search

blendle / kubecrt

Convert Helm charts to Kubernetes resources.
ISC License
115 stars 11 forks source link

support chart repositories behind SSL certificate authentication #3

Open JeanMertz opened 7 years ago

JeanMertz commented 7 years ago

Our current API looks like this:

apiVersion: v1
charts:
- opsgoodness/prometheus-operator:
    repo: http://charts.opsgoodness.com

We should also support SSL-based authentication, potentially with an API like this:

apiVersion: v1
charts:
- opsgoodness/prometheus-operator:
    repo:
      url: https://charts.opsgoodness.com
      caFile: /path/to/ca
      certFile: /path/to/cert
      keyFile: /path/to/key

However, given that we support templating within charts.yml, we could also consider to not point to files, but instead embed the data as base64-encoded strings, as this makes it easier to inject the values in an automated/CI-environment using environment variables:

apiVersion: v1
charts:
- opsgoodness/prometheus-operator:
    repo:
      url: https://charts.opsgoodness.com
      ca: {{ env "MY_CA_CONTENT" | b64enc }}
      cert: {{ env "MY_CERT_CONTENT" | b64enc }}
      key: {{ env "MY_KEY_CONTENT" | b64enc }}

Or support both formats, if that makes sense.

JeanMertz commented 7 years ago

Ideally, we'd also rename repo to repository, as the reduction in characters does not offset the loss in explicitness.

I just remembered Helm also uses helm repo list|add|remove, so it might make more sense to keep the current name.