Authentication for private Helm registries - different registries with the same password
Hi,
We can configure the Helm registry to be global via the PRIVATE_HELM_REGISTRY_URL
environment variable:
https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/-/blob/main/helmfile/environments/default/global.gotmpl?ref_type=heads#L16
If it's not set, each chart gets a preconfigured Helm registry: https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk/-/blob/main/helmfile/environments/default/charts.yaml?ref_type=heads
The preconfigured Helm registry can now be registry.opencode.de
or registry.souvap-univention.de
.
The authentication for the Helm registries is done via the OD_PRIVATE_REGISTRY_USERNAME
and OD_PRIVATE_REGISTRY_PASSWORD.
repositories:
# Collabora Online
# Source: https://github.com/CollaboraOnline/online
- name: "collabora-online-repo"
keyring: "../../files/gpg-pubkeys/collaboraoffice-com.gpg"
verify: {{ .Values.charts.collabora.verify }}
username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }}
password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }}
oci: true
url: "{{ .Values.global.helmRegistry | default .Values.charts.collabora.registry }}/\
{{ .Values.charts.collabora.repository }}"
repositories:
# CryptPad
# Source: https://github.com/cryptpad/helm
- name: "cryptpad-repo"
keyring: "../../files/gpg-pubkeys/xwiki-com.gpg"
verify: {{ .Values.charts.cryptpad.verify }}
username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }}
password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }}
oci: true
url: "{{ .Values.global.helmRegistry | default .Values.charts.cryptpad.registry }}/\
{{ .Values.charts.cryptpad.repository }}"
Unless setting the global private Helm registry, we have to deal with two different Helm registries, but the authentication is done via the same 2 environment variables.
I suggest using different environment variable names for the different Helm registries.