https://pulumi.com logo
Join Slack
Powered by
This message was deleted.
# general
s
This message was deleted.
g
Yep, you can customize the repo settings with FetchOpts: https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/kubernetes/helm/v2/#FetchOpts
c
Then I’m not sure what I’m doing wrong because:
Copy code
Error: Looks like "<https://github.com/hashicorp/vault-helm/archive/v0.1.2.tar.gz>" is not a valid chart repository or cannot be reached: Failed to fetch <https://github.com/hashicorp/vault-helm/archive/v0.1.2.tar.gz/index.yaml> : 404 Not Found
    Error: Error: Command failed: helm fetch vault --untar --version 0.1.2 --destination /var/folders/dn/t652qw8j7g5378d66qqng_dh0000gn/T/tmp-15397WP5I3XXuaXhP --repo https\://github.com/hashicorp/vault-helm/archive/v0.1.2.tar.gz
    Error: Looks like "<https://github.com/hashicorp/vault-helm/archive/v0.1.2.tar.gz>" is not a valid chart repository or cannot be reached: Failed to fetch <https://github.com/hashicorp/vault-helm/archive/v0.1.2.tar.gz/index.yaml> : 404 Not Found
        at /Users/harrison/code/linio/infrastructure/node_modules/@pulumi/kubernetes/helm/v2/helm.js:109:23
        at OutputImpl.<anonymous> (/Users/harrison/code/linio/infrastructure/node_modules/@pulumi/pulumi/output.js:110:47)
        at Generator.next (<anonymous>)
        at fulfilled (/Users/harrison/code/linio/infrastructure/node_modules/@pulumi/pulumi/output.js:18:58)

    error: Error: Command failed: helm fetch vault --untar --version 0.1.2 --destination /var/folders/dn/t652qw8j7g5378d66qqng_dh0000gn/T/tmp-15397WP5I3XXuaXhP --repo https\://github.com/hashicorp/vault-helm/archive/v0.1.2.tar.gz
    Error: Looks like "<https://github.com/hashicorp/vault-helm/archive/v0.1.2.tar.gz>" is not a valid chart repository or cannot be reached: Failed to fetch <https://github.com/hashicorp/vault-helm/archive/v0.1.2.tar.gz/index.yaml> : 404 Not Found
g
Can I see the Chart code you’re using?
c
Sure
Copy code
new k8s.helm.v2.Chart(config.project, {
  chart: 'vault',
  version: 'v0.1.2',
  fetchOpts: {
    repo: '<https://github.com/hashicorp/vault-helm.git>'
  },
  namespace: namespace.metadata.name,
  values: {
    fullnameOverride: 'vault',
    ha: {
      enabled: true,
      config: pulumi.interpolate`
ui = true

listener "tcp" {
  tls_disable = 1
  address = "[::]:8200"
  cluster_address = "[::]:8201"
}

storage "spanner" {
  database = "projects/${config.gcp.require('project')}/instances/${gcp.spannerInstance.name}/databases/${gcp.spannerDatabase.name}"
  ha_enabled  = "true"
}

seal "gcpckms" {
  project = "${config.gcp.get('project')}"
  region = "${config.gcp.get('region')}"
  key_ring = "${gcp.keyRing.name}"
  crypto_key = "${gcp.cryptoKey.name}"
}
`
    },
    ui: {
      enabled: true
    },
    extraEnvironmentVars: {
      GOOGLE_APPLICATION_CREDENTIALS: '/vault/gcp-credentials.json'
    },
    extraVolumes: [
      {
        type: 'secret',
        name: gcpCredentials.metadata.name,
        path: '/vault/gcp-credentials.json'
      }
    ],
    annotations: {
      '<http://ad.datadoghq.com/vault.check_names|ad.datadoghq.com/vault.check_names>': JSON.stringify(['http_check', 'vault']),
      '<http://ad.datadoghq.com/vault.init_configs|ad.datadoghq.com/vault.init_configs>': JSON.stringify([{}, {}]),
      '<http://ad.datadoghq.com/vault.instances|ad.datadoghq.com/vault.instances>': JSON.stringify([
        [
          {
            name: config.project,
            url: `https://${config.appDnsHost}/`,
            // eslint-disable-next-line @typescript-eslint/camelcase
            disable_ssl_validation: false
          }
        ],
        [
          {
            // eslint-disable-next-line @typescript-eslint/camelcase
            api_url: `https://${config.appDnsHost}/v1`
          }
        ]
      ]),
      '<http://ad.datadoghq.com/vault.logs|ad.datadoghq.com/vault.logs>': JSON.stringify([{}])
    }
  }
});
I’ve tried a few variations, I’m still trying it out, but no matter what I get an error.
My guess is pulumi is not setup for it to work without the index.yaml
As in, it’s still just calling helm repo add internally rather than cloning the repo or downloading the tarball and running helm template
Or detecting the .git and cloning it and doing that, etc.
g
Yeah, it looks like they don’t have it set up as a Helm repo, so 
helm fetch
isn’t working properly. As a workaround, you can download the repo at the desired tag and then install it as a local chart. e.g.
Copy code
new k8s.helm.v2.Chart("vault", {
    path: "vault-helm",
    ...
});
c
That’s unfortunate. I would have hoped Pulumi would have supported this given it doesn’t use tiller (just helm template).
g
Right; it’s just a matter of implementing it. I hadn’t seen an example like that previously. Would you mind opening an issue to track?
c
Sure. I get that, I’m only saying that because I’ve seen this several times before. I don’t understand the hesitation of these chart developers for doing it properly.
3 Views
Open in Slack
PreviousNext
Powered by