ChartMuseum

    In addition to using ChartMuseum as you regular Helm Chart registry, you can also store your custom KubeVela addons in it.

    After successfully enabling the addon, we need to make sure ChartMuseum is accessible to you by forwarding the default port (8080):

    1. vela port-forward -n vela-system addon-chartmuseum 8080:8080 --address 0.0.0.0

    Use your newly created ChartMuseum repository (or any other Helm Chart repository) as an addon registry. We will name it localcm:

    1. $ vela addon registry add localcm --type helm --endpoint=http://localhost:8080 
    2. # If username and password is required, you can specify them with --username and --password

    You should see it in the list now:

    1. $ vela addon registry list
    2. Name        Type    URL                        
    3. ...
    4. localcm     helm    http://localhost:8080

    Push an addon to your registry

    1. $ vela addon init sample-addon
    2. # A conventional addon directory will be created
    3. # ./sample-addon
    4. # ├── definitions
    5. # ├── metadata.yaml
    6. # ├── readme.md
    7. # ├── resources
    8. # ├── schemas
    9. # └── template.yaml

    (Optional) Package your addon:

    Push your addon (sample-addon) to the registry (localcm) that you just added:

    1. # Notice how we automatically package the addon for you. 
    2. $ vela addon push sample-addon localcm
    3. Pushing sample-addon-1.0.0.tgz to localcm(http://localhost:8080)... Done
    4. # If you packaged it yourself, just replace `sample-addon` with `sample-addon-1.0.0.tgz`
    6. # In addition to registry names (localcm, as we saw earlier), URLs are also supported.
    7. # If you use URLs, you don't even have to add it as an addon registry.
    8. $ vela addon push sample-addon-1.0.0.tgz http://localhost:8080 -f
    9. Pushing sample-addon-1.0.0.tgz to http://localhost:8080... Done
    10. # This is because we already pushed the exact same addon to the same registry earlier.
    11. # We need to use `-f` to overwrite it.

    Your addon is available in the registry now!

    1. $ vela addon list
    2. NAME          REGISTRY   DESCRIPTION             AVAILABLE-VERSIONS  STATUS  
    3. ...
    4. sample-addon  localcm    An addon for KubeVela.  [1.0.0]             disabled

    Usages

    By default this addon does not have any authentication configured and allows anyone to fetch or upload charts (unless the API is disabled with disableAPI).

    To enable Basic Auth to protect APIs, configure basicAuth parameters:

    1. // +usage=Basic auth settings
    2. basicAuth: {
    3.     // +usage=Username for basic http authentication
    4.     username: "user"
    5.     // +usage=Password for basic http authentication
    6.     password: "pswd"
    7. }

    Using with local filesystem storage

    1. enablePersistence: true
    2. persistentSize:    "8Gi"

    Make sure your environment is properly setup to access my-oss-bucket.

    To do so, you must set the following parameters:

    • accessKeyID
    • accessKeySecret

    Using with Microsoft Azure Blob Storage

    Make sure your environment is properly setup to access mycontainer.

    To do so, you must set the following parameters:

    • account
    • accessKey

    Specify custom.yaml with such values

    1. // +usage=Storage backend, can be one of: local(default), alibaba, amazon, google, microsoft
    2. storage: "microsoft"
    3. // +usage=Microsoft Azure storage backend settings
    4. microsoft: {
    5.     // +usage=Container to store charts for microsoft storage backend
    6.     container: "mycontainer"
    7.     // +usage=Azure storage account
    8.     account: "account"
    9.     // +usage=Azure storage account access key
    10.     accessKey: "key"
    11. }
    1. // +usage=Storage backend, can be one of: local(default), alibaba, amazon, google, microsoft
    2. storage: "google"
    3. // +usage=GCP storage backend settings
    4. google: {
    5.     // +usage=GCS bucket to store charts for google storage backend, e.g. my-gcs-bucket
    6.     bucket: "my-gcs-bucket"
    8. }

    Using with Amazon S3

    Make sure your environment is properly setup to access my-s3-bucket

    You need at least the following permissions inside your IAM Policy

    1. {
    2.   "Version": "2012-10-17",
    3.   "Statement": [
    4.     {
    5.       "Sid": "AllowListObjects",
    6.       "Effect": "Allow",
    7.       "Action": [
    8.         "s3:ListBucket"
    9.       ],
    10.       "Resource": "arn:aws:s3:::my-s3-bucket"
    11.     },
    12.     {
    13.       "Sid": "AllowObjectsCRUD",
    14.       "Effect": "Allow",
    15.       "Action": [
    16.         "s3:DeleteObject",
    17.         "s3:GetObject",
    18.         "s3:PutObject"
    19.       ],
    20.       "Resource": "arn:aws:s3:::my-s3-bucket/*"
    21.     }
    22.   ]
    23. }

    permissions grant with access keys

    1. // +usage=Storage backend, can be one of: local(default), alibaba, amazon, google, microsoft
    2. storage: "amazon"
    3. // +usage=AWS storage backend settings
    4. amazon: {
    5.     // +usage=S3 bucket to store charts for amazon storage backend, e.g. my-s3-bucket
    6.     bucket: "my-s3-bucket"
    7.     // +usage=Region of s3 bucket to store charts, e.g. us-east-1
    8.     region: "us-east-1"
    9.     // +usage=AWS access key id
    10.     accessKeyID: "keyid"
    11.     // +usage=AWS access key secret
    13. }