zet

K8SAPP Helm Procedure

These are my preferences for an air-gapped organization. Flavor to your own taste.

Fetch

1. Name the repo k8sapp-<somethingshort>
2. Create a README.md with title K8SAPP: <long name>
3. Create a helm directory and change into
4. Add remote repo to helm with same short name
5. Update the helm repo
6. Pull the chart tarball down locally
7. Pull and cache the index.yaml file to detect changes later

Validate

1. Understand the README.md in the chart
2. Understand the Chart.yaml file
3. Understand the values.yaml file
4. Understand the template directory
5. Peruse the rendered Kubernetes resource files
   helm template shortname . > /tmp/shortname.yaml
6. Identify and download all image dependencies locally
7. Locally scan images for security compliance and dependencies
8. Ensure clean legal FOSS pedigree

Configure

1. Strongly document any changes to the template itself
2. Pushed validated images to private registry

Check

1. Update the repo
   helm repo update shortname
2. Check for new chart additions
   helm search repo shortname -l -o yaml | diff charts.yaml -; echo $?

This site is open source. Improve this page.