Helm chart deployment and private docker repository
It depends on the output of your helm chart. You can use helm template to see the resulting kubernetes resources without actually deploying it. Using an image from a private docker registry comes down to two steps:
Make sure that you have a
secretresource for the private repository. Note that the type here iskubernetes.io/dockerconfigjsonorkubernetes.io/dockercfg.How to create this with templates from helm is described here.
- Refer to that secret in the pod that uses the image from that private repository, as shown below:
Pod resource/template:
spec:
containers:
- name: some-pod
image: <image>
imagePullSecrets:
- name: <name-of your secret>
You can first build the resources by hand without helm. This helps to verify that the resources themselves are correct. Then you can adapt the helm templates to output the correct resources given your values.
imageCredentials needs to be at the root level, like so:
image:
repository: <repo>
tag: <version tag>
pullPolicy: IfNotPresent
imageCredentials:
registry: <repo>
username: <username>
password: <pw>
because
{{- define "imagePullSecret" }}
{{- printf "{\"auths\": {\"%s\": {\"auth\": \"%s\"}}}" .Values.imageCredentials.registry (printf "%s:%s" .Values.imageCredentials.username .Values.imageCredentials.password | b64enc) | b64enc }}
{{- end }}
references .Values.imageCredentials.* and not .Values.image.imageCredentials.*.
Also, you need to add
imagePullSecrets:
- name: {{ .Values.imageCredentials.name }}
to the template (e.g. pod or deployment) that pulls the image from the private registry. And as that references .Values.imageCredentials.name, which isn't defined in your snippet, you need to add it, like so:
image:
repository: <repo>
tag: <version tag>
pullPolicy: IfNotPresent
imageCredentials:
name: <registry_name>_credentials
registry: <repo>
username: <username>
password: <pw>