-
Notifications
You must be signed in to change notification settings - Fork 210
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to work with private repositories? #52
Comments
I have the same issue. |
Any information on this? same issue |
I spinned up chartmuseum and add additional step to push chart to chartmusem. |
I think that by now it's the only solution... I was trying to avoid to setup some infrastructure for chartmuseum, but I'll probably do the same. |
The trick is to host the actual chart tarballs in your gh-pages branch alongside your index.yaml file. When you give Helm your username and password it uses it to authenticate to the repository (the index file). The index file then tells Helm where to get the tarball. If the tarball is hosted in some other location (in this case it's hosted in Github Releases) then it would require a second authentication (which Helm does not support). So if you host the files in the same place as your index file and make the links relative paths then there is no need for the second authentication. This would require modifications to helm/chart-releaser. I have been working on this on my own project. If I can get it working reliably I may submit a pr to that repo |
I have a pr in the app repo (helm/chart-releaser#123) to resolve this. If I get it merged then I a pr to this repo will be needed to support the new option |
Duh. So, this entire tool works only if you host your charts publicly? |
+1 |
Hi, I had the same problem with private repos and private github pages. I created a new project -> https://github.com/pete911/hcr This can be used as a github action (as described in README) and with private repos/github pages. |
@pete911 How do you solve the problem with different domains if the index is stored in GitHub pages and charts in releases? They both have different domains so private access via |
Hi @jtyr, yeah, I just realised that updating index is fixed by just working directly on git branch, pulling is fixed as well by providing
So the problem is not the host (helm pull etc. supports username and password), but I cannot find out how to download private github release ... sorry I have misread the issue, because the problem I had was that I couldn't even update index.yaml with original chart releaser |
@pete911 The reason why it doesn't work is because the index is on completely different domain than the asset ( |
@jtyr I tried to do only
same when I use curl:
wget works fine though (in both I need to specify header, otherwise default is json)
So .. not saying you are not right that the domains have to be the same, but I couldn't make it work with just pull (no index.yaml/repo added) on releases in private github repos. |
Here's a write-up with a custom action that works for me. It bundles the tar and places it in the gh-pages branch next to index.yaml so you can reference and auth the same way helm references the github raw url for index.yaml https://im5tu.io/article/2022/01/creating-a-private-helm-repository-using-github-pages-enterprise/ Seems the fundamental problem is in how Github pages doesn't allow you to authenticate with basic auth as helm tries to do when hitting a private page. Instead it returns a login page with some yaml that confuses and errors out helm
So until this changes both the index and tarz need to be at |
Hello, Thanks |
@Jon-Call |
@pete911 this worked for us very well. Thank you! But now seems it is not available anymore? Have you moved it somewhere? |
@jizi should be working now. No idea why the project shows as forked ... I will most likely need to re-created it in the future. |
This still is a useful workaround as of today. Thank you @Jon-Call |
This can now be solved by using the packages_with_index flag: - name: Run chart-releaser
uses: helm/chart-releaser-action@v1.6.0
with:
packages_with_index: true
env:
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
|
The pipeline works fine but when I add the repo and try to use it, I get the following error:
I believe that is happening because helm can't authenticate.
I already tried to add the repository using my username and personal access token but it's not working.
That's how I added the repo:
Someone knows if does exists some trick to use it with private repos?
The text was updated successfully, but these errors were encountered: