Configure Helm Artifact account
The provider can be an Artifactory like Nexus , JFrog , or Chartmuseum .
If the files are hidden behind basic auth, you can configure an artifact account with the needed credentials to read your artifacts. Basic auth is the only authentication mechanism supported for accessing a Helm artifact account.
Setup usage in pipeline executions
Download credentials
-
Collect your basic auth
$USERNAMEand$PASSWORD -
Pick a
$USERNAME_PASSWORD_FILElocation on your disk -
Run:
echo ${USERNAME}:${PASSWORD} > $USERNAME_PASSWORD_FILE
Add the credentials either to a secrets manager for use by reference or to a volume mounted into the clouddriver pods by modifying the deployment.yaml for clouddriver.
Add the account and enable it
Add this to clouddriver-local.yml
artifacts:
enabled: true
helm:
enabled: true
accounts:
- name: my-helm-account
username-password-file: <secret-manager|/mnt/secret/filename>
Trigging from helm changes
To enable helm changes to TRIGGER a pipeline, you need to add some configuration to igor which then polls clouddriver for accounts and changes and tracks updates.
Add this to igor-local.yml
helm:
enabled: true
Igor will then poll clouddriver for helm artifact accounts and look for new helm resources for that account. When it finds new helm resources, it will trigger any pipeline with a helm trigger configured, and then track completion of triggering on the new helm so it does not refire new executions. See the common polling in igors README for more information.
There are more options in the code base if you need more control over your configuration.