A native way of having two Helm Chart repositories synced is to run charts-syncer periodically using a Kubernetes CronJob.
The deployment/ directory in this repository contains a set of Kubernetes templates that must be used to complete this guide.
git clone https://github.com/bitnami/charts-syncer.git
cd charts-syncerEdit the configuration file from deployment/config/config.yaml and specify your source and target chart repositories. You can find a reference example here.
Edit deployment/kustomization.yaml and replace images.NewTag to point to the latest available release version. For example v0.14.0
You can also change the frequency of execution of the cron job by editing the schedule property in deployment/cronjob.yaml. By default, it will be run each 30 minutes.
Charts-syncer will be deployed by default to the charts-syncer namespace, so the first step is to create it
kubectl create namespace charts-syncerIf none of your Helm Chart or Container repositories require authentication, deploying charts syncer is as simple as executing
kubectl apply -k ./deploymentIf AuthN is required, a set of credentials need to be provided via one of the following two methods
You can provide the desired credentials as environment variables to the kubectl apply -k command
$ SOURCE_REPO_AUTH_USERNAME='my_chart_repo_username' \
SOURCE_REPO_AUTH_PASSWORD='my_chart_repo_password' \
SOURCE_CONTAINERS_AUTH_REGISTRY='registry.test.io' \
SOURCE_CONTAINERS_AUTH_USERNAME='my_container_registry_username' \
SOURCE_CONTAINERS_AUTH_PASSWORD='my_container_registry_password' \
TARGET_REPO_AUTH_USERNAME='my_target_chart_repo_username' \
TARGET_REPO_AUTH_PASSWORD='my_target_chart_repo_password' \
TARGET_CONTAINERS_AUTH_USERNAME='my_target_container_registry_username' \
TARGET_CONTAINERS_AUTH_PASSWORD='my_target_container_registry_password' \
TARGET_CONTAINERS_AUTH_REGISTRY='target.registry.test.io' \
kubectl apply -k ./deploymentThe full list of credentials and env variables can be found here
Alternatively, you can modify deployment/config/secrets.env
# Source repositories credentials
# Helm Chart
-SOURCE_REPO_AUTH_USERNAME
-SOURCE_REPO_AUTH_PASSWORD
+SOURCE_REPO_AUTH_USERNAME=my_chart_repo_username
+SOURCE_REPO_AUTH_PASSWORD=my_chart_repo_password
# Container images
-SOURCE_CONTAINERS_AUTH_REGISTRY
-SOURCE_CONTAINERS_AUTH_USERNAME
-SOURCE_CONTAINERS_AUTH_PASSWORD
+SOURCE_CONTAINERS_AUTH_REGISTRY=container.registry.io
+SOURCE_CONTAINERS_AUTH_USERNAME=my_container_registry_username
+SOURCE_CONTAINERS_AUTH_PASSWORD=my_container_registry_passwordonce the file has been changed just execute
kubectl apply -k ./deploymentAfter completing the previous step, a cronjob, a secret and a config map should have been created.
$ kubectl get secret,configmap,cronjob -n charts-syncer -l app=charts-syncer
NAME TYPE DATA AGE
secret/charts-syncer-credentials Opaque 9 65m
NAME DATA AGE
configmap/charts-syncer-config 1 65m
NAME SCHEDULE SUSPEND ACTIVE LAST SCHEDULE AGE
cronjob.batch/charts-syncer */30 * * * * False 0 23m 65mThe cronjob will be scheduled based on the schedule frequency, 30 minutes (by default) from now, but it's possible to run a job based on the cronjob template by executing
$ kubectl create job test-initial-sync --from cronjob/charts-syncer
job.batch/test-initial-sync createdNow we can make sure that the job COMPLETES successfully and retrieve any meaningful information from the logs
$ kubectl get jobs -l app=charts-syncer
NAME COMPLETIONS DURATION AGE
test-initial-sync 1/1 105s 2m45s
$ kubectl logs -l app=charts-syncer -fIf you ran into any configuration issues just follow the steps 1 to 4 and rinse and repeat