Does pulumi currently support a git repo as a helm...
# generalc
cool-egg-852
09/17/2019, 7:07 PMDoes pulumi currently support a git repo as a helm chart repo? For example, Hashicorp’s vault chart is on https://github.com/hashicorp/vault-helm
g
gorgeous-egg-16927
09/17/2019, 7:08 PMYep, you can customize the repo settings with FetchOpts: https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/kubernetes/helm/v2/#FetchOpts
c
cool-egg-852
09/17/2019, 7:09 PMThen I’m not sure what I’m doing wrong because:
Copy code
Error: Looks like "<https://github.com/hashicorp/vault-helm/archive/v0.1.2.tar.gz>" is not a valid chart repository or cannot be reached: Failed to fetch <https://github.com/hashicorp/vault-helm/archive/v0.1.2.tar.gz/index.yaml> : 404 Not Found
Error: Error: Command failed: helm fetch vault --untar --version 0.1.2 --destination /var/folders/dn/t652qw8j7g5378d66qqng_dh0000gn/T/tmp-15397WP5I3XXuaXhP --repo https\://github.com/hashicorp/vault-helm/archive/v0.1.2.tar.gz
Error: Looks like "<https://github.com/hashicorp/vault-helm/archive/v0.1.2.tar.gz>" is not a valid chart repository or cannot be reached: Failed to fetch <https://github.com/hashicorp/vault-helm/archive/v0.1.2.tar.gz/index.yaml> : 404 Not Found
at /Users/harrison/code/linio/infrastructure/node_modules/@pulumi/kubernetes/helm/v2/helm.js:109:23
at OutputImpl.<anonymous> (/Users/harrison/code/linio/infrastructure/node_modules/@pulumi/pulumi/output.js:110:47)
at Generator.next (<anonymous>)
at fulfilled (/Users/harrison/code/linio/infrastructure/node_modules/@pulumi/pulumi/output.js:18:58)
error: Error: Command failed: helm fetch vault --untar --version 0.1.2 --destination /var/folders/dn/t652qw8j7g5378d66qqng_dh0000gn/T/tmp-15397WP5I3XXuaXhP --repo https\://github.com/hashicorp/vault-helm/archive/v0.1.2.tar.gz
Error: Looks like "<https://github.com/hashicorp/vault-helm/archive/v0.1.2.tar.gz>" is not a valid chart repository or cannot be reached: Failed to fetch <https://github.com/hashicorp/vault-helm/archive/v0.1.2.tar.gz/index.yaml> : 404 Not Foundg
gorgeous-egg-16927
09/17/2019, 7:10 PMCan I see the Chart code you’re using?
c
cool-egg-852
09/17/2019, 7:10 PMSure
cool-egg-852
09/17/2019, 7:10 PM Copy code
new k8s.helm.v2.Chart(config.project, {
chart: 'vault',
version: 'v0.1.2',
fetchOpts: {
repo: '<https://github.com/hashicorp/vault-helm.git>'
},
namespace: namespace.metadata.name,
values: {
fullnameOverride: 'vault',
ha: {
enabled: true,
config: pulumi.interpolate`
ui = true
listener "tcp" {
tls_disable = 1
address = "[::]:8200"
cluster_address = "[::]:8201"
}
storage "spanner" {
database = "projects/${config.gcp.require('project')}/instances/${gcp.spannerInstance.name}/databases/${gcp.spannerDatabase.name}"
ha_enabled = "true"
}
seal "gcpckms" {
project = "${config.gcp.get('project')}"
region = "${config.gcp.get('region')}"
key_ring = "${gcp.keyRing.name}"
crypto_key = "${gcp.cryptoKey.name}"
}
`
},
ui: {
enabled: true
},
extraEnvironmentVars: {
GOOGLE_APPLICATION_CREDENTIALS: '/vault/gcp-credentials.json'
},
extraVolumes: [
{
type: 'secret',
name: gcpCredentials.metadata.name,
path: '/vault/gcp-credentials.json'
}
],
annotations: {
'<http://ad.datadoghq.com/vault.check_names|ad.datadoghq.com/vault.check_names>': JSON.stringify(['http_check', 'vault']),
'<http://ad.datadoghq.com/vault.init_configs|ad.datadoghq.com/vault.init_configs>': JSON.stringify([{}, {}]),
'<http://ad.datadoghq.com/vault.instances|ad.datadoghq.com/vault.instances>': JSON.stringify([
[
{
name: config.project,
url: `https://${config.appDnsHost}/`,
// eslint-disable-next-line @typescript-eslint/camelcase
disable_ssl_validation: false
}
],
[
{
// eslint-disable-next-line @typescript-eslint/camelcase
api_url: `https://${config.appDnsHost}/v1`
}
]
]),
'<http://ad.datadoghq.com/vault.logs|ad.datadoghq.com/vault.logs>': JSON.stringify([{}])
}
}
});cool-egg-852
09/17/2019, 7:11 PMI’ve tried a few variations, I’m still trying it out, but no matter what I get an error.
cool-egg-852
09/17/2019, 7:11 PMMy guess is pulumi is not setup for it to work without the index.yaml
cool-egg-852
09/17/2019, 7:12 PMAs in, it’s still just calling helm repo add internally rather than cloning the repo or downloading the tarball and running helm template
cool-egg-852
09/17/2019, 7:16 PMOr detecting the .git and cloning it and doing that, etc.
g
gorgeous-egg-16927
09/17/2019, 7:23 PMYeah, it looks like they don’t have it set up as a Helm repo, so
helm fetch Copy code
new k8s.helm.v2.Chart("vault", {
path: "vault-helm",
...
});c
cool-egg-852
09/17/2019, 7:24 PMThat’s unfortunate. I would have hoped Pulumi would have supported this given it doesn’t use tiller (just helm template).
g
gorgeous-egg-16927
09/17/2019, 7:26 PMRight; it’s just a matter of implementing it. I hadn’t seen an example like that previously. Would you mind opening an issue to track?
c
cool-egg-852
09/17/2019, 7:28 PMSure. I get that, I’m only saying that because I’ve seen this several times before. I don’t understand the hesitation of these chart developers for doing it properly.
cool-egg-852
09/17/2019, 7:32 PM3 Views