source-controller
source-controller copied to clipboard
fluxcd
Private HelmRepository on GitHub
Hi, Im wondering, how can I authorize a private helm repository on GitHub?
For git repository, the object takes a SecretRef which can be referenced as secret with the fields identity, identity.pub and known_hosts. As described here.
However, in the case of helm repository, SecretRef allows you to mount the secret with authorization via HTTP/S basic auth or TLS. Specification.
What if I want to use the ssh key? It is possible?
HelmRepository supports HTTP/S or OCI, but not SSH.
If you still prefer using SSH, then you can instead create a GitRepository instead. And on your HelmRelease you point to the path in which the chart is being hosted:
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: GitRepository
metadata:
name: git-based-chart
namespace: flux-system
spec:
interval: 1m0s
ref:
branch: main
secretRef:
name: secret-with-ssh-keys
url: ssh://[email protected]/USER/REPO
ignore: |
# exclude all
/*
# include charts directory
!/charts/
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: git-based-podinfo
namespace: flux-system
spec:
chart:
spec:
chart: ./charts/podinfo
sourceRef:
kind: GitRepository
name: git-based-chart
version: '*'
interval: 1m0s
releaseName: git-based-podinfo
targetNamespace: git-based-podinfo-repo
https://fluxcd.io/docs/components/source/helmcharts/#chart
