Helm Integration
Manage Helm releases and repositories with Codefresh
Codefresh is one of the few devops platforms that has native support for Helm releases and deployments. This includes
- A built-in Helm repository for all Codefresh accounts
- The ability to add any external Helm repository in addition to the built-in one (this page)
- A pipeline step for deploying Helm applications
- A dashboard for looking at your Helm charts
- A dashboard for looking at your Helm releases
- A dashboard for promoting Helm releases between different environments
- A dashboard for Helm environments
Note that the built-in Helm repository is production ready. You can start using Helm right away with your Codefresh account even if you don’t have an external Helm repository. See our quick start guide for Helm or the full Helm example.
General Helm configuration
To configure your external Helm repositories go to your Account Configuration, by clicking on Account Settings on the left sidebar. On the first section called Integrations click the Configure button next to Helm.
Add a new Helm repository configuration from the drop down.
Each configuration must be given a unique name, which you can later reference in a codefresh.yml file.
For each Helm integration you can toggle the level of access by non-admin users. If it is off, users will not be able to use the CLI or API to access this Helm repository programmatically. If it is on, all users from all your Codefresh teams will be able to access this Helm repository with CLI commands or API calls.
Private Helm repository - HTTP
You can connect to your repository using HTTP Basic authentication:
- Add your repo URL as usually with HTTP protocol.
- Supply the User and Password for HTTP Basic authentication.
Variables:
| Name | Description |
|---|---|
| REPOSITORY NAME | Give a unique name to this integration |
| REPOSITORY URL | Location of the Helm repository |
| HELMREPO_USERNAME | The username to authenticate with |
| HELMREPO_PASSWORD | The password for the username provided |
Private Helm repository - S3
- Add your S3 bucket URL in the following scheme:
s3://bucketname. - Supply the AWS authentication variables as you would for the AWS CLI, or the S3 plugin for Helm. See details here: Configuring the AWS CLI.
Variables:
| Name | Description |
|---|---|
| REPOSITORY NAME | Give a unique name to this integration |
| REPOSITORY URL | Location of the Helm repository with format s3://bucketname |
| AWS_ACCESS_KEY_ID | ID of the key with permissions for the bucket |
| AWS_SECRET_ACCESS_KEY | Secret of the key with permissions for the bucket |
| AWS_DEFAULT_REGION | region where the bucket was created |
Private Helm repository - GCS
- Add your GCS bucket URL in the following scheme:
gs://bucketname. - Supply the Google authentication variable as you would for the GCloud CLI, or the GCS plugin for Helm. See details here: Creating Service Account.
Variables:
| Name | Description |
|---|---|
| REPOSITORY NAME | Give a unique name to this integration |
| REPOSITORY URL | Location of the Helm repository with format gs://bucketname. |
| GOOGLE_APPLICATION_CREDENTIALS_JSON | The JSON content of the service account credentials |
Private Helm repository - Azure
First make sure that you create the Helm repository in Azure.
Then click Authenticate. You will get a permissions dialog for allowing Codefresh to access the Azure services. Click Accept.
Make sure that you are using an organizational/company Azure account and not a personal one. We are currently working with Microsoft to improve this integration.
Select your Azure subscription on the left drop-down menu and your Helm repository on the right drop-down menu.
If you are already authenticated to Azure, and cannot find your Helm repository in the list, try revoking access and authenticating again.
The Azure Helm integration is now ready.
Private Helm repository - Azure with service principal
An alternative method of adding an Azure Helm repository is by using a service principal. First follow the instructions for creating a service principal in the Azure portal.
Then from the drop-down menu select Azure Registry SP. Click the Authenticate button and enter the following details:
Client IDTenantClient secret
Click the Save button once finished. Assuming that the authentication is successful you will see your available Azure registries that can be used as a Helm repository.
Private Helm repository from another Codefresh account
You also add the private Helm repository of another Codefresh user as your integration:
| Name | Description |
|---|---|
| REPOSITORY NAME | Give a unique name to this integration |
| REPOSITORY URL | Location of the Helm repository with format cm://repository-name. |
| CF API KEY | A token in order to access the other Codefresh account. |
Note that we don’t recommend using this practice (sharing the Codefresh Helm repository between accounts). The built-in Helm repository of each account is best used as a private Helm repository of that account. See more details on how to make your private Helm public.