δΈζζζ‘£ | English
A Kubernetes Operator for managing Helm repositories and releases through Custom Resource Definitions (CRDs).
Helm Operator provides a declarative way to manage Helm repositories and releases in Kubernetes clusters. It extends Kubernetes with custom resources that allow you to:
- Manage Helm Repositories: Automatically sync Helm repositories and track available charts
- Manage Helm Releases: Declaratively install, upgrade, and manage Helm releases
- Authentication Support: Support for private repositories with Basic Auth and TLS
- Status Tracking: Real-time status updates and chart information
- Event Recording: Comprehensive event logging for operations
- Automatic repository synchronization
- Chart discovery and version tracking
- Authentication support (Basic Auth, TLS)
- Status reporting with chart information
- Configurable sync intervals
- Declarative release management
- YAML-based values configuration
- Automatic upgrades on configuration changes
- Dependency management between releases
- Rollback and history tracking
- Private repository support
- TLS certificate management
- Kubernetes Secret integration
- RBAC permissions
- Real-time status conditions
- Event recording
- Metrics and monitoring ready
- Comprehensive logging
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Kubernetes Cluster β
β β
β βββββββββββββββββββ βββββββββββββββββββ β
β β HelmRepository β β HelmRelease β β
β β CRD β β CRD β β
β βββββββββββββββββββ βββββββββββββββββββ β
β β β β
β V V β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β Helm Operator β β
β β β β
β β βββββββββββββββββββ βββββββββββββββββββ β β
β β β Repository β β Release β β β
β β β Controller β β Controller β β β
β β βββββββββββββββββββ βββββββββββββββββββ β β
β β β β β β
β β V V β β
β β ββββββββββββββββββββββββββββββββββββββββββββββββββββ β β
β β β Helm Client Library β β β
β β ββββββββββββββββββββββββββββββββββββββββββββββββββββ β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β | β
ββββββββββββββββββββββββββββββββΌββββββββββββββββββββββββββββββββββ
V
βββββββββββββββββββ
β External Helm β
β Repositories β
βββββββββββββββββββ- Kubernetes cluster v1.25+
- kubectl configured to access your cluster
- Go 1.21+ (for development)
- Docker (for building images)
- Install CRDs:
kubectl apply -f https://github.com/raw/ketches/helm-operator/master/deploy/crds/helm-operator.ketches.cn_helmrepositories.yaml
kubectl apply -f https://github.com/raw/ketches/helm-operator/master/deploy/crds/helm-operator.ketches.cn_helmreleases.yaml- Deploy the Operator:
kubectl create namespace ketches
kubectl apply -f https://github.com/raw/ketches/helm-operator/master/deploy/manifests.yaml- Add Helm repository:
helm repo add helm-operator https://ketches.github.io/helm-operator
helm repo update- Install the operator:
helm install helm-operator helm-operator/helm-operator -n ketches --create-namespace- Verify Installation:
kubectl get pods -n ketcheskubectl apply -f https://github.com/raw/ketches/helm-operator/master/samples/helm_repository.yamlkubectl apply -f https://github.com/raw/ketches/helm-operator/master/samples/helm_release.yaml# Check repository status
kubectl get helmrepository helm-operator-charts
# Check release status
kubectl get helmrelease nginx- Clone the repository:
git clone https://github.com/ketches/helm-operator.git
cd helm-operator- Install dependencies:
make generate
make manifests- Run locally:
make install # Install CRDs
make run # Run controller locally- Build and test:
make build # Build binary
make test # Run testsmake docker-build-local IMG=helm-operator VERSION=devmake deployapiVersion: helm-operator.ketches.cn/v1alpha1
kind: HelmRepository
metadata:
name: private-repo
spec:
url: "https://private.charts.example.com"
interval: "1h"
auth:
basic:
secretRef:
name: repo-credentials
namespace: default
timeout: "10m"apiVersion: helm-operator.ketches.cn/v1alpha1
kind: HelmRelease
metadata:
name: my-app
spec:
chart:
name: my-app
version: "1.0.0"
repository:
name: my-repo
namespace: default
release:
name: my-app-release
namespace: production
createNamespace: true
values: |
image:
tag: "v1.0.0"
resources:
requests:
cpu: "100m"
memory: "128Mi"
install:
timeout: "10m"
wait: true
upgrade:
timeout: "10m"
wait: true# Create authentication secret
apiVersion: v1
kind: Secret
metadata:
name: private-repo-auth
type: Opaque
data:
username: dXNlcm5hbWU= # base64 encoded
password: cGFzc3dvcmQ= # base64 encoded
---
# Private repository with authentication
apiVersion: helm-operator.ketches.cn/v1alpha1
kind: HelmRepository
metadata:
name: private-repo
spec:
url: "https://private.charts.example.com"
auth:
basic:
secretRef:
name: private-repo-authapiVersion: helm-operator.ketches.cn/v1alpha1
kind: HelmRelease
metadata:
name: complex-app
spec:
chart:
name: my-app
version: "2.0.0"
repository:
name: my-repo
release:
name: complex-app
namespace: production
createNamespace: true
values: |
# Application configuration
app:
name: "complex-app"
version: "2.0.0"
# Replica count
replicaCount: 3
# Image configuration
image:
repository: "my-registry/my-app"
tag: "v2.0.0"
pullPolicy: "IfNotPresent"
# Service configuration
service:
type: "ClusterIP"
port: 8080
targetPort: 8080
# Ingress configuration
ingress:
enabled: true
className: "nginx"
hosts:
- host: "app.example.com"
paths:
- path: "/"
pathType: "Prefix"
tls:
- secretName: "app-tls"
hosts:
- "app.example.com"
# Resource limits
resources:
limits:
cpu: "1000m"
memory: "1Gi"
requests:
cpu: "500m"
memory: "512Mi"
# Environment variables
env:
- name: "APP_ENV"
value: "production"
- name: "DB_HOST"
value: "postgres.database.svc.cluster.local"
# Install configuration
install:
timeout: "15m"
wait: true
waitForJobs: true
# Upgrade configuration
upgrade:
timeout: "15m"
wait: true
cleanupOnFail: true
# Dependencies
dependsOn:
- name: "postgres"
namespace: "database"For detailed API documentation, see:
We welcome contributions! Please see our Contributing Guide and Developer Guide for details.
- Fork the repository
- Create a feature branch
- Make your changes
- Add tests
- Run
make test lint - Submit a pull request
This project is licensed under the Apache License 2.0 - see the LICENSE file for details.
- π Documentation
- π Issue Tracker
- π¬ Discussions
- HelmRepository management
- HelmRelease management
- OCI repository support
- Webhook validation
Note: This project is under active development. APIs may change before v1.0.0 release.