This example uses a private image stored at harbor-repo.vmware.com/tmcbuildintegrations/private-helm-poc:0.1.0.

The Helm repository and Helm chart which are referred to below are pushed in this github repository. It already has a placeholder-secret.yaml file in the templates directory and the values.yaml file with placeholderSecret and imagePullSecrets field.

Prerequisites

You must have the credentials (registry URL, username and password) to access the image registry.

You have a Helm chart using a private image.

Log in to the Tanzu Mission Control console.

Make sure you have the appropriate permissions.
  • To access an image stored in a private registry, you must be associated with the cluster.edit role in the cluster.

Procedure

  1. Attach a cluster to Tanzu Mission Control.
  2. Add a secret with harbor registry credentials and export it to all namespaces.
  3. Enable Helm service.
  4. Create a flux-system namespace.
  5. Manually add the following resources to the cluster using kubectl.

    helm-repo.yaml

    apiVersion: source.toolkit.fluxcd.io/v1beta1
kind: HelmRepository
metadata:
  name: helm-chart-poc
  namespace: flux-system
spec:
  interval: 1m
  url: https://hemakshis.github.io/helm-chart-poc

    helm-release.yaml

    apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
  name: new-chart
  namespace: flux-system
spec:
  interval: 5m
  chart:
    spec:
      chart: new-chart
      version: '0.1.4'
      sourceRef:
        kind: HelmRepository
        name: helm-chart-poc
        namespace: flux-system
      interval: 1m
  values:
    placeholderSecret:
      name: harbor-secret-placeholder
      namespace: flux-system
    imagePullSecrets: [{ name: harbor-secret-placeholder }]
     
      
     
    6.