From bf2e59fe4e0f77026eb0da750549f1ba5835d1c0 Mon Sep 17 00:00:00 2001 From: Cole Arendt Date: Tue, 25 Jan 2022 09:16:09 -0500 Subject: [PATCH 01/11] add helpers to generate a ghcr docker secret --- charts/ghcr/templates/_ghcr.tpl | 19 +++++++++ charts/ghcr/templates/_helpers.tpl | 62 ++++++++++++++++++++++++++++++ charts/ghcr/templates/secret.yaml | 9 +++++ 3 files changed, 90 insertions(+) create mode 100644 charts/ghcr/templates/_ghcr.tpl create mode 100644 charts/ghcr/templates/_helpers.tpl create mode 100644 charts/ghcr/templates/secret.yaml diff --git a/charts/ghcr/templates/_ghcr.tpl b/charts/ghcr/templates/_ghcr.tpl new file mode 100644 index 0000000..f884093 --- /dev/null +++ b/charts/ghcr/templates/_ghcr.tpl @@ -0,0 +1,19 @@ +{{- /* + Base64 Encode the essential "username:password" key + + Required keys: + username + password +*/ -}} +{{- define "ghcr.b64Base" -}} + {{- printf "%s:%s" .username .password | b64enc }} +{{- end }} + +{{- define "ghcr.jsonBase" -}} + {{- printf "{\"auths\":{\"ghcr.io\":{\"auth\": \"%s\"}}}" . | b64enc }} +{{- end }} + +{{- define "ghcr.authSecret" -}} + {{- $secret := include "ghcr.b64Base" . -}} + {{- include "ghcr.jsonBase" $secret }} +{{- end }} diff --git a/charts/ghcr/templates/_helpers.tpl b/charts/ghcr/templates/_helpers.tpl new file mode 100644 index 0000000..f58761c --- /dev/null +++ b/charts/ghcr/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ghcr.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ghcr.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ghcr.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ghcr.labels" -}} +helm.sh/chart: {{ include "ghcr.chart" . }} +{{ include "ghcr.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ghcr.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ghcr.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ghcr.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ghcr.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/ghcr/templates/secret.yaml b/charts/ghcr/templates/secret.yaml new file mode 100644 index 0000000..a200518 --- /dev/null +++ b/charts/ghcr/templates/secret.yaml @@ -0,0 +1,9 @@ +{{- if .Values.dockerConfigJson.username }} +kind: Secret +type: kubernetes.io/dockerconfigjson +apiVersion: v1 +metadata: + name: {{ include "ghcr.fullname" . }} +data: + .dockerconfigjson: {{- include "ghcr.authSecret" ( dict "username" .Values.dockerConfigJson.username "password" .Values.dockerConfigJson.password ) | nindent 4 }} +{{- end }} From 4ccc443517d97d20602282e4175c8bf5209259d4 Mon Sep 17 00:00:00 2001 From: Cole Arendt Date: Tue, 25 Jan 2022 10:05:44 -0500 Subject: [PATCH 02/11] add core chart components --- charts/ghcr/.helmignore | 23 +++++++++++++++++++++++ charts/ghcr/Chart.yaml | 7 +++++++ charts/ghcr/values.yaml | 3 +++ 3 files changed, 33 insertions(+) create mode 100644 charts/ghcr/.helmignore create mode 100644 charts/ghcr/Chart.yaml create mode 100644 charts/ghcr/values.yaml diff --git a/charts/ghcr/.helmignore b/charts/ghcr/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/ghcr/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/ghcr/Chart.yaml b/charts/ghcr/Chart.yaml new file mode 100644 index 0000000..1f14f6b --- /dev/null +++ b/charts/ghcr/Chart.yaml @@ -0,0 +1,7 @@ +apiVersion: v2 +name: ghcr +description: A Helm chart that deploys a ghcr secret + +type: application +version: 0.1.0 +appVersion: "0.1.0" diff --git a/charts/ghcr/values.yaml b/charts/ghcr/values.yaml new file mode 100644 index 0000000..568646d --- /dev/null +++ b/charts/ghcr/values.yaml @@ -0,0 +1,3 @@ +dockerConfigJson: + username: '' + password: '' From 0aafaca5b289eb3c9409444cea62ee0d7c0eaef7 Mon Sep 17 00:00:00 2001 From: Cole Arendt Date: Tue, 25 Jan 2022 10:09:35 -0500 Subject: [PATCH 03/11] add back some core values add support for extra labels --- charts/ghcr/templates/secret.yaml | 4 ++++ charts/ghcr/values.yaml | 18 ++++++++++++++++++ 2 files changed, 22 insertions(+) diff --git a/charts/ghcr/templates/secret.yaml b/charts/ghcr/templates/secret.yaml index a200518..f9e52a7 100644 --- a/charts/ghcr/templates/secret.yaml +++ b/charts/ghcr/templates/secret.yaml @@ -4,6 +4,10 @@ type: kubernetes.io/dockerconfigjson apiVersion: v1 metadata: name: {{ include "ghcr.fullname" . }} + {{- with .Values.extraLabels }} + labels: + {{- toYaml . | nindent 4 }} + {{- end }} data: .dockerconfigjson: {{- include "ghcr.authSecret" ( dict "username" .Values.dockerConfigJson.username "password" .Values.dockerConfigJson.password ) | nindent 4 }} {{- end }} diff --git a/charts/ghcr/values.yaml b/charts/ghcr/values.yaml index 568646d..543f50d 100644 --- a/charts/ghcr/values.yaml +++ b/charts/ghcr/values.yaml @@ -1,3 +1,21 @@ +# Default values for ghcr. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +extraLabels: {} + dockerConfigJson: username: '' password: '' From e572943136ae40e2345345e676d02ddf4d13933d Mon Sep 17 00:00:00 2001 From: Cole Arendt Date: Wed, 26 Jan 2022 19:34:00 -0500 Subject: [PATCH 04/11] rename ghcr chart to regcred --- charts/{ghcr => regcred}/.helmignore | 0 charts/{ghcr => regcred}/Chart.yaml | 0 charts/{ghcr => regcred}/templates/_ghcr.tpl | 0 charts/{ghcr => regcred}/templates/_helpers.tpl | 0 charts/{ghcr => regcred}/templates/secret.yaml | 0 charts/{ghcr => regcred}/values.yaml | 0 6 files changed, 0 insertions(+), 0 deletions(-) rename charts/{ghcr => regcred}/.helmignore (100%) rename charts/{ghcr => regcred}/Chart.yaml (100%) rename charts/{ghcr => regcred}/templates/_ghcr.tpl (100%) rename charts/{ghcr => regcred}/templates/_helpers.tpl (100%) rename charts/{ghcr => regcred}/templates/secret.yaml (100%) rename charts/{ghcr => regcred}/values.yaml (100%) diff --git a/charts/ghcr/.helmignore b/charts/regcred/.helmignore similarity index 100% rename from charts/ghcr/.helmignore rename to charts/regcred/.helmignore diff --git a/charts/ghcr/Chart.yaml b/charts/regcred/Chart.yaml similarity index 100% rename from charts/ghcr/Chart.yaml rename to charts/regcred/Chart.yaml diff --git a/charts/ghcr/templates/_ghcr.tpl b/charts/regcred/templates/_ghcr.tpl similarity index 100% rename from charts/ghcr/templates/_ghcr.tpl rename to charts/regcred/templates/_ghcr.tpl diff --git a/charts/ghcr/templates/_helpers.tpl b/charts/regcred/templates/_helpers.tpl similarity index 100% rename from charts/ghcr/templates/_helpers.tpl rename to charts/regcred/templates/_helpers.tpl diff --git a/charts/ghcr/templates/secret.yaml b/charts/regcred/templates/secret.yaml similarity index 100% rename from charts/ghcr/templates/secret.yaml rename to charts/regcred/templates/secret.yaml diff --git a/charts/ghcr/values.yaml b/charts/regcred/values.yaml similarity index 100% rename from charts/ghcr/values.yaml rename to charts/regcred/values.yaml From 5a5b60147c8f7631096b162204a801f525c1af69 Mon Sep 17 00:00:00 2001 From: Cole Arendt Date: Wed, 26 Jan 2022 19:44:27 -0500 Subject: [PATCH 05/11] rename ghcr to regcred --- charts/regcred/templates/_helpers.tpl | 27 ++++++------------- .../templates/{_ghcr.tpl => _regcred.tpl} | 10 +++---- charts/regcred/templates/secret.yaml | 4 +-- 3 files changed, 15 insertions(+), 26 deletions(-) rename charts/regcred/templates/{_ghcr.tpl => _regcred.tpl} (58%) diff --git a/charts/regcred/templates/_helpers.tpl b/charts/regcred/templates/_helpers.tpl index f58761c..c6fc97c 100644 --- a/charts/regcred/templates/_helpers.tpl +++ b/charts/regcred/templates/_helpers.tpl @@ -1,7 +1,7 @@ {{/* Expand the name of the chart. */}} -{{- define "ghcr.name" -}} +{{- define "regcred.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} {{- end }} @@ -10,7 +10,7 @@ Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). If release name contains chart name it will be used as a full name. */}} -{{- define "ghcr.fullname" -}} +{{- define "regcred.fullname" -}} {{- if .Values.fullnameOverride }} {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} {{- else }} @@ -26,16 +26,16 @@ If release name contains chart name it will be used as a full name. {{/* Create chart name and version as used by the chart label. */}} -{{- define "ghcr.chart" -}} +{{- define "regcred.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} {{- end }} {{/* Common labels */}} -{{- define "ghcr.labels" -}} -helm.sh/chart: {{ include "ghcr.chart" . }} -{{ include "ghcr.selectorLabels" . }} +{{- define "regcred.labels" -}} +helm.sh/chart: {{ include "regcred.chart" . }} +{{ include "regcred.selectorLabels" . }} {{- if .Chart.AppVersion }} app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} {{- end }} @@ -45,18 +45,7 @@ app.kubernetes.io/managed-by: {{ .Release.Service }} {{/* Selector labels */}} -{{- define "ghcr.selectorLabels" -}} -app.kubernetes.io/name: {{ include "ghcr.name" . }} +{{- define "regcred.selectorLabels" -}} +app.kubernetes.io/name: {{ include "regcred.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "ghcr.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "ghcr.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} diff --git a/charts/regcred/templates/_ghcr.tpl b/charts/regcred/templates/_regcred.tpl similarity index 58% rename from charts/regcred/templates/_ghcr.tpl rename to charts/regcred/templates/_regcred.tpl index f884093..88d55cb 100644 --- a/charts/regcred/templates/_ghcr.tpl +++ b/charts/regcred/templates/_regcred.tpl @@ -5,15 +5,15 @@ username password */ -}} -{{- define "ghcr.b64Base" -}} +{{- define "regcred.b64Base" -}} {{- printf "%s:%s" .username .password | b64enc }} {{- end }} -{{- define "ghcr.jsonBase" -}} +{{- define "regcred.jsonBase" -}} {{- printf "{\"auths\":{\"ghcr.io\":{\"auth\": \"%s\"}}}" . | b64enc }} {{- end }} -{{- define "ghcr.authSecret" -}} - {{- $secret := include "ghcr.b64Base" . -}} - {{- include "ghcr.jsonBase" $secret }} +{{- define "regcred.authSecret" -}} + {{- $secret := include "regcred.b64Base" . -}} + {{- include "regcred.jsonBase" $secret }} {{- end }} diff --git a/charts/regcred/templates/secret.yaml b/charts/regcred/templates/secret.yaml index f9e52a7..179e0dc 100644 --- a/charts/regcred/templates/secret.yaml +++ b/charts/regcred/templates/secret.yaml @@ -3,11 +3,11 @@ kind: Secret type: kubernetes.io/dockerconfigjson apiVersion: v1 metadata: - name: {{ include "ghcr.fullname" . }} + name: {{ include "regcred.fullname" . }} {{- with .Values.extraLabels }} labels: {{- toYaml . | nindent 4 }} {{- end }} data: - .dockerconfigjson: {{- include "ghcr.authSecret" ( dict "username" .Values.dockerConfigJson.username "password" .Values.dockerConfigJson.password ) | nindent 4 }} + .dockerconfigjson: {{- include "regcred.authSecret" ( dict "username" .Values.dockerConfigJson.username "password" .Values.dockerConfigJson.password ) | nindent 4 }} {{- end }} From aaeeb3075b8bb3a175dace4853af43b84d3e4f9e Mon Sep 17 00:00:00 2001 From: Cole Arendt Date: Wed, 26 Jan 2022 20:09:07 -0500 Subject: [PATCH 06/11] refactor regcred to allow multiple auth targets --- charts/regcred/templates/_regcred.tpl | 18 ++++++++++++------ charts/regcred/templates/secret.yaml | 13 +++++++------ charts/regcred/values.yaml | 19 +++++-------------- 3 files changed, 24 insertions(+), 26 deletions(-) diff --git a/charts/regcred/templates/_regcred.tpl b/charts/regcred/templates/_regcred.tpl index 88d55cb..25e13d0 100644 --- a/charts/regcred/templates/_regcred.tpl +++ b/charts/regcred/templates/_regcred.tpl @@ -5,15 +5,21 @@ username password */ -}} -{{- define "regcred.b64Base" -}} +{{- define "regcred.b64Creds" -}} {{- printf "%s:%s" .username .password | b64enc }} {{- end }} -{{- define "regcred.jsonBase" -}} - {{- printf "{\"auths\":{\"ghcr.io\":{\"auth\": \"%s\"}}}" . | b64enc }} +{{- define "regcred.regCred" -}} + {{- $secret := include "regcred.b64Creds" . }} + {{- printf "\"%s\":{\"auth\": \"%s\"}" .url ($secret) }} {{- end }} -{{- define "regcred.authSecret" -}} - {{- $secret := include "regcred.b64Base" . -}} - {{- include "regcred.jsonBase" $secret }} +{{- define "regcred.registryCredentials" -}} + {{- $total := "" }} + {{- range $rc := . }} + {{- $rcTmp := include "regcred.regCred" . }} + {{- $total = join "," (list $total $rcTmp) }} + {{- $total = trimPrefix "," $total }} + {{- end }} + {{- printf "{\"auths\":{%s}}" $total | b64enc }} {{- end }} diff --git a/charts/regcred/templates/secret.yaml b/charts/regcred/templates/secret.yaml index 179e0dc..63b74f2 100644 --- a/charts/regcred/templates/secret.yaml +++ b/charts/regcred/templates/secret.yaml @@ -1,13 +1,14 @@ -{{- if .Values.dockerConfigJson.username }} +{{- if .Values.registryCredentials -}} kind: Secret type: kubernetes.io/dockerconfigjson apiVersion: v1 metadata: name: {{ include "regcred.fullname" . }} - {{- with .Values.extraLabels }} labels: - {{- toYaml . | nindent 4 }} - {{- end }} + {{- include "regcred.labels" . | nindent 4}} + {{- with .Values.extraLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} data: - .dockerconfigjson: {{- include "regcred.authSecret" ( dict "username" .Values.dockerConfigJson.username "password" .Values.dockerConfigJson.password ) | nindent 4 }} -{{- end }} + .dockerconfigjson: {{- include "regcred.registryCredentials" .Values.registryCredentials | nindent 4 }} +{{- end -}} diff --git a/charts/regcred/values.yaml b/charts/regcred/values.yaml index 543f50d..dc8ca74 100644 --- a/charts/regcred/values.yaml +++ b/charts/regcred/values.yaml @@ -1,21 +1,12 @@ -# Default values for ghcr. -# This is a YAML-formatted file. # Declare variables to be passed into your templates. nameOverride: "" fullnameOverride: "" -serviceAccount: - # Specifies whether a service account should be created - create: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - extraLabels: {} -dockerConfigJson: - username: '' - password: '' +registryCredentials: [] +# - url: ghcr.io +# username: 'username' +# password: 'password' +# From 3d1f01c8dcaf25a10edbc9fbbcb1e8e24ed6df58 Mon Sep 17 00:00:00 2001 From: Cole Arendt Date: Wed, 26 Jan 2022 20:09:18 -0500 Subject: [PATCH 07/11] add ci values --- charts/regcred/ci/advanced-values.yaml | 10 ++++++++++ charts/regcred/ci/empty-values.yaml | 0 charts/regcred/ci/example-values.yaml | 4 ++++ 3 files changed, 14 insertions(+) create mode 100644 charts/regcred/ci/advanced-values.yaml create mode 100644 charts/regcred/ci/empty-values.yaml create mode 100644 charts/regcred/ci/example-values.yaml diff --git a/charts/regcred/ci/advanced-values.yaml b/charts/regcred/ci/advanced-values.yaml new file mode 100644 index 0000000..35285eb --- /dev/null +++ b/charts/regcred/ci/advanced-values.yaml @@ -0,0 +1,10 @@ +extraLabels: + mylabel: fun + +registryCredentials: + - url: ghcr.io + username: 'username' + password: 'password' + - url: docker.io + username: 'other_username' + password: 'other_password' diff --git a/charts/regcred/ci/empty-values.yaml b/charts/regcred/ci/empty-values.yaml new file mode 100644 index 0000000..e69de29 diff --git a/charts/regcred/ci/example-values.yaml b/charts/regcred/ci/example-values.yaml new file mode 100644 index 0000000..ac3462a --- /dev/null +++ b/charts/regcred/ci/example-values.yaml @@ -0,0 +1,4 @@ +registryCredentials: + - url: ghcr.io + username: 'username' + password: 'password' From 6536e9444ce23343933721a927caa0a5a6338df2 Mon Sep 17 00:00:00 2001 From: Cole Arendt Date: Wed, 26 Jan 2022 20:09:25 -0500 Subject: [PATCH 08/11] finish the chart rename --- charts/regcred/Chart.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/regcred/Chart.yaml b/charts/regcred/Chart.yaml index 1f14f6b..73de4ca 100644 --- a/charts/regcred/Chart.yaml +++ b/charts/regcred/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 -name: ghcr -description: A Helm chart that deploys a ghcr secret +name: regcred +description: A Helm chart that deploys registry credential secrets type: application version: 0.1.0 From e049e572b76318f128cf17df02b6a075eabee313 Mon Sep 17 00:00:00 2001 From: Cole Arendt Date: Wed, 26 Jan 2022 21:12:18 -0500 Subject: [PATCH 09/11] add regcred readme --- charts/_templates.gotmpl | 14 +++++++++ charts/regcred/README.md | 54 +++++++++++++++++++++++++++++++++ charts/regcred/README.md.gotmpl | 39 ++++++++++++++++++++++++ 3 files changed, 107 insertions(+) create mode 100644 charts/_templates.gotmpl create mode 100644 charts/regcred/README.md create mode 100644 charts/regcred/README.md.gotmpl diff --git a/charts/_templates.gotmpl b/charts/_templates.gotmpl new file mode 100644 index 0000000..0bf14ff --- /dev/null +++ b/charts/_templates.gotmpl @@ -0,0 +1,14 @@ +{{- define "colearendt.install" }} + {{- $repoName := "colearendt" }} + {{- $repoUrl := "https://colearendt.github.io/helm" }} + +## Installing the Chart + +To install the chart with the release name `my-release` at version {{ template "chart.version" . }}: + +```bash +helm repo add {{ $repoName }} {{ $repoUrl }} +helm install {{- if (regexMatch "[0-9]+\\.[0-9]+\\.[0-9]+-[a-zA-Z\\.0-9]+" .Version) }} --devel{{ end }} my-release {{ $repoName }}/{{ template "chart.name" . }} --version={{ template "chart.version" . }} +``` + +{{- end }} diff --git a/charts/regcred/README.md b/charts/regcred/README.md new file mode 100644 index 0000000..ca5e9bd --- /dev/null +++ b/charts/regcred/README.md @@ -0,0 +1,54 @@ +# regcred + +![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.0](https://img.shields.io/badge/AppVersion-0.1.0-informational?style=flat-square) + +## Installing the Chart + +To install the chart with the release name `my-release` at version 0.1.0: + +```bash +helm repo add colearendt https://colearendt.github.io/helm +helm install my-release colearendt/regcred --version=0.1.0 +``` + +#### Description + +This chart simplifies the creation +of ["Registry Credentials"](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/) for +use authenticating a Kubernetes cluster to a Container Registry for pulling images. + +This is very important for (1) private images and (2) DockerHub, because of their unfortunate rate limit. + +Each helm deployment only creates a single secret, but that secret can have multiple credentials within it. + +Use this chart to automate away the annoying parts of registry credentials. + +#### Examples + +`ghcr.io` +```yaml +registryCredentials: + - url: ghcr.io + username: 'colearendt' + password: 'my-github-pat' +``` + +`docker.io` (DockerHub) +```yaml +registryCredentials: + - url: docker.io + username: 'colearendt' + password: 'my-password-or-token' +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| extraLabels | object | `{}` | | +| fullnameOverride | string | `""` | | +| nameOverride | string | `""` | | +| registryCredentials | list | `[]` | | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.5.0](https://github.com/norwoodj/helm-docs/releases/v1.5.0) diff --git a/charts/regcred/README.md.gotmpl b/charts/regcred/README.md.gotmpl new file mode 100644 index 0000000..bb7dd11 --- /dev/null +++ b/charts/regcred/README.md.gotmpl @@ -0,0 +1,39 @@ +{{ template "chart.header" . }} + +{{ template "chart.versionBadge" . }}{{ template "chart.typeBadge" . }}{{ template "chart.appVersionBadge" . }} + +{{ template "colearendt.install" . }} + +#### Description + +This chart simplifies the creation +of ["Registry Credentials"](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/) for +use authenticating a Kubernetes cluster to a Container Registry for pulling images. + +This is very important for (1) private images and (2) DockerHub, because of their unfortunate rate limit. + +Each helm deployment only creates a single secret, but that secret can have multiple credentials within it. + +Use this chart to automate away the annoying parts of registry credentials. + +#### Examples + +`ghcr.io` +```yaml +registryCredentials: + - url: ghcr.io + username: 'colearendt' + password: 'my-github-pat' +``` + +`docker.io` (DockerHub) +```yaml +registryCredentials: + - url: docker.io + username: 'colearendt' + password: 'my-password-or-token' +``` + +{{ template "chart.valuesSection" . }} + +{{ template "helm-docs.versionFooter" . }} From 361dce13a317f4de91dac12c53ff3383ed566598 Mon Sep 17 00:00:00 2001 From: Cole Arendt Date: Wed, 26 Jan 2022 21:28:40 -0500 Subject: [PATCH 10/11] add justfile for simpler dev workflow --- Justfile | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 Justfile diff --git a/Justfile b/Justfile new file mode 100644 index 0000000..557dd23 --- /dev/null +++ b/Justfile @@ -0,0 +1,7 @@ +docs: + #!/bin/bash + helm-docs --chart-search-root=charts --template-files=README.md.gotmpl --template-files=./_templates.gotmpl + +lint: + #!/bin/bash + ct lint ./charts --target-branch main From 8116017155b63b6c9042206e7d9278a20caa6453 Mon Sep 17 00:00:00 2001 From: Cole Arendt Date: Thu, 27 Jan 2022 04:57:30 -0500 Subject: [PATCH 11/11] add regcred maintainer --- charts/regcred/Chart.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/charts/regcred/Chart.yaml b/charts/regcred/Chart.yaml index 73de4ca..e4cc44d 100644 --- a/charts/regcred/Chart.yaml +++ b/charts/regcred/Chart.yaml @@ -5,3 +5,8 @@ description: A Helm chart that deploys registry credential secrets type: application version: 0.1.0 appVersion: "0.1.0" + +maintainers: + - name: colearendt + email: helm@colearendt.com + url: https://github.com/colearendt