The JFrog team has launched ChartCenter, the imaginatively named free central repository for public Helm charts.
A package manager for Kubernetes, Helm is used to install apps – such as PostgreSQL – into a cluster and comes in both public and private flavours. It’s a handy bit of technology, and usually comprises at least a deployment and service.
Originally created by Deis, which was snapped up by Microsoft in 2017, Helm was a subproject of Kubernetes before being donated to the Cloud Native Computing Foundation (CNCF) as an incubating project. It officially hit graduated project status this year as its adoption by cloud-native fans continued apace.
In a recent Microsoft blog post, Azure Distinguished Engineer Brendan Burns reckoned that more than 70 per cent of Kubernetes users used Helm to deploy applications.
While the Helm Hub is a useful resource of Helm Charts, ChartCenter aims to go beyond being a catalog and instead provide an immutable repository of the things and, according to JFrog, “be your single point of truth.”
The approach also ensures that the version used last month will be the same version used tomorrow, which will appeal to those left breathless by the pace of change in the Kubernetes world. ChartCenter also “provides a failsafe” in the event that the original repo drops off the face of the Earth.
As one would expect, ChartCenter will also note when a Helm Chart is a dependency of another as well as spotting dependencies used, including Docker images and subcharts. It will also make use of JFrog’s Xray product to scan for any nasties ahead of the deployment of a Kubernetes app.
JFrog insists that the service is and will always by free for the Helm community. Certainly with the pace of change in the Helm and wider Kubernetes world, a single source of truth is indeed a tempting prospect.
In the future, the gang plans to improve the UI (based on feedback) as well as add additional security information and take input on Helm repository best practices.
Jagan Subramanian, VP of community and partner engineering at JFrog, told DevClass: “ChartCenter has an inclusion process for developers to request addition of their hosted chart repos. Additionally we plan to allow developers to upload helm charts directly to ChartCenter in case they don’t want to take on the burden of hosting a repo themselves. We have seeded ChartCenter with all public charts available today.
“Additionally, with the security focus of the center we are engaging directly with chart authors and maintainers to make this ecosystem secure.”