Helm plugin install

jordangarrison · August 1, 2022, 10:30pm

Hi NixOs community,

I have a short and sweet question around getting helm (the Kubernetes package manager) plugins to work. Plugins are built into the utility but trying to install them leads to permission errors since the package is installed via nix and the directory is read-only. Has anyone had any luck installing helm plugins?

Here is the shell.nix file I’ve been working with:

let pkgs = import <nixpkgs> { };
in
pkgs.mkShell rec {
  name = "kube-state-metrics-deployment";

  buildInputs = with pkgs; [
    # External Dependencies
    curl
    docker
    git
    kubectl
    kubernetes-helm-wrapped
    kustomize
    jq
    openssh
  ];

  shellHook = ''
    helm plugin install https://github.com/databus23/helm-diff
  '';
}

I’ve tried the shellHook but this is a post-install step so it faces the same permissions issues. I’m tempted to just create a docker image and remote dev this but hopefully, it won’t come to that.

smf · August 2, 2022, 5:28pm

Hi @jordangarrison -

I managed to install the secrets plugin using

pkgs.wrapHelm pkgs.kubernetes-helm { plugins = [ pkgs.kubernetes-helmPlugins.helm-secrets ]; }

I’m pretty sure you can do something like

pkgs.wrapHelm pkgs.kubernetes-helm { plugins = [ pkgs.kubernetes-helmPlugins.helm-diff ]; }

to get the plugin you want installed. There’s probably a better way, but this worked for me.

Alex

Sandro · August 3, 2022, 11:40am

Did you try running helm plugin install in a normal login shell?

jordangarrison · August 9, 2022, 2:26pm

Hi Alex (@smf),

I’m slowly getting my bearings with setting up these shell nix files as I move in to each new repository I work in. Where would the line

pkgs.wrapHelm pkgs.kubernetes-helm { plugins = [ pkgs.kubernetes-helmPlugins.helm-secrets ]; }

live inside of this shell.nix?

let pkgs = import <nixpkgs> { };
in
pkgs.mkShell rec {
  name = "kube-state-metrics-deployment";

  buildInputs = with pkgs; [
    # External Dependencies
    curl
    docker
    git
    kubectl
    kubernetes-helm-wrapped
    kustomize
    jq
    openssh
  ];
}

I attempted to put it in the buildInputs but received errors.

Thanks a ton for your help and aplogies for my delay in responding to your answer.

Best,
Jordan

jordangarrison · August 9, 2022, 2:57pm

Hi @Sandro,

I haven’t tried that yet, I was hoping to not install helm globally. I was trying to install it in the specific repo’s shell.nix. I use a couple systems and have direnv set up to autoload these when I enter the directories for the repository.

I can give it a whirl with the global setup to see if it works outside of the repo-specific nix-shell. But when running the command manually just in a shell I still get read-only errors.

Best,
Jordan

smf · August 9, 2022, 6:43pm

Hey @jordangarrison -

So the wrapHelm line would replace kubernetes-helm-wrapped in your buildInputs section:

let pkgs = import <nixpkgs> { };
in
pkgs.mkShell rec {
  name = "kube-state-metrics-deployment";

  buildInputs = with pkgs; [
    # External Dependencies
    curl
    docker
    git
    kubectl
    (pkgs.wrapHelm pkgs.kubernetes-helm { plugins = [ pkgs.kubernetes-helmPlugins.helm-secrets ]; })
    kustomize
    jq
    openssh
  ];
}

This works on my local, so I’d expect it to be ok on your system, but give me a shout if it doesn’t.

Hope that helps!
Alex

jordangarrison · August 9, 2022, 9:36pm

This is great! I was missing the () syntax. Thanks a ton for your help Alex (@smf)!