Cannot use OCI Helm registry in devcontainer

[sudocovik]

I had a strange issue with OCI registry when using helm Release or Chart (v3/v4). Pulumi would exit immediately with an error message:

kubernetes:helm.sh/v3:Release (envoy-gateway-release):
    error: kubernetes:helm.sh/v3:Release resource 'envoy-gateway-release': property chart value {oci://registry-1.docker.io/envoyproxy/gateway-helm} has a problem: EOF; check the chart name and repository configuration.

  pulumi:pulumi:Stack (fms-dev):
    Error retrieving credentials: Post "http://localhost:12049/docker-credentials": dial tcp [::1]:12049: connect: connection refused

Anyway, because I was running in a devcontainer without anything docker related in it, fix was simple: add blank .docker/config.json to my Dockerfile

RUN echo "{}" > ~/.docker/config.json

Note: make sure you run this after USER directive if you are running as non-root (hopefully)!

[sudocovik]

Is this worth adding to docs?

[blampe]

Is this worth adding to docs?

That depends -- @sudocovik do you also need this workaround in order to use the helm CLI directly? That is, can you install the same chart manually without that file?

I suspect this is due to the oras library helm uses, which AFAICT expects config to always exist on disk.

[sudocovik]

Well I don't use helm directly, got Pulumi for that. Anyway, I actually discovered that the problem is with devpod. It injects custom Docker config and for some reason helm does not like it. If I overwrite it with empy config {} it works!

Seems like a rare issue, should we just close it?

[rquitales]

Since there is heavy reliance on the ambient Docker configuration file, I think we should keep this open as an action item for us to specify this in our docs. Thanks for flagging this, and identifying the root issue.