it doesn’t use tiller (just helm template).
g

gorgeous-egg-16927

09/17/2019, 7:26 PM
Right; it’s just a matter of implementing it. I hadn’t seen an example like that previously. Would you mind opening an issue to track?
c

cool-egg-852

09/17/2019, 7:28 PM
Sure. I get that, I’m only saying that because I’ve seen this several times before. I don’t understand the hesitation of these chart developers for doing it properly.
3 Views
Powered by