Helm helps you manage Kubernetes applications — Helm Charts help you define, install, and upgrade even the most complex Kubernetes application. Helm charts are a collection of Kubernetes YAML manifests distributed as a single package. They make it faster and easier to deploy complex applications in your cluster. Using GitLab as a ledger allows your team to store charts with your code in an organization-managed repository.
Also check:
Using the Helm GitLab repository
Make sure your GitLab instance has been updated to version 14.1. If you are using the GitLab.com hosted deployment, you will already have everything you need.
Switch over to your GitLab instance. Either create a new project or find an existing one. Using the left sidebar, navigate to Packages & Registries > Package Registry within your project. If you don’t see these menus, head to Settings > General, expand the “Visibility, project features, permissions” heading, and enable the “Packages” toggle.
Creating hem chart
To create a helm chart, use the helm create command.
➜ helm create nginx
Creating nginxHelm create a directory with the name you supplied. The directory contains the templates and chart definition. Inspect using this command:
➜ tree nginx
nginx
├── charts
├── Chart.yaml
├── templates
│ ├── deployment.yaml
│ ├── _helpers.tpl
│ ├── hpa.yaml
│ ├── ingress.yaml
│ ├── NOTES.txt
│ ├── serviceaccount.yaml
│ ├── service.yaml
│ └── tests
│ └── test-connection.yaml
└── values.yaml
3 directories, 10 filesHelm creates a starter chart directory along with the common files and directories used in a chart with NGINX as an example. We can install this into our Kubernetes cluster:
$ helm install nginx .Package distribution
To distribute helm chart, it has to be hosted in a repo. You can build the helm chart into a compressed file for ease of distribution using this command:
➜ helm package nginx
Successfully packaged chart and saved it to: /tmp/helm/nginx-0.1.0.tgzThe command creates a new tar.gz archive ready to upload. Before doing so, you can inspect the archive with the tar command to verify its content.
➜ tar ztf nginx-0.1.0.tgz
nginx/Chart.yaml
nginx/values.yaml
nginx/templates/NOTES.txt
nginx/templates/_helpers.tpl
nginx/templates/deployment.yaml
nginx/templates/hpa.yaml
nginx/templates/ingress.yaml
nginx/templates/service.yaml
nginx/templates/serviceaccount.yaml
nginx/templates/tests/test-connection.yaml
nginx/.helmignorePublish a package in Gitlab Package registry
For this, you need a username and an access token. To get it, head over to user settings in gitlab then access tokens. Create a new access token with api access. You can generate a new token by clicking your profile icon in the top-right of GitLab’s interface. Select “Preferences” from the menu, then “Access Tokens” from the left sidebar. Add a new access token with the api scope. The write_repository scope might look correct but won’t actually work; it only facilitates access using Git over HTTP, whereas Helm requires API integration. Checkout more information here.
Once built, a chart can be uploaded to the desired channel with curl or helm cm-push:
With curl:
curl --request POST \
--form '[email protected]' \
--user <username>:<access_token> \
https://gitlab.example.com/api/v4/projects/<project_id>/packages/helm/api/<channel>/charts<username>: the GitLab username or the deploy token username.<access_token>: the personal access token or the deploy token.<project_id>: the project ID (like42) or the URL-encoded path of the project (likegroup%2Fproject).<channel>: the name of the channel (likestable).
This is the output on my server
➜ curl --request POST \
--form '[email protected]' \
--user api-token:glpat-xxxxxxxxxxxxx \
https://gitlab.com/api/v4/projects/34000009/packages/helm/api/helm/charts
{"message":"201 Created"} With the helm cm-push plugin. For this you will need the plugin installed. Use this command:
helm plugin install https://github.com/chartmuseum/helm-pushThen you need to register it with your Helm client to begin with. Use this command:
helm repo add --username <username> --password <access_token> citizix \
https://gitlab.example.com/api/v4/projects/<project_id>/packages/helm/<channel>
helm cm-push mychart-0.1.0.tgz citizix<username>: the GitLab username or the deploy token username.<access_token>: the personal access token or the deploy token.<project_id>: the project ID (like42).<channel>: the name of the channel (likestable).
This is it in my machine
➜ helm repo add --username api-token --password glpat-xxxxx citizix https://gitlab.com/api/v4/projects/34000000/packages/helm/stable
"citizix" has been added to your repositoriesThen push
➜ helm cm-push nginx-0.1.0.tgz citizix
Pushing nginx-0.1.0.tgz to citizix...
Done.Confirm
➜ helm search repo citizix
NAME CHART VERSION APP VERSION DESCRIPTION
citizix/nginx 0.1.0 1.16.0 A Helm chart for KubernetesUsing Charts in the Repository
With the chart in your repository, you can deploy it into your Kubernetes cluster. helm install commands should work straightaway:
# load the contents of repositories helm repo update # install the chart helm install citizix/nginx
This will start a new chart deployment into your active cluster. Use the --kubeconfig and --namespace Helm flags if necessary to select an appropriate Kubernetes configuration file and specify the namespace to deploy into.
Accessing GitLab’s Repository in a CI Pipeline
As with its other package formats, GitLab’s Helm repository benefits from built-in integration with the software’s CI/CD system. Your pipelines will receive preset environment variables which simplify the chart publication process. You don’t need to set any custom CI variables to configure authentication.
Here’s an example pipeline which creates a chart and publishes it to your repository:
stages:
- helm-publish
helm-publish:
stage: helm-publish
image:
name: alpine/helm:latest
entrypoint: [""]
script:
- helm repo add --username $CI_REGISTRY_USER --password $CI_REGISTRY_PASSWORD my-repo $CI_REGISTRY
- helm package my-chart
- helm push my-chart.tgz my-repo
The $CI_REGISTRY variables are configured to let you push new packages into the registry.
