Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/kokuwaio/helm-maven-plugin
Simple plugin to package helm charts
https://github.com/kokuwaio/helm-maven-plugin
helm kubernetes maven
Last synced: 3 days ago
JSON representation
Simple plugin to package helm charts
- Host: GitHub
- URL: https://github.com/kokuwaio/helm-maven-plugin
- Owner: kokuwaio
- License: mit
- Created: 2017-11-10T14:12:02.000Z (over 7 years ago)
- Default Branch: main
- Last Pushed: 2025-01-06T11:07:25.000Z (about 1 month ago)
- Last Synced: 2025-01-06T12:20:55.074Z (about 1 month ago)
- Topics: helm, kubernetes, maven
- Language: Java
- Homepage:
- Size: 74.3 MB
- Stars: 82
- Watchers: 8
- Forks: 55
- Open Issues: 7
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS
Awesome Lists containing this project
README
# Helm Maven Plugin
[](https://central.sonatype.com/namespace/io.kokuwa.maven)
[](https://github.com/kokuwaio/helm-maven-plugin/actions/workflows/build.yaml?label=Build)
This is a Maven plugin for testing, packaging and uploading HELM charts.
"HELM is a tool for managing Kubernetes charts. Charts are packages of pre-configured Kubernetes resources."
Visit for detailed information.
Currently the upload to [ChartMuseum](https://github.com/kubernetes-helm/chartmuseum), [Artifactory](https://jfrog.com/artifactory/) and [Nexus](https://github.com/sonatype/nexus-public) is supported.
## Helm v3
From version **5.0** Helm v3 is required.
There is no longer support for Helm v2.
For convenience reasons the stable repo is added by default.
Helm v2 users can still use plugin version [4.13](https://search.maven.org/artifact/io.kokuwa.maven/helm-maven-plugin/4.13/maven-plugin).
## Why?
Currently (October 2017) there is no simple Maven plugin to package existing HELM charts.
## How?
By default, the plugin automatically downloads Helm at the specified version. You can also manually specify the download URL.
Next to that it is possible to specify a local Helm binary. In all cases Helm will be executed in the background.
Add following dependency to your pom.xml:
```xml
io.kokuwa.maven
helm-maven-plugin
6.17.0
```
## Configuration Examples
### Helm URL Auto Detection
The default setting is to construct the Helm download URL based upon the detected OS and architecture:
```xml
io.kokuwa.maven
helm-maven-plugin
6.17.0
${project.basedir}
${project.version}
```
If you leave `helmVersion` and `helmDownloadUrl` empty the plugin will determine the latest version based on [https://api.github.com/repos/helm/helm/releases/latest].
### Usage with Downloaded Binary
```xml
...
io.kokuwa.maven
helm-maven-plugin
6.17.0
${project.basedir}
${project.version}
https://get.helm.sh/helm-v3.8.1-linux-amd64.tar.gz
...
```
### Usage with Local Binary
When `useLocalHelmBinary` is enabled, the plugin by default will search for the `helm` executable in `PATH`:
```xml
...
io.kokuwa.maven
helm-maven-plugin
6.17.0
${project.basedir}
${project.version}
true
...
```
The following is an example configuration that explicitly sets the directory in which to look for the `helm` executable,
and disables the auto-detection feature:
```xml
...
io.kokuwa.maven
helm-maven-plugin
6.17.0
${project.basedir}
${project.version}
true
false
/usr/local/bin
...
```
### Configure Plugin to Use Credentials from settings.xml for Upload
```xml
...
io.kokuwa.maven
helm-maven-plugin
6.17.0
${project.basedir}
${project.version}
stable-repo
https://repo.example.com/artifactory/helm-stable
ARTIFACTORY
snapshot-repo
https://my.chart.museum:8080/api/charts
CHARTMUSEUM
https://get.helm.sh/helm-v3.8.1-linux-amd64.tar.gz
...
```
### More Complex Example
```xml
...
io.kokuwa.maven
helm-maven-plugin
6.17.0
${project.basedir}
${project.version}
stable-repo
https://repo.example.com/artifactory/helm-stable
ARTIFACTORY
foo
bar
snapshot-repo
https://my.chart.museum/api/charts
CHARTMUSEUM
https://get.helm.sh/helm-v3.8.2-linux-amd64.tar.gz
~/.config/helm/registry.json
~/.cache/helm/repository
~/.config/helm/repositories.yaml
~/.gpg/secring.gpg
MySigningKey
SecretPassPhrase
true
false
${project.basedir}/excluded
${project.basedir}/**/excluded*
kokuwa
https://kokuwa.github.io
/opt/component1
${project.basedir}/src/test/resources/myOverrides.yaml
${project.basedir}/src/test/resources/myOverrides-1.yaml
${project.basedir}/src/test/resources/myOverrides-2.yaml
...
```
## Features
- Package Helm charts from standard folder structure
- Test Helm charts (Helm lint)
- Recursive chart detection (subcharts)
- Helm does not need to be installed
- Upload to [ChartMuseum](https://github.com/kubernetes-helm/chartmuseum) or [Artifactory](https://jfrog.com/artifactory/)
- Repository names are interpreted as server IDs to retrieve basic authentication from server list in settings.xml.
## Usage
## Goals
- `helm:clean` cleanups helm specific directory `charts` and `Chart.lock` file
- `helm:init` initializes Helm by downloading a specific version
- `helm:dependency-build` resolves the chart dependencies
- `helm:dependency-update` verifies that the required chart dependencies are present
- `helm:package` packages the given charts (chart.tar.gz)
- `helm:lint` tests the given charts
- `helm:template` Locally render templates
- `helm:dry-run` simulates an install
- `helm:upload` upload charts via HTTP PUT
- `helm:registry-login` login into docker registry
- `helm:registry-logout` login from docker registry
- `helm:push` push charts to OCI (docker registry)
- `helm:upgrade` upgrade an already existing installation
## Configuration
Parameter | Type | User Property | Required | Description
--- | --- | --- | --- | ---
`` | string | helm.chartDirectory | true | root directory of your charts
`` | string | helm.chartVersion | true | Version of the charts. The version have to be in the [SEMVER-Format](https://semver.org/), required by helm.
`` | string | helm.appVersion | false | The version of the app. This needn't be SemVer.
`` | string | helm.downloadUrl | false | URL to download helm. Leave empty to autodetect URL based upon OS and architecture.
`` | string | helm.downloadUser | false | Username used to authenticate while downloading helm binary package
`` | string | helm.downloadPassword | false | Password used to authenticate while downloading helm binary package
`` | string | helm.downloadServerId | false | Server Id in `settings.xml` which has username and password used to authenticate while downloading helm binary package
`` | string | helm.version | false | Version of helm to download.
`` | string | helm.githubUserAgent | false | To determine latest helm version this plugin uses the Github API. Therefore a [user agent](https://docs.github.com/en/rest/overview/resources-in-the-rest-api#user-agent-required) is needed. Defaults to `kokuwaio/helm-maven-plugin`
`` | int | helm.cacheValidityDays | false | Skip accessing the Github API for helm version if cache is newer than given days. Defaults to 1.
`` | string | helm.tmpDir | false | Directory where to store cached Github responses. Defaults to `${java.io.tmpdir}/helm-maven-plugin`
`` | list of strings | helm.excludes | false | list of chart directories to exclude
`` | boolean | helm.useLocalHelmBinary | false | Controls whether a local binary should be used instead of downloading it. If set to `true` path has to be set with property `executableDirectory`
`` | boolean | helm.autoDetectLocalHelmBinary | true | Controls whether the local binary should be auto-detected from `PATH` environment variable. If set to `false`, the binary in `` is used only. This property has no effect unless `` is set to `true`.
`` | string | helm.executableDirectory | false | directory of your helm installation (default: `${project.build.directory}/helm`). If defined, directory is used also for `` as a last resort.
`` | string | helm.outputDirectory | false | chart output directory (default: `${project.build.directory}/helm/repo`)
`` | boolean | helm.debug | false | add debug to helm
`` | string | helm.registryConfig | false | path to the registry config file
`` | string | helm.repositoryCache | false | path to the file containing cached repository indexes
`` | string | helm.repositoryConfig | false | path to the file containing repository names and URLs
``| boolean | helm.repo.add.force-update | false | If `true`, replaces (overwrite) the repo if they already exists.
``| boolean | helm.repo.add.pass-credentials | false | If `true`, pass credentials to all domains
`` | list of [HelmRepository](./src/main/java/io/kokuwa/maven/helm/pojo/HelmRepository.java) | | false | adds extra repositories while init
``| [HelmRepository](./src/main/java/io/kokuwa/maven/helm/pojo/HelmRepository.java) | | false | Upload repository for stable charts
``| [HelmRepository](./src/main/java/io/kokuwa/maven/helm/pojo/HelmRepository.java) | | false | Upload repository for snapshot charts (determined by version postfix 'SNAPSHOT')
`` | boolean | helm.lint.strict | false | run lint command with strict option (fail on lint warnings)
`` | boolean | helm.lint.quiet | false | run lint command with quiet option (print only warnings and errors)
`` | boolean | helm.init.add-default-repo | true | If true, stable repo () will be added
`` | boolean | helm.init.add-upload-repos | false | If true, upload repos (uploadRepoStable, uploadRepoSnapshot) will be added, if configured
`` | boolean | helm.skip | false | skip plugin execution
`` | boolean | helm.clean.skip | false | skip clean goal
`` | boolean | helm.init.skip | false | skip init goal
`` | boolean | helm.lint.skip | false | skip lint goal
`` | boolean | helm.template.skip | false | skip template goal. Default value is true due to the dry-run goal
`` | boolean | helm.dry-run.skip | false | skip dry-run goal
`` | boolean | helm.dependency-build.skip | false | skip dependency-build goal
`` | boolean | helm.dependency-build.skip-repo-refresh | false | skip local repository refresh in dependency-build goal
`` | boolean | helm.dependency-update.skip | false | skip dependency-update goal
`` | boolean | helm.dependency-update.skip-repo-refresh | false | skip local repository refresh in dependency-update goal
`` | boolean | helm.package.skip | false | skip package goal
`` | boolean | helm.upload.skip | false | skip upload goal
`` | boolean | helm.upload.skip.catalog | true | Skips creation of a catalog file with a list of helm chart upload details
`` | boolean | helm.upload.insecure | false | Skip tls certificate checks for the chart upload.
`` | boolean | helm.upload.verification | false | wait for the chart to be added to the repository index before continuing
`` | Integer | helm.upload.timeout | false | set the timeout limit (in seconds) for verification to be attempted
`` | boolean | helm.install.skip | false | skip install goal
`` | boolean | helm.uninstall.skip | false | skip uninstall goal
`` | string | helm.security | false | path to your [settings-security.xml](https://maven.apache.org/guides/mini/guide-encryption.html) (default: `~/.m2/settings-security.xml`)
`` | string | helm.package.keyring | false | path to gpg secret keyring for signing
`` | string | helm.package.key | false | name of gpg key in keyring
`` | string | helm.package.passphrase | false | passphrase for gpg key (requires helm 3.4 or newer)
`` | boolean | helm.push.skipPushLogin | false | Skip login, usefull if already logged via `helm:registry-login`
`` | [ValueOverride](./src/main/java/io/kokuwa/maven/helm/pojo/ValueOverride.java) | | false | override some values for linting with helm.values.overrides (--set option), helm.values.stringOverrides (--set-string option), helm.values.fileOverrides (--set-file option) and last but not least helm.values.yamlFile (--values option)
`` | string | helm.namespace | false | namespace scope for helm command
`` | string | helm.kubeApiServer | false | the address and the port for the Kubernetes API server
`` | string | helm.kubeInsecure | false | Skip tls certificate checks for the operation. Also known as `helm --kube-insecure-skip-tls-verify`.
`` | string | helm.kubeAsUser | false | username to impersonate for the operation
`` | string | helm.kubeAsGroup | false | group to impersonate for the operation, this flag can be repeated to specify multiple groups
`` | string | helm.kubeToken | false | bearer token used for authentication
`` | string | helm.releaseName | false | Name of the release to handle.
`` | boolean | helm.install.force | false | Force resource updates through a replacement strategy.
`` | boolean | helm.install.atomic | false | Set this to `true` to delete the installation on failure.
`` | boolean | helm.upgrade.imeout | false | Time in seconds to wait for any individual Kubernetes operation during install process. The default is 300 seconds (from helm) if `installAtomic` is set to `true`.
`` | boolean | helm.install.plain-http | false | Use insecure HTTP connections for the chart download.
`` | boolean | helm.upgrade.force | false | Force resource updates through a replacement strategy.
`` | boolean | helm.upgrade.atomic | false | Set this to `true` to rollback changes made in case of failed upgrade.
`` | boolean | helm.upgrade.imeout | false | Time in seconds to wait for any individual Kubernetes operation during upgrade process. The default is 300 seconds (from helm) if `upgradeTimeout` is set to `true`.
`` | boolean | helm.upgrade.dryRun | false | Run upgrade goal only in dry run mode
`` | boolean | helm.upgrade.plain-http | false | Use insecure HTTP connections for the chart download.
`` | boolean | helm.uninstall.wait | false | If set, will wait until all the resources are deleted before returning. It will wait for as long as `uninstallTimeout`.
`` | boolean | helm.uninstall.timeout | false | Time to wait for any individual Kubernetes operation (like Jobs for hooks) (default 5m0s).
`` | boolean | helm.uninstall.no-hooks | false | Prevent hooks from running during uninstallation.
`` | boolean | helm.uninstall.cascade | false | Must be "background", "orphan", or "foreground". Selects the deletion cascading strategy for the dependents. Defaults to background. (default "background" from helm)
`` | boolean | helm.uninstall.keep-history | false | Remove all associated resources and mark the release as deleted, but retain the release history.
`` | boolean | helm.uninstall.ignore-not-found | false | Treat "release not found" as a successful uninstall.
`` | file | helm.template.output-dir | false | Writes the executed templates to files in output-dir instead of stdout.
`` | string | helm.template.name-template | false | Specify template used to name the release.
`` | boolean | helm.template.generate-name | false | Generate the name (and omit the NAME parameter).
`` | boolean | helm.template.plain-http | false | Use insecure HTTP connections for the chart download.
`` | boolean | helm.push.plain-http | false | Use insecure HTTP connections for the chart download.
`` | boolean | helm.plain-http | false | Global Flag: Use insecure HTTP connections for the chart download.
`` | boolean | helm.push.caFile | false | Verify certificates of HTTPS-enabled servers using this CA bundle.
`` | boolean | helm.push.insecure | false | Skip tls certificate checks for the chart upload. Also known as `helm push --insecure-skip-tls-verify`
`` | boolean | helm.fallbackBinaryDownload | false | Controls whether a download should occur when local helm binary is not found. This property has no effect unless `` is set to `true`.
`` | boolean | helm.overwriteLocalDependencies | false | Controls whether a local path chart should be used for a chart dependency. When set to `true`, chart dependencies on a local path chart will be overwritten with the respective properties set by `overwriteDependencyVersion` and `overwriteDependencyRepository`. This is helpful for deploying charts with intra repository dependencies, while still being able to use local path dependencies for development builds. Example usage: for development use `mvn clean install` and for deployment use `mvn clean deploy -Dhelm.overwriteLocalDependencies=true`
`` | string | helm.overwriteDependencyVersion | false | Value used to overwrite a local path chart's version within a chart's dependencies. The property `overwriteLocalDependencies` must be set to `true` for this to apply.
`` | string | helm.overwriteDependencyRepository | false | Value used to overwrite a local path chart's repository within a chart's dependencies. The property `overwriteLocalDependencies` must be set to `true` for this to apply.
`` | boolean | helm.clean.failOnError | false | Indicates whether the build will continue even if there are clean errors. (default true)
## Packaging with the Helm Lifecycle
To keep your pom files small you can use 'helm' packaging.
This binds:
- `helm:clean` to clean phase
- `helm:init` to the initialize phase
- `helm:dependency-build` to the process-resources phase
- `helm:lint` to the test phase
- `helm:package` to the package phase
- `helm:upload` to the deploy phase
```xml
my-helm-charts
0.0.1
helm
...
io.kokuwa.maven
helm-maven-plugin
true
...
....
```