This example uses a private image stored at harbor-repo.vmware.com/tmcbuildintegrations/private-helm-poc:0.1.0.
The Helm repository and Helm chart which are referred to below are pushed in this github repository. It already has a placeholder-secret.yaml file in the templates directory and the values.yaml file with placeholderSecret and imagePullSecrets field.
Prerequisites
You must have the credentials (registry URL, username and password) to access the image registry.
You have a Helm chart using a private image.
Log in to the Tanzu Mission Control console.
Make sure you have the appropriate permissions.
- To access an image stored in a private registry, you must be associated with the
cluster.edit role in the cluster.
Procedure
- Attach a cluster to Tanzu Mission Control.
- Add a secret with harbor registry credentials and export it to all namespaces.
- Enable Helm service.
- Create a
flux-system namespace.
- Manually add the following resources to the cluster using
kubectl.
helm-repo.yaml
apiVersion: source.toolkit.fluxcd.io/v1beta1
kind: HelmRepository
metadata:
name: helm-chart-poc
namespace: flux-system
spec:
interval: 1m
url: https://hemakshis.github.io/helm-chart-poc
helm-release.yaml
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: new-chart
namespace: flux-system
spec:
interval: 5m
chart:
spec:
chart: new-chart
version: '0.1.4'
sourceRef:
kind: HelmRepository
name: helm-chart-poc
namespace: flux-system
interval: 1m
values:
placeholderSecret:
name: harbor-secret-placeholder
namespace: flux-system
imagePullSecrets: [{ name: harbor-secret-placeholder }]
