#helmfile (2020-01)
Questions and discussion around helmfile https://github.com/roboll/helmfile and https://github.com/cloudposse/helmfiles
Archive: https://archive.sweetops.com/helmfile/
2020-01-01
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
So, how are we all handling the helm 3 upgrades without automatic namespace creation anyway?
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
updating all helmfiles to include a presync like this?
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
- events: [“presync”]
showlogs: true
command: “/bin/sh”
args:
- “-c”
- >-
kubectl get namespace “{{
{{ .Release.Namespace }}
}}” >/dev/null 2>&1 || kubectl create namespace “{{{{ .Release.Namespace }}
}}”;
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Helm3 doesn't automatically create namespace - see https://v3.helm.sh/docs/faq/#automatically-creating-namespaces How can we solve this with helmfile, so that we don't have to manually crea…
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Best option I think is to use raw chart
![Roderik van der Veer avatar](https://secure.gravatar.com/avatar/184c2b88986d400dcf61e3f7ec201f93.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0025-72.png)
I’ve had trouble with the raw chart, multiple applies fail because the namespace already exists
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Hrmm… but it works for other resource types?
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
I think if this were the case, then it would fail just as well for Deployments
as it would for Namespace
![Mahesh avatar](https://avatars.slack-edge.com/2020-01-05/882378059299_f111930f67176e395733_72.jpg)
Yes, we faced thi issues and we had to delete the whole deployment
and also all k8s objects for the chart. atomic
release option didn’t help much :(
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
I decided to just whip up a point solution for the hell of it.
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
Slack robocop told me not to swear. It took me a good long moment to realize I had done so… sorry I guess
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
lol, yes, it’s a little bit strict
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
The helm chart I put together is so simple its not even worth publishing but hey, it does allow one to at least change the helm resource policy from ‘keep’ to whatever else it needs to be to allow for redeployments (if you need to do that)
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
I was going to do v2 for helm3 but it should work for both helm 2 and 3 I think so I left it at v1
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
@Erik Osterman (Cloud Posse), you ever not working/geeking out?
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
haha, not enough…
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Btw, try this? https://github.com/thomastaylor312/helm-namespace
Namespace auto-creation for Helm 3. Contribute to thomastaylor312/helm-namespace development by creating an account on GitHub.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Overview Helm2 provided support for the Release namespace {{ .Release.Namespace }} via –namespace option if the release namespace did not exist. This functionality was considered rudimentary, and …
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
It works fine if you are all helm 3 and willing to change your base helm commands. Honestly, its probably a better solution in general
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
A generic helm namespace chart. Contribute to zloeber/helm-namespace development by creating an account on GitHub.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
read somewhere that 3.1 will add namespace creation back anyway, so its likely a moot point
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Yea, not worth investing in
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
I’m looking at a pretty large stack of helm 2 charts all deployed with tillerless and helmfile that have gobs and gobs of secrets polluting the tiller namespace that makes me itchy to move to helm 3
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
too many clusters for a single devops guy to look to migrate ATM so I’m using both helm3 and 2 in the same clusters like a fool
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
anyone using helmfile in a gitops style deployment?
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
with flux or argocd or something?
2020-01-02
![erik-stephens avatar](https://secure.gravatar.com/avatar/aa8044308a41350c418a1d736dc39662.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0017-72.png)
Would like to automate our helmfile-centric workflow a bit more. Developing an Operator to handle the watching as well as the bits that helm/helmfile not able to perform. Would still like to leverage our helmfile effort, at least initially to quickly prototype. Anyone else go on a similar adventure? Recommendations on Operator sdk/framework (I’m currently looking at Metacontroller)?
![mumoshu avatar](https://secure.gravatar.com/avatar/8e045bf747ca7a90b1d955dc30217271.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
In addition to helmfile-operator, I’ve built a POC of a GitOps + operator for helmfile deployments for that. It’s based on Brigade, Helmfile, and Flux and available at https://github.com/mumoshu/brigade-helmfile-demo
Demo for building an enhanced GitOps pipeline with Flux, Brigade and Helmfile - mumoshu/brigade-helmfile-demo
![erik-stephens avatar](https://secure.gravatar.com/avatar/aa8044308a41350c418a1d736dc39662.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0017-72.png)
Looks like operator-sdk new --type=helm ...
is designed to address this use case.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@erik-stephens Have you seen the Helmfile operator by @mumoshu ?
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Kubernetes operator that continuously syncs any set of Chart/Kustomize/Manifest fetched from S3/Git/GCS to your cluster - mumoshu/helmfile-operator
![erik-stephens avatar](https://secure.gravatar.com/avatar/aa8044308a41350c418a1d736dc39662.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0017-72.png)
I have not, but it’s on the short list of things to evaluate. Thanks!
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
I’ve looked at it but was unable to get it to work at the time
![deftunix avatar](https://secure.gravatar.com/avatar/d7ddb1c2c5c8f3b7aaac64bb65b2c70b.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0021-72.png)
@Erik Osterman (Cloud Posse) hello, do you have any example of usage helmfile to patch chart service spec without touch the chart?
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
You can’t “monkeypatch” with helmfile
as it just wraps helm
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
So if helm provided someway to do that, then helmfile could.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@deftunix - describe instead what you want to accomplish, and perhaps we can think of a way to do it.
2020-01-03
![deftunix avatar](https://secure.gravatar.com/avatar/d7ddb1c2c5c8f3b7aaac64bb65b2c70b.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0021-72.png)
I want just add some rule in the ingress controller without change the chart to support it
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
And by changing the rule, you hope to accomplish what? …what is the business objective
![deftunix avatar](https://secure.gravatar.com/avatar/d7ddb1c2c5c8f3b7aaac64bb65b2c70b.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0021-72.png)
Ssl redirect with alb ingress
![deftunix avatar](https://secure.gravatar.com/avatar/d7ddb1c2c5c8f3b7aaac64bb65b2c70b.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0021-72.png)
He needs a rule and an annotation
![deftunix avatar](https://secure.gravatar.com/avatar/d7ddb1c2c5c8f3b7aaac64bb65b2c70b.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0021-72.png)
It needs sorry
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Does the chart support disabling the ingress?
![deftunix avatar](https://secure.gravatar.com/avatar/d7ddb1c2c5c8f3b7aaac64bb65b2c70b.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0021-72.png)
But the chart doesn’t support it
![deftunix avatar](https://secure.gravatar.com/avatar/d7ddb1c2c5c8f3b7aaac64bb65b2c70b.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0021-72.png)
Yes
![deftunix avatar](https://secure.gravatar.com/avatar/d7ddb1c2c5c8f3b7aaac64bb65b2c70b.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0021-72.png)
The chart support the ingress disabling
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Perfect. Then you can use Helmfile
![deftunix avatar](https://secure.gravatar.com/avatar/d7ddb1c2c5c8f3b7aaac64bb65b2c70b.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0021-72.png)
I will disable and just add a kustomize or manifest?
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Disable the ingress. Then define a new one using the raw chart and Helmfile
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
We have used this pattern in the past
![deftunix avatar](https://secure.gravatar.com/avatar/d7ddb1c2c5c8f3b7aaac64bb65b2c70b.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0021-72.png)
Do you have same repo?
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
You mean example?
![deftunix avatar](https://secure.gravatar.com/avatar/d7ddb1c2c5c8f3b7aaac64bb65b2c70b.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0021-72.png)
Yes
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
I couldn’t point you directly (on my phone), but you have seen our massive repo?
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Comprehensive Distribution of Helmfiles for Kubernetes - cloudposse/helmfiles
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Go to the releases folder
![deftunix avatar](https://secure.gravatar.com/avatar/d7ddb1c2c5c8f3b7aaac64bb65b2c70b.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0021-72.png)
Thanks
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Maybe search for the ingress keyword or raw
![deftunix avatar](https://secure.gravatar.com/avatar/d7ddb1c2c5c8f3b7aaac64bb65b2c70b.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0021-72.png)
Ok
2020-01-05
![Mahesh avatar](https://avatars.slack-edge.com/2020-01-05/882378059299_f111930f67176e395733_72.jpg)
Is there is any tool like kube-applier
to manage deployments for helm
?
![Pierre Humberdroz avatar](https://avatars.slack-edge.com/2019-12-10/856434906819_d99dd3e0bce66357e0ce_72.png)
for helm? or Helm deployments?
![Pierre Humberdroz avatar](https://avatars.slack-edge.com/2019-12-10/856434906819_d99dd3e0bce66357e0ce_72.png)
There is: https://keel.sh/
Kubernetes Operator to automate Helm, DaemonSet, StatefulSet & Deployment updates
2020-01-06
![TBeijen avatar](https://secure.gravatar.com/avatar/84283305b4f7c826ac365cacf6c2f6b4.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0020-72.png)
2 questions:
• What are the intended use cases for helmfile apply
vs helmfile sync
. If I understand correctly sync
would also remove when installed: false
. Otoh, apply
has the diff output which is nice feedback.
• Shouldn’t helmfile have a cool logo? (Running into that every time I need to create presentations for team or business)
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
Anyone out there setup the operator lifecycle manager as a helmfile?
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
heck, anyone deploy/use it in any way?
![deftunix avatar](https://secure.gravatar.com/avatar/d7ddb1c2c5c8f3b7aaac64bb65b2c70b.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0021-72.png)
hi all, quick question about helmfile. I would like to apply a gotmpl kubernetes manifeest during the helmfile release apply phase. do you have any idea?
![deftunix avatar](https://secure.gravatar.com/avatar/d7ddb1c2c5c8f3b7aaac64bb65b2c70b.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0021-72.png)
I need to render the template and then apply it
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
maybe use the raw chart with a values.yaml.gotmpl file?
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
or delve into kustomize (something I’ve yet to do honestly)
![deftunix avatar](https://secure.gravatar.com/avatar/d7ddb1c2c5c8f3b7aaac64bb65b2c70b.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0021-72.png)
@Zachary Loeber I want just patch the ingress controller of a community helm chart without change it
![deftunix avatar](https://secure.gravatar.com/avatar/d7ddb1c2c5c8f3b7aaac64bb65b2c70b.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0021-72.png)
from the helmfile run
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
I guess that’s what you use helmfile for in general if I’m reading your statement correctly.
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
I don’t know about others, but I tend to completely disable ingress on all public charts then float ingress up to a custom chart of my own so I can more quickly make lateral ingress moves if so required.
![github-check-mark](/assets/images/custom_emojis/github-check-mark.png)
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
That way you aren’t trying to patch 20 different ingress chart implementations which may or may not be charted out the same.
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
You could do such a thing without a custom chart as well I suppose. again, maybe use the incubator/raw chart with a values.yaml.gotmpl file
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
other (smarter) people on this channel may know better ways though
![deftunix avatar](https://secure.gravatar.com/avatar/d7ddb1c2c5c8f3b7aaac64bb65b2c70b.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0021-72.png)
![deftunix avatar](https://secure.gravatar.com/avatar/d7ddb1c2c5c8f3b7aaac64bb65b2c70b.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0021-72.png)
I create a custom chart
![deftunix avatar](https://secure.gravatar.com/avatar/d7ddb1c2c5c8f3b7aaac64bb65b2c70b.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0021-72.png)
for the ingress
![scottcressi avatar](https://secure.gravatar.com/avatar/426bd7519254ebce10f9ee999b1565ba.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0013-72.png)
I’m trying to use ref+vault integration for secrets and I’m getting vault: get string: key “foo” does not exist in secrets foo yet it does
![scottcressi avatar](https://secure.gravatar.com/avatar/426bd7519254ebce10f9ee999b1565ba.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0013-72.png)
Has anyone used the vault integration successfully? I assume people have
![scottcressi avatar](https://secure.gravatar.com/avatar/426bd7519254ebce10f9ee999b1565ba.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0013-72.png)
I figured it out :)
2020-01-07
![Jonathan avatar](https://secure.gravatar.com/avatar/09f5a3994cb6002cdeaef199717c250e.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0006-72.png)
This might not be the right place for this question, if not, sorry! I’m trying to deploy grafana, and import dashboards from a git repo. The issue is that the repository I want to import from is private, so even though the dashboards.default.local-dashboard.url
is correct, I can’t reach it for obvious reasons, but I cannot find anywhere in the documentation how to pass secrets/username+pass etc. to authorize myself so I can read it. Does anyone have any pointers?
![Chris Maxoutis avatar](https://secure.gravatar.com/avatar/16d262332d0a47276862d4686136b2f6.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0003-72.png)
username:[email protected] where user and password you can pass them usually from env vars or even vault.
{{ requiredEnv PASSWORD" }}
![Jonathan avatar](https://secure.gravatar.com/avatar/09f5a3994cb6002cdeaef199717c250e.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0006-72.png)
I’ll try that out, thanks a bunch!
2020-01-09
![Matt McLane avatar](https://secure.gravatar.com/avatar/432a3127e6cf7917b1e36099e70a08d9.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0016-72.png)
Morning helmfile folks.
![Matt McLane avatar](https://secure.gravatar.com/avatar/432a3127e6cf7917b1e36099e70a08d9.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0016-72.png)
I have been struggling the past could days on a problem related to helm file and maybe someone in here can help. Basically I am trying to get weave flux to use helmfile instead of going straight to helm. Here is what I have done so far. I have setup flux to use manifest generation which allows me to run helmfile. Using that I can actually get helmfile to run and build things, but that isn’t a very good use of flux. Basically I am just using flux to clone git. What would be better is if I could get helmfile to write to stdout like kustomize build does. I am told by the folks that develop flux that it should work. It would allow us to benefit from the templating and secrets of helmfile while getting the gitops benefits of flux. Plus we could possibly use helmfile on our local systems if we wanted to.
So the question is who do I get helmfile to output to stdout like kustomize? I am currently running the following thinking it might do the trick, but it doesn’t seem to do anything in flux:
helmfile -e dev -q -f ./helmfile.d/helmfile.yaml build
Any help or suggestions would be great!
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@Matt McLane have you seen the helmfile operator?
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Kubernetes operator that continuously syncs any set of Chart/Kustomize/Manifest fetched from S3/Git/GCS to your cluster - mumoshu/helmfile-operator
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
I think that might make it a simpler integration with weave flux because you can just use CRDs
![Matt McLane avatar](https://secure.gravatar.com/avatar/432a3127e6cf7917b1e36099e70a08d9.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0016-72.png)
I have seen it but it didn’t look all that functional and I didn’t know how to set it up. I was also concerned that there is a standing issue titled How to run helmfile-operator?
Hey, I had a look at this project and tried to set it up on our cluster. But I struggle with that. All the single pieces of this operator are described but there is on example or docs about how to …
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
haha “howto” docs are a nice-to-have on open source projects
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
but yea, it’s more in the incubator stage
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@mumoshu is around, he can probably answer questions if they come up.
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
Have you used that operator yet? I’ve not been able to get it to compile
![Matt McLane avatar](https://secure.gravatar.com/avatar/432a3127e6cf7917b1e36099e70a08d9.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0016-72.png)
That is what I was worried about. it didn’t look complete to me.
![Matt McLane avatar](https://secure.gravatar.com/avatar/432a3127e6cf7917b1e36099e70a08d9.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0016-72.png)
But I am willing to be wrong.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@mumoshu
![Balaji J avatar](https://secure.gravatar.com/avatar/98c7930ba72537d85c1cf67a4ad1375a.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0009-72.png)
hi , is there predefined helmfile for redis native cluster(not using sentinel)? or anyone worked on creating one. Please let me know
2020-01-10
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
I could create one in about 3 minutes based on the default redis chart. Why don’t you give it a whirl first as you will almost always need to customize whatever anyone else precreated anyway.
![Matt McLane avatar](https://secure.gravatar.com/avatar/432a3127e6cf7917b1e36099e70a08d9.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0016-72.png)
So what is the “industry standard” for pipelines to run helmfile? We are trying to move toward a gitops approach, which is why I have been looking at flux so much. We also like some of the functionality helmfile brings us. We could build something from scratch but I much rather be in line with what others are doing.
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
@Matt McLane Good question, I’ve been trying to figure out the same. I’m looking into ArgoCD for this because it seems to have easier plugin capabilities to support helmfile. But it also seems that argo ‘apps’ are synonomous with helmfiles (generically) https://github.com/argoproj/argo-cd/issues/2143.
Is your feature request related to a problem? Please describe. Similar to helm, helmfile support would be great. Describe the solution you’d like Support for helmfile.
![Matt McLane avatar](https://secure.gravatar.com/avatar/432a3127e6cf7917b1e36099e70a08d9.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0016-72.png)
Have you found any documentation on how to plug helmfile into it? I am kinda figuring out that Flux isn’t going to work.
Is your feature request related to a problem? Please describe. Similar to helm, helmfile support would be great. Describe the solution you’d like Support for helmfile.
![Matt McLane avatar](https://secure.gravatar.com/avatar/432a3127e6cf7917b1e36099e70a08d9.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0016-72.png)
I am wondering if I can use a postsync hook within Argo CD.
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
Nothing done with it yet, I’m still on the research/interest stage, sorry
![Matt McLane avatar](https://secure.gravatar.com/avatar/432a3127e6cf7917b1e36099e70a08d9.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0016-72.png)
It’s all good
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@Matt McLane we are using atlantis
; i would not argue it’s an industry standard, but it works well enough.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
atlantis lets one define custom workflows with a plan and apply phase which we map to diff
and apply
in helmfile
![Matt McLane avatar](https://secure.gravatar.com/avatar/432a3127e6cf7917b1e36099e70a08d9.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0016-72.png)
Interesting. We run atlantis too for our terraform modules. In those cases we have created custom workflows to run terragrunt instead of terraform.
I can see where using it for helmfile will work.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Yup, very similar….
![Matt McLane avatar](https://secure.gravatar.com/avatar/432a3127e6cf7917b1e36099e70a08d9.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0016-72.png)
How do you handle different environments?
helmfile -e dev apply vs helmfile -e qa apply?
![Matt McLane avatar](https://secure.gravatar.com/avatar/432a3127e6cf7917b1e36099e70a08d9.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0016-72.png)
How do you promote things?
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
We have one repo per AWS account.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
We use remote helmfiles pinned to a github release
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
so to promote, we open a PR for that account environment and pin it to a new release
![Matt McLane avatar](https://secure.gravatar.com/avatar/432a3127e6cf7917b1e36099e70a08d9.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0016-72.png)
Gotcha
2020-01-13
![James Huffman avatar](https://secure.gravatar.com/avatar/fa982942a65f4524bae21b09f148db7f.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
hello, i’ve been trying to do something that probably shouldn’t be difficult but i’m struggling.
i want to do an {{ if }}
block in my helmfile which checks for the existence of a file. ultimately, i only want a particular release to be deployed if a specific file exists locally. is there a standard way of doing that? (i have seen nothing of the sort in the docs/examples and have fought with my own approaches for a while now)
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Hrmmmm that should be possible if Sprig supports a function for that
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Useful template functions for Go templates.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
I don’t see a function for that
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@James Huffman what underlying business logic are you trying to implement? maybe there’s an alternative way that doesn’t depend on the existence of files.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
I'm generating a list of additional values files for a release driven by some other dynamic configuration. I'd like to be able to detect existence of those files prior to declaring them in …
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
the issue above has a workaround you can use for now
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
{{ if eq (exec "./fileexists.sh" (list $valueFile)) "true" }}
2020-01-14
![James Huffman avatar](https://secure.gravatar.com/avatar/fa982942a65f4524bae21b09f148db7f.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
OK, that’s what i was wondering, if i needed to write a shell script to do it instead. thank you!!
![vgdub avatar](https://secure.gravatar.com/avatar/dd6b1352a9298a7a56a5c4684dfdfa46.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0022-72.png)
Hi folks, I am just wondering if anyone tried to add roles/clusterroles and their bindings via helm file , I am looking to apply some security polcies for multiple namespaces via helm ? is this possible ?
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
try rbac-manager along with some incubator/raw charts
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
that’s what I’ve been using and it works well enough
![vgdub avatar](https://secure.gravatar.com/avatar/dd6b1352a9298a7a56a5c4684dfdfa46.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0022-72.png)
@Zachary Loeber looks good , I am wondering in incubator/raw under resources and templates I can specify both role/clusterrole and bindings
![vgdub avatar](https://secure.gravatar.com/avatar/dd6b1352a9298a7a56a5c4684dfdfa46.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0022-72.png)
my goal is to be able to specify/create only get, list,watch policies in namespaces
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
- name: inv-ingest-rbac
chart: incubator/raw
namespace: inv-ingest
{{- if eq (env "HELM_VERSION" | default "2") "3" }}
needs:
- kube-system/namespace-inv-ingest
{{- end }}
values:
- resources:
- kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: inv-ingest-cluster-role
labels:
app.kubernetes.io/name: inv-ingest
rules:
- apiGroups: [""]
resources: ["pods", "services", "configmaps"]
verbs: ["get", "list", "watch", "create", "delete", "update", "patch"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "watch", "list"]
- kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: inv-ingest-role-binding
labels:
app.kubernetes.io/name: inv-ingest
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: inv-ingest-cluster-role
subjects:
- name: default
namespace: inv-ingest
kind: ServiceAccount
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
my bad (my personal social skills are just as awkward as my online ones unfortunately….)
![vgdub avatar](https://secure.gravatar.com/avatar/dd6b1352a9298a7a56a5c4684dfdfa46.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0022-72.png)
this is great , thanks @Zachary Loeber I am on the right path then. many thanks for telling me about this raw chart
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
gladly!
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
The raw chart is great
![Andrew Nazarov avatar](https://avatars.slack-edge.com/2021-06-09/2146832855878_fbb84e3b2832cc494a93_72.jpg)
We are doing kinda the same.
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
That’s a fairly full example of a helmfile chart for a spark application that uses the default service account and requires more rights than I’m comfortable with
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
you can pare it back to just what you’d need I’d think.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@Zachary Loeber you’re doing some interesting things over there. would love a demo sometime.
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
It all feels like hacks layered on hacks to me
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Haha that’s the reality though… it’s why I hate these demo videos that deploy hello word apps and proclaim that victory! “Deployments made easy”
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
The reality is that it’s difficult. Especially when you don’t control the tool chain from top to bottom. Integration is all about hacking bits and pieces together.
![DanB avatar](https://secure.gravatar.com/avatar/8a0d96fac83ff86acc2ed73ede776f75.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
I’m digging in to helmfile for the first time and trying to do something I think should be straight forward. I want to set a value that can be used “globally” in chart value files (via gotmpl). I’m not sure where to put this. If I put it in my main helmfile.yaml I get an error ``line 4: field foo not found in type state.HelmState, if I put it in a file that is listed under bases, I get an error
line 1: field foo not found in type state.HelmState` so where does it go?
![DanB avatar](https://secure.gravatar.com/avatar/8a0d96fac83ff86acc2ed73ede776f75.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
basically I want to use {{ .Value.foo }} in several chart values.yaml.gotmpl files
![DanB avatar](https://secure.gravatar.com/avatar/8a0d96fac83ff86acc2ed73ede776f75.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
This is what is in my defaults.yaml base file foo: '{{ coalesce (env "FOO") (env "LOCAL_FOO") }}'
2020-01-15
![DanB avatar](https://secure.gravatar.com/avatar/8a0d96fac83ff86acc2ed73ede776f75.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
Interested in hearing the communities thoughts on the above puzzles ^^
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
@DanB wouldn’t you use an environment variable for that?
![DanB avatar](https://secure.gravatar.com/avatar/8a0d96fac83ff86acc2ed73ede776f75.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
that is what i am trying to do
![DanB avatar](https://secure.gravatar.com/avatar/8a0d96fac83ff86acc2ed73ede776f75.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
but set it once to reduce duplication
![James Huffman avatar](https://secure.gravatar.com/avatar/fa982942a65f4524bae21b09f148db7f.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
so what you want is for an environment variable to be assigned to a key in your helmfile but propagate up into the base chart?
![DanB avatar](https://secure.gravatar.com/avatar/8a0d96fac83ff86acc2ed73ede776f75.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
Yes but multiple charts, not just one chart
![James Huffman avatar](https://secure.gravatar.com/avatar/fa982942a65f4524bae21b09f148db7f.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
so our solution to this, which may or may not work for you, is to make a values file section called global
in each of our charts.
within global
are all of the common values of this nature we’d like to set, initially with placeholders (since they will get overwritten).
then we have a macro file which handles setting all of the fields to their real values at run time, using env
calls to collect them.
in each helmfile, we include this macro file as another values file:
values:
- macros/deploy.yaml.gotmpl
![James Huffman avatar](https://secure.gravatar.com/avatar/fa982942a65f4524bae21b09f148db7f.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
having to put the placeholders into each chart is the most annoying bit, but helm template helpers might let you avoid that
![DanB avatar](https://secure.gravatar.com/avatar/8a0d96fac83ff86acc2ed73ede776f75.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
Ah hmm. So in our case the value is the same in each chart but each chart may use a different key in their values. I guess wed need the global section to duplicate the value for each possible key?
![James Huffman avatar](https://secure.gravatar.com/avatar/fa982942a65f4524bae21b09f148db7f.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
to be fair, you only have to put in each chart the specific keys you care about for that chart. any keys in the macro file which don’t exist in the underlying chart just won’t do anything.
![DanB avatar](https://secure.gravatar.com/avatar/8a0d96fac83ff86acc2ed73ede776f75.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
To put what I want in another way: I want to keep all usage of env vars out of individual chart values. I want to centralize all use of env vars to one place (environment? Base? Whatever works). Pain point I am trying to avoid is if an env var name changes or we introduce a new override env var we only have to change it in one place instead of n where n = # of charts. In our case n is 50ish
![James Huffman avatar](https://secure.gravatar.com/avatar/fa982942a65f4524bae21b09f148db7f.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
you could make a single .yaml.gotmpl file containing a single parent key, under which are all of the keys you want and how to obtain their values (e.g. through env
calls), then add that file to the values:
array for each helmfile you’re using. to make it fully work you would then update your charts to pull in that whole section. this would be a one-time deal so any time you updated this master file, all charts would see it when they render.
![James Huffman avatar](https://secure.gravatar.com/avatar/fa982942a65f4524bae21b09f148db7f.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
imagine you called the section in your master values file global:
and put all your keys below it. you can grab them in each of your charts with $root.Values.global
i believe.
![DanB avatar](https://secure.gravatar.com/avatar/8a0d96fac83ff86acc2ed73ede776f75.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
hmm, some of these charts I do not control
![DanB avatar](https://secure.gravatar.com/avatar/8a0d96fac83ff86acc2ed73ede776f75.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
To me this seems like it’d be a common use case, I wonder if I am missing something or over complicating things
![James Huffman avatar](https://secure.gravatar.com/avatar/fa982942a65f4524bae21b09f148db7f.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
it’s mostly a consequence of how helm works. a particular value is only meaningful if it lands in the correct place within a chart. so with different charts from different sources, some of which you cannot easily modify, there’s no one-size-fits-all solution. everybody writes charts their own way
![DanB avatar](https://secure.gravatar.com/avatar/8a0d96fac83ff86acc2ed73ede776f75.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
ignoring env vars, is there a way for me to set a static global value I can reuse in individual chart .yaml.gotmpl via mykey: {{ .Value.someStaticGlobal }}
![DanB avatar](https://secure.gravatar.com/avatar/8a0d96fac83ff86acc2ed73ede776f75.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
to give a concrete example my charts want to know the “name” of the cluster in the values file. When I run helmfile I set an envvar CLUSTER_NAME=k8s-dev-01
now I want to set some variable once in one location and then use that value in various chart values, trick is chart A may expect cluster name in a variable named clusterName
chart B might define it as cluster
chart C might define it as cluster-name
etc
![DanB avatar](https://secure.gravatar.com/avatar/8a0d96fac83ff86acc2ed73ede776f75.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
i can sprinkle the env `CLUSTER_NAME through my chart .yaml.gotmpls, but I’d really like to avoid that
![James Huffman avatar](https://secure.gravatar.com/avatar/fa982942a65f4524bae21b09f148db7f.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
only way to handle that is chart by chart, unfortunately. you can’t do a generic solution since the charts themselves vary so much. we’ve run into the same thing
![DanB avatar](https://secure.gravatar.com/avatar/8a0d96fac83ff86acc2ed73ede776f75.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
![DanB avatar](https://secure.gravatar.com/avatar/8a0d96fac83ff86acc2ed73ede776f75.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
Oh I think I figured it out: this was the key: https://github.com/roboll/helmfile/issues/640
This is a copy-paste of #361 (comment) for visibility. We're going to introduce State Values, that should be the foundation for various useful features. (Note that this isn't a breaking cha…
![DanB avatar](https://secure.gravatar.com/avatar/8a0d96fac83ff86acc2ed73ede776f75.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
In my helmfile I specify values: that set values based on envvars. I simply use {{ .Values.key }}
in my chart value gotmpl file. I can override these as well in my environments.yaml.gotmpl which is set as bases:
in my helmfile
2020-01-16
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Code examples of how Adobe Experience Platform uses helmfile in Kubernetes to streamline large-scale application management.
![vgdub avatar](https://secure.gravatar.com/avatar/dd6b1352a9298a7a56a5c4684dfdfa46.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0022-72.png)
Hi All , apologies in advance if this is not the right place to ask this , but I yesterday faced an issue with the helmfile diff --suppress-secrets
. I was simply applying some RBAC policies but tiller is now giving full of errors with this.
![vgdub avatar](https://secure.gravatar.com/avatar/dd6b1352a9298a7a56a5c4684dfdfa46.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0022-72.png)
![vgdub avatar](https://secure.gravatar.com/avatar/dd6b1352a9298a7a56a5c4684dfdfa46.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0022-72.png)
I can confirm that tiller has cluster-admin
privileges in kube-system
namespace so I am not sure why this diff is failing.
2020-01-17
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
so what rbac policies did you apply?
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
![James Huffman avatar](https://secure.gravatar.com/avatar/fa982942a65f4524bae21b09f148db7f.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
another vote for tillerless
2020-01-19
![DanB avatar](https://secure.gravatar.com/avatar/8a0d96fac83ff86acc2ed73ede776f75.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
can anyone give me pointers on how to use this: https://github.com/roboll/helmfile/pull/906 but for aws secret manager? I have this in my helmfile but it just uses the literal as is, debugging doesn’t indicate it tried to resolve the secret
![DanB avatar](https://secure.gravatar.com/avatar/8a0d96fac83ff86acc2ed73ede776f75.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
trying to piece together info from the README and this repo: https://github.com/variantdev/vals
Helm-like configuration values loader with support for various sources - variantdev/vals
![DanB avatar](https://secure.gravatar.com/avatar/8a0d96fac83ff86acc2ed73ede776f75.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
helmfile version v0.98.2
![DanB avatar](https://secure.gravatar.com/avatar/8a0d96fac83ff86acc2ed73ede776f75.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0005-72.png)
doc is wrong, should be ref+awssecrets://...
, and depending on your secret name format it may not work at all: https://github.com/variantdev/vals/issues/18 @mumoshu
This works: $ ~/.local/bin/aws secretsmanager get-secret-value –secret-id DanTest/ { "Name": "DanTest/", "VersionId": "4853e4d6-d7e8-4a30-9099-89cb8c522099"…
2020-01-20
![rms1000watt avatar](https://avatars.slack-edge.com/2023-12-08/6318001875107_13986079d7f8cfbeeec7_72.jpg)
@mumoshu It would be interesting for helmfile diff
to have a “hardcore” mode that compares against the k8s state instead of the helm state. Embarrassed to say, i hit cases where there’s manual changes to k8s resources that aren’t reflected in helm state. (If i’m misunderstanding helmfile diff
-> helm diff
, my bad ) Anyways, been using something along the lines of:
# Render all the k8s yaml
helmfile -f hello.yml template > ~/Desktop/hello.helmfile.yml
# Diff the new yaml with what's actually deployed
tail -n +2 ~/Desktop/hello.helmfile.yml | kubectl diff -f - > ~/Desktop/hello.helmfile.diff
# If diff is acceptable, run helmfile
helmfile -f hello.yml apply
![Dudi Cohen avatar](https://secure.gravatar.com/avatar/95baa697724227960caff0f0415a3a8a.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0019-72.png)
@rms1000watt I also share your concerns about helm diff not comparing to the actual state of the cluster. I suggested a workaround similar to yours in this issue: https://github.com/databus23/helm-diff/issues/176#issuecomment-576291610
Hi, At the moment, if you make any manual changes to resources (not via helm) helm diff will not reflect these changes. I suggest that the output should reflect the desired vs actual state of the r…
![Dudi Cohen avatar](https://secure.gravatar.com/avatar/95baa697724227960caff0f0415a3a8a.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0019-72.png)
@rms1000watt btw, would your workaround actually work in a scenario where kubectl diff finds a diff but helmfile apply doesn’t find a diff? Wouldn’t it just exit in that case?
![rms1000watt avatar](https://avatars.slack-edge.com/2023-12-08/6318001875107_13986079d7f8cfbeeec7_72.jpg)
@timduhenchanter for visibility. And kudos to your always helmfile template | kubectl apply -f-
methodology
![rms1000watt avatar](https://avatars.slack-edge.com/2023-12-08/6318001875107_13986079d7f8cfbeeec7_72.jpg)
@stobiewankenobi for visibility too. Rofl. Afterthought.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@rms1000watt out of curiosity, are you using helm3? was wondering if it would do a better job.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
What are the key differences between Helm 2 and Helm 3? Visit the FAQs for insights.
![rms1000watt avatar](https://avatars.slack-edge.com/2023-12-08/6318001875107_13986079d7f8cfbeeec7_72.jpg)
Solid
![rms1000watt avatar](https://avatars.slack-edge.com/2023-12-08/6318001875107_13986079d7f8cfbeeec7_72.jpg)
I need to upgrade
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
I’m not sure if this impacts the helm-diff
plugin or not.
![rms1000watt avatar](https://avatars.slack-edge.com/2023-12-08/6318001875107_13986079d7f8cfbeeec7_72.jpg)
but this is a great lead
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
let me know what you find out!
2020-01-21
![Mahesh avatar](https://avatars.slack-edge.com/2020-01-05/882378059299_f111930f67176e395733_72.jpg)
helm 3
is very buggy, we face a lot of issues, eg. https://github.com/helm/helm/issues/7426
Hi, I am trying to install a release using the –atomic flag but it seems that it hangs forever: helm3 install bar stable/mariadb -n default –atomic Error: release bar failed, and has been unins…
![mumoshu avatar](https://secure.gravatar.com/avatar/8e045bf747ca7a90b1d955dc30217271.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
helm-diff w/ helm 3 is unaffected, as it still shows the diff between the release stored in the cluster(!= the current state of k8s resources originally created for the release) and the manifests rendered by helm template
.
but yeah the diff and the install/upgrade result can be much more reliable than in helm 2, as helm3 tries its best not to accidentally “revert” manual changes
![mumoshu avatar](https://secure.gravatar.com/avatar/8e045bf747ca7a90b1d955dc30217271.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
@Mahesh does it still hang when you fix your deployment? (at glance it can happen when the k8s resources created by the chart is stuck in error or not-ready states, which is not issues in helm
![mumoshu avatar](https://secure.gravatar.com/avatar/8e045bf747ca7a90b1d955dc30217271.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
you can just rerun it without --atomic
and see if it reveals the underlying issue = cause of the hang.
helm
should do a better error reporting on user errors if it’s actually user error, though.
![Mahesh avatar](https://avatars.slack-edge.com/2020-01-05/882378059299_f111930f67176e395733_72.jpg)
we just do helm delete
and delete k8s objects created by helm package (its very picky even for secrets)
![mumoshu avatar](https://secure.gravatar.com/avatar/8e045bf747ca7a90b1d955dc30217271.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
to fix the hang?
![Mahesh avatar](https://avatars.slack-edge.com/2020-01-05/882378059299_f111930f67176e395733_72.jpg)
yeah, to redeploy
![rms1000watt avatar](https://avatars.slack-edge.com/2023-12-08/6318001875107_13986079d7f8cfbeeec7_72.jpg)
Oh crap… good point @Dudi Cohen you’re right. Yeah.. I think I would have to reconcile with kubectl apply
with the helmfile template
output
![Dudi Cohen avatar](https://secure.gravatar.com/avatar/95baa697724227960caff0f0415a3a8a.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0019-72.png)
@rms1000watt then you won’t have a release in helm
![Zachary Loeber avatar](https://avatars.slack-edge.com/2020-05-13/1115475485942_e68ae4d6556df390de70_72.jpg)
Random helm/helmfile tip: For what its worth, if you are upgrading to helm 3 ensure you sync more than once for each new chart you deploy for the first time. The three way merge in helm 3 means certain helm constructs will be problematic (such as the autogenerated ClusterIP: “” of a service for instance). Ran into this issue a few times now without realizing it until after the fact.
![Andrew Nazarov avatar](https://avatars.slack-edge.com/2021-06-09/2146832855878_fbb84e3b2832cc494a93_72.jpg)
ClusterIP was a PITA. Had to set force
to false
to deal with it. So far so good.
![Cameron Boulton avatar](https://secure.gravatar.com/avatar/47e8a047f9cd224c98149191a3098880.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0025-72.png)
Disabling force
still doesn’t solve some of the edge cases with Helm 3’s three-way merge unfortunately: https://github.com/helm/helm/issues/6378#issuecomment-556212320 They closed the issue but you can see many people are still reporting the issue.
We’re still blocked from upgrading util the Helm team 1) seriously acknowledges the issue and 2) resolves it
I use the following to install / upgrade a chart: ./helm upgrade –install –set rbac.create=false –set controller.replicaCount=2 –set controller.service.loadBalancerIP=$ip –wait main-ingress st…
2020-01-22
![Kashif Rahman avatar](https://secure.gravatar.com/avatar/236adeeccc41456248af8511c921d163.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0025-72.png)
Guys anyone faced such issue that kubernetes job created with helm for db migrations always succeed although when we manually deploy job it shows up actual error
$ node_modules/node-pg-migrate/bin/pg-migrate -m ./migrations-app -v up
No migrations to run!
Migrations complete!
Done in 0.62s
if I manually deploy a job it will show up db migration error which is actual output what could be the case where job from helm is passing in every case ?
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Sounds like maybe the exit code from node_modules/node-pg-migrate/bin/pg-migrate
is not getting returned
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
can you share how you call it in your docker image? for example, if you’re running it in a bash script, you’ll want to have set -e
to ensure you exit non-zero on all errors
![Kashif Rahman avatar](https://secure.gravatar.com/avatar/236adeeccc41456248af8511c921d163.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0025-72.png)
@Erik Osterman (Cloud Posse) it is called by yarn run <command> in package,json
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
ok, but what then calls yarn run
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
also, can you share the snippet from package.json
where it’s called?
![Kashif Rahman avatar](https://secure.gravatar.com/avatar/236adeeccc41456248af8511c921d163.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0025-72.png)
1 min
![Kashif Rahman avatar](https://secure.gravatar.com/avatar/236adeeccc41456248af8511c921d163.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0025-72.png)
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
ok, so the good news is your package.json
looks good. That should pass through the exit codes.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
So how do you call this? We need to ensure that everywhere exit codes are preserved.
![Kashif Rahman avatar](https://secure.gravatar.com/avatar/236adeeccc41456248af8511c921d163.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0025-72.png)
hmmm makes sense I am rebuilding images, seems I have found something but let me test it
2020-01-23
2020-01-24
![Cameron Boulton avatar](https://secure.gravatar.com/avatar/47e8a047f9cd224c98149191a3098880.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0025-72.png)
It would be helpful if you would all add your commentary to that issue if you experienced it. Hopefully they will reopen or at least point to a new issue with resolution at some point.
![Cameron Boulton avatar](https://secure.gravatar.com/avatar/47e8a047f9cd224c98149191a3098880.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0025-72.png)
@mumoshu Any ideas how I might accomplish value key removals in Helmfile during the values merge? I’m looking for behavior similar to this: https://github.com/helm/helm/issues/1966 Using null
however does not seem to make it past the Helmfile value merge operation (that is merging a discreet/defined value with null
does not appear to be subtractive; the original value key remains)
Specifically, we have some global value keys like resources, probes, etc. that we want to remove for the default environment only (we use default for local development). Does that make sense?
Since the introduction of deep merging (#1620), it's now not possible to remove keys from values.yml entirely. For example, the telegraf values has a default entry for single.config.inputs.infl…
![mumoshu avatar](https://secure.gravatar.com/avatar/8e045bf747ca7a90b1d955dc30217271.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
It’s not impossible but I’d say you shouldn’t do it.
Since the introduction of deep merging (#1620), it's now not possible to remove keys from values.yml entirely. For example, the telegraf values has a default entry for single.config.inputs.infl…
![mumoshu avatar](https://secure.gravatar.com/avatar/8e045bf747ca7a90b1d955dc30217271.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
Probably you can achieve it with readFile | fromYaml
in combination with merge
and unset
template functions
![mumoshu avatar](https://secure.gravatar.com/avatar/8e045bf747ca7a90b1d955dc30217271.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
More feasible way would be not using something that must be removed afterwards as defaults
![Cameron Boulton avatar](https://secure.gravatar.com/avatar/47e8a047f9cd224c98149191a3098880.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0025-72.png)
Thanks @mumoshu
2020-01-28
![Thomas Burton avatar](https://secure.gravatar.com/avatar/236535b0126e26ecc257a579bf0db819.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0013-72.png)
I am trying to install helmfile in a custom Docker file. This is what it looks like:
RUN apk add --update --no-cache curl ca-certificates bash && \
curl -L ${BASE_URL}/${TAR_FILE} |tar xvz && \
mv linux-amd64/helm /usr/bin/helm && \
chmod +x /usr/bin/helm && \
curl <https://github.com/roboll/helmfile/releases/download/v0.98.2/helmfile_linux_amd64> -O && \
mv helmfile_linux_amd64 /usr/bin/helmfile && \
chmod +x /usr/bin/helmfile && \
helmfile --version
However the build fails with the following out put
/usr/bin/helmfile: helmfile: line 1: syntax error near unexpected token `<'
/usr/bin/helmfile: helmfile: line 1: `<html><body>You are being <a href="<https://github-production-release-asset-2e65be.s3.amazonaws.com/74499101/19b32580-317f-11ea-9dc4-79b9457abdad?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20200128%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20200128T124544Z&X-Amz-Expires=300&X-Amz-Signature=4504b341305adc17e28b24ce7d340e0c395b662bc7e991a6d2c856a991c17fd2&X-Amz-SignedHeaders=host&actor_id=0&response-content-disposition=attachment%3B%20filename%3Dhelmfile_linux_amd64&response-content-type=application%2Foctet-stream>">redirected</a>.</body></html>'
Any ideas?
![TBeijen avatar](https://secure.gravatar.com/avatar/84283305b4f7c826ac365cacf6c2f6b4.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0020-72.png)
Your first curl command has the -L
switch, the second doesn’t. That’s why your downloaded file contains html stating you are redirected, which curl does by adding the -L
flag.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@TBeijen is correct - you need to follow redirects.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
My “go to” for curl
arguments is -fsSL
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
also, I see you’re using alpine. We distribute helmfile
for alpine here: https://github.com/cloudposse/packages
Cloud Posse installer and distribution of native apps, binaries and alpine packages - cloudposse/packages
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
# Install the cloudposse alpine repository
ADD <https://apk.cloudposse.com/[email protected]> /etc/apk/keys/
RUN echo "@cloudposse <https://apk.cloudposse.com/3.11/vendor>" >> /etc/apk/repositories
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
then apk add helmfile@cloudposse
![Thomas Burton avatar](https://secure.gravatar.com/avatar/236535b0126e26ecc257a579bf0db819.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0013-72.png)
Thanks all super helpful. Will give it a go and report back
![Thomas Burton avatar](https://secure.gravatar.com/avatar/236535b0126e26ecc257a579bf0db819.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0013-72.png)
![Graeme Gillies avatar](https://secure.gravatar.com/avatar/634b9d52f08065ec0439cbdbf94a292f.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0008-72.png)
Hi! I am attempting to use the exec fuctionality in gotmpl as part of helmfile, to try and pull a value from an external source. I am doing the following in a values.gotmpl file
external_pass: {{ toJson (exec "./vault-show" (list "secrets" "stage")) }}
global:
appConfig:
incomingEmail:
password:
secret: {{ .external_pass }}
However I get an error saying
executing "stringTemplate" at <.external_pass>: can't evaluate field external_pass in type state.EnvironmentTemplateData
![mumoshu avatar](https://secure.gravatar.com/avatar/8e045bf747ca7a90b1d955dc30217271.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
you’ve a chicken-and-egg problem here
![mumoshu avatar](https://secure.gravatar.com/avatar/8e045bf747ca7a90b1d955dc30217271.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
where you need .external_pass
defined in the go template in order to render the yaml, but to load the yaml you need to evaluate the go template
![mumoshu avatar](https://secure.gravatar.com/avatar/8e045bf747ca7a90b1d955dc30217271.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
you could try this
{{ $external_pass := toJson (exec "./vault-show" (list "secrets" "stage")) }}
global:
appConfig:
incomingEmail:
password:
secret: {{ $external_pass }}
![Graeme Gillies avatar](https://secure.gravatar.com/avatar/634b9d52f08065ec0439cbdbf94a292f.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0008-72.png)
![Graeme Gillies avatar](https://secure.gravatar.com/avatar/634b9d52f08065ec0439cbdbf94a292f.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0008-72.png)
err
![Graeme Gillies avatar](https://secure.gravatar.com/avatar/634b9d52f08065ec0439cbdbf94a292f.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0008-72.png)
I have also tried
.Values.external_pass
for the secret field
2020-01-29
![David Nolan avatar](https://avatars.slack-edge.com/2019-05-09/633111743110_ddb8debd32ad188bfcc1_72.jpg)
I just started looking at the cloudposse helmfiles repo, but I keep getting errors. Is there a recommended combination of versions of the repo/helm/helmfile/etc that is known to work well? I had bizarre helmfile/helm version mismatch issues which required me to downgrade helm from 3.0.2 to 3.0.0. Then I discovered that the config in the repo is trying to pull content from github which no longer exists, it looks like coreos renamed files in https://github.com/coreos/prometheus-operator/tree/master/example/prometheus-operator-crd . I updated those URLs, but now I’m hitting this: error: error validating "<https://raw.githubusercontent.com/coreos/prometheus-operator/master/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml>": error validating data: ValidationError(CustomResourceDefinition.spec): unknown field "preserveUnknownFields" in io.k8s.apiextensions-apiserver.pkg.apis.apiextensions.v1beta1.CustomResourceDefinitionSpec; if you choose to ignore these errors, turn validation off with --validate=false
Prometheus Operator creates/configures/manages Prometheus clusters atop Kubernetes - coreos/prometheus-operator
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
@David Nolan - your best bet is to fork and use our helmfiles as a starting off point.
![David Nolan avatar](https://avatars.slack-edge.com/2019-05-09/633111743110_ddb8debd32ad188bfcc1_72.jpg)
I’m trying, but I can’t seem to get the Rube Goldberg machine that is helm/hemlfile to work. I was hoping this would be a good place to start on diving into the world of helm.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
haha
![David Nolan avatar](https://avatars.slack-edge.com/2019-05-09/633111743110_ddb8debd32ad188bfcc1_72.jpg)
A friend and I were musing that there just isn’t a really good corpus of k8s example deployments, and I was saying I wanted the equivalent of the cloudposse terraform repos… and then I found your helmfiles repo and hope sprung eternal…
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
This is the “goal” but I would say it’s far from it right now. The problem is deploying many of these will be totally different if using EKS, Azure, or Digital Ocean.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
(we used kops)
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Also, if you use Kiam or not
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Also, very frequently, helm releases need backing services; those are deployed with terraform (our modules). But those backing services will differ by cloud.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
sorry - the helmfiles are not as portable as our modules
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
the fact we pinned to master is wrong - we shouldn’t have done that
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
we haven’t redeployed prometheus since they moved thigns around
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
hence we haven’t been bitten by it
![David Nolan avatar](https://avatars.slack-edge.com/2019-05-09/633111743110_ddb8debd32ad188bfcc1_72.jpg)
I’ll probably send you a PR with some updates based on that coreos repo structure change. Right now I’m trying to figure out whats throwing the error about validation. Might be because I’m trying to use an EKS cluster, maybe its missing some extensions.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Yes, so most of our client engagements have been on kops. We’re working right now some for EKS. I would expect some updates to our helmfiles for better EKS support in the coming months. That said, you probably can’t wait that long!
![David Nolan avatar](https://avatars.slack-edge.com/2019-05-09/633111743110_ddb8debd32ad188bfcc1_72.jpg)
I’m just messing around in free time, the job I’m starting in two weeks uses helm so I figure its something I should learn.
![David Nolan avatar](https://avatars.slack-edge.com/2019-05-09/633111743110_ddb8debd32ad188bfcc1_72.jpg)
the CP modules for EKS made getting that up trivial
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
thanks! glad that worked well.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
agree that now we just need the samething for helm services on top of it.
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
I sort of hope that we can get the terraform-helmfile-provider
to a place where it can help us bridge the gap. To date, we’ve just not had enough time to get back to it.
![btai avatar](https://avatars.slack-edge.com/2019-09-04/736463433650_34701761239ea7ba8207_72.jpg)
what [prometheus-operator] fix change in prometheus-operator crd yaml locations [prometheus-operator] add podmonitors crd why the url to install crd yamls have changed (currently a 404 Not Found…
![David Nolan avatar](https://avatars.slack-edge.com/2019-05-09/633111743110_ddb8debd32ad188bfcc1_72.jpg)
Ah, my testing had missed the additional of another CRD file. Nice. Sadly I still hit the validation error, but I think I have a lead on that…
what [prometheus-operator] fix change in prometheus-operator crd yaml locations [prometheus-operator] add podmonitors crd why the url to install crd yamls have changed (currently a 404 Not Found…
![David Nolan avatar](https://avatars.slack-edge.com/2019-05-09/633111743110_ddb8debd32ad188bfcc1_72.jpg)
Its an incompatibility with k8s 1.14 (which is what my EKS cluster is running)
![David Nolan avatar](https://avatars.slack-edge.com/2019-05-09/633111743110_ddb8debd32ad188bfcc1_72.jpg)
I think I’ll need to grab an older version. They recently merged a commit that should fix the backwards compatibility, but haven’t regenerated the CRD files it appears.
![David Nolan avatar](https://avatars.slack-edge.com/2019-05-09/633111743110_ddb8debd32ad188bfcc1_72.jpg)
Pinning to v0.34.0 seems to be working so far… at least helmfile is still running
![btai avatar](https://avatars.slack-edge.com/2019-09-04/736463433650_34701761239ea7ba8207_72.jpg)
ah im on k8s 1.15
![David Nolan avatar](https://avatars.slack-edge.com/2019-05-09/633111743110_ddb8debd32ad188bfcc1_72.jpg)
EKS only supports 1.14 unfortunately
![Graeme Gillies avatar](https://secure.gravatar.com/avatar/634b9d52f08065ec0439cbdbf94a292f.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0008-72.png)
Do helmfile enviroments not support having a
set:
stanza? Just a
values:
stanza only?
![mumoshu avatar](https://secure.gravatar.com/avatar/8e045bf747ca7a90b1d955dc30217271.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
set
s are supported as well.
set:
# single value loaded from a local file, translates to --set-file foo.config=path/to/file
- name: foo.config
file: path/to/file
# set a single array value in an array, translates to --set bar[0]={1,2}
- name: bar[0]
values:
- 1
- 2
please see https://github.com/roboll/helmfile#configuration for more info
Deploy Kubernetes Helm Charts. Contribute to roboll/helmfile development by creating an account on GitHub.
![Graeme Gillies avatar](https://secure.gravatar.com/avatar/634b9d52f08065ec0439cbdbf94a292f.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0008-72.png)
hmm ok I am seeing an error like
in ./helmfile.yaml: failed to read helmfile.yaml: reading document at index 1: yaml: unmarshal errors:
line 48: field set not found in type state.EnvironmentSpec
![mumoshu avatar](https://secure.gravatar.com/avatar/8e045bf747ca7a90b1d955dc30217271.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
it isn’t supported under environments
. environment values are completely different concept than helm chart values
![Graeme Gillies avatar](https://secure.gravatar.com/avatar/634b9d52f08065ec0439cbdbf94a292f.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0008-72.png)
ok I think that makes sense. So I could just put everything I was going to set into an environment specific values.yaml and then load that in the particular environment?
![mumoshu avatar](https://secure.gravatar.com/avatar/8e045bf747ca7a90b1d955dc30217271.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
then you should either render helm chart values according to the env, or select appropriate helm chart values filer according to the env name
![bradym avatar](https://avatars.slack-edge.com/2023-06-21/5464816405572_dd21bed1bf537acb6539_72.jpg)
Hey all, I’ve got a list of ip addresses stored as a comma separated list in aws ssm parameter store. I’m trying to get the value and split it into a list:
{{ $extIps := "<secretref+awsssm://path/to/VAR?region=us-west-1>" }}
externalIPs:
{{ range splitList "," $extIps }}
- {{ . }}
{{ end }}
But this is giving me:
externalIPs:
- 127.0.0.1,0.0.0.0
Does anyone know if it’s possible to get it to render as a list of ip addresses like this?
externalIPs:
- 127.0.0.1
- 0.0.0.0
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
Comprehensive Distribution of Helmfiles for Kubernetes - cloudposse/helmfiles
![Erik Osterman (Cloud Posse) avatar](https://secure.gravatar.com/avatar/88c480d4f73b813904e00a5695a454cb.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0023-72.png)
here’s how we used it
![bradym avatar](https://avatars.slack-edge.com/2023-06-21/5464816405572_dd21bed1bf537acb6539_72.jpg)
That makes sense, but it appears my issue is with the secretref+awsssm part. I can get what I want if I set $extIds
to the string "127.0.0.1,0.0.0.0"
but when I try to do something with the result of the call to aws ssm it doesn’t seem to work. Maybe a rendering order thing?
![mumoshu avatar](https://secure.gravatar.com/avatar/8e045bf747ca7a90b1d955dc30217271.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
you can’t use it within go template variables as secrets are retrieved and replaced with references after the values file is loaded as yaml
![mumoshu avatar](https://secure.gravatar.com/avatar/8e045bf747ca7a90b1d955dc30217271.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
and the go template rendering happens before it’s loaded as yaml
![mumoshu avatar](https://secure.gravatar.com/avatar/8e045bf747ca7a90b1d955dc30217271.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0015-72.png)
maybe you can make it work with combining environment values and chart values, like having a env values file like this:
extIps: <secretref+awsssm://path/to/VAR?region=us-west-1>
And in chart values gotmpl:
externalIPs:
{{ range splitList "," .Environment.Values.extIps }}
- {{ . }}
{{ end }}
![bradym avatar](https://avatars.slack-edge.com/2023-06-21/5464816405572_dd21bed1bf537acb6539_72.jpg)
Unfortunately that’s how I started out, I’ve tried various combinations of rendering in a values.gotmpl file and in the helmfile. Looks like I’ll need to take another approach.
![bradym avatar](https://avatars.slack-edge.com/2023-06-21/5464816405572_dd21bed1bf537acb6539_72.jpg)
Thanks for confirming how it works. That is very helpful.