Platform
Deploy Helm Charts
Complete guide to deploying Helm charts in TrueFoundry with support for multiple repository types, Kustomize integration, and advanced configurations
TrueFoundry provides a comprehensive platform for deploying Helm charts with support for multiple repository types, advanced configurations, and seamless integration with Kubernetes resources. This guide covers everything you need to know about deploying Helm charts through the TrueFoundry UI.
Follow the instructions in the TrueFoundry Secrets Guide to create a new secret.
Once created, copy the Fully Qualified Name (FQN) of the secret (e.g.,
Now you can use the secret FQN in your helm deployments by passing it in the values section of the helm deployment.
Overview
What You’ll Learn
This guide will walk you through:- Getting Started: How to access the Helm deployment interface and deploy your first chart
- Repository Types: Understanding the three different ways to source Helm charts
- Private Repositories: Setting up authentication for private chart repositories
- Advanced Configuration: Customizing deployments with values, secrets, and Kustomize
- Complete Example: A real-world Redis deployment with LoadBalancer exposure
Supported Repository Types
Helm charts in TrueFoundry can be deployed from three different source types:- HelmRepo: Traditional Helm repositories (HTTP/S servers hosting
index.yamlfiles) - OCIRepo: OCI-compliant container registries (Docker Hub, GCR, ACR, etc.)
- GitHelmRepo: Git repositories containing Helm charts (GitHub, GitLab, etc.)
Helm Chart Deployment Form
Deployment Process
Using the UI
- Navigate to Deployments: Go to your workspace and click “New Deployment”
- Select Helm: Choose “Helm” from the deployment options
- Configure Repository: Select your repository type and fill in the details
- Set Values: Configure chart values and advanced options
- Deploy: Click “Submit” to deploy your chart
Repository Types
HelmRepo (Traditional Helm Repository)
HelmRepo (Traditional Helm Repository)
HelmRepo is the standard way to deploy charts from traditional Helm repositories. These are HTTP/S servers that host an 
index.yaml file and packaged .tgz chart files.HelmRepo Configuration
- Helm repository URL: The URL of your Helm repository (e.g.,
https://charts.bitnami.com/bitnami) - Chart name: The name of the chart to deploy
- Version: The specific version of the chart
OCIRepo (OCI Registry)
OCIRepo (OCI Registry)
OCIRepo allows you to deploy charts stored as OCI artifacts in container registries like Docker Hub, Google Container Registry, or Azure Container Registry.
OCIRepo Configuration
- OCI chart URL: The OCI URL of your chart (e.g.,
oci://myregistry.com/mychart) - Version: The specific version of the chart
- Container Registry: The container registry in which the chart is stored, if the repository is private.
GitHelmRepo (Git Repository)
GitHelmRepo (Git Repository)
GitHelmRepo enables deployment of charts directly from Git repositories, providing flexibility for custom or private chart development.
GitHelmRepo Configuration
- Git repository URL: The URL of your Git repository
- Revision: Branch, tag, or commit SHA to use
- Path: Path to the chart within the repository
- Value files (Optional): Additional values files relative to the chart path
Private Repository Configuration
To use private repositories, you have to add and set up the repository along with credentials in the argocd repo secret. You can refer to the Private Repository Configuration guide to add and set up the repository along with credentials in the argocd repo secret.Advanced Configuration
Cluster-scoped objects (like ClusterRole, ClusterRoleBinding, or non-namespace
scoped resources) cannot be applied when deploying Helm charts unless you have
cluster admin privileges. This restriction prevents workspace users from
creating cluster-level resources that could impact other workloads.
Values Configuration
Values Configuration
You can customize your Helm chart deployment using values files, these values will override the values in the chart.
Values Configuration
- Values file as block file: Direct YAML input for chart values
- Value files: Reference to values files in your repository (for GitHelmRepo)
Using Secrets in Helm Deployments
Using Secrets in Helm Deployments
Create a Secret in TrueFoundry
You can securely use secrets like passwords in your helm deployments via TrueFoundry. Here’s how to set up and use TrueFoundry secrets in helm deployments.Follow the instructions in the TrueFoundry Secrets Guide to create a new secret.
Once created, copy the Fully Qualified Name (FQN) of the secret (e.g.,
tfy-secret://truefoundry:test-helm-secret:password).Now you can use the secret FQN in your helm deployments by passing it in the values section of the helm deployment.
Creating Kubernetes Secrets in Helm Deployments
There are two ways to create Kubernetes secrets in your helm deployments:1. Using Custom Kubernetes Objects
We can create a custom Kubernetes secret object and use the TrueFoundry secret FQN when setting the value.Creating secrets using custom Kubernetes objects
2. Using Kustomize
We can use additional manifess section of Kustomize to create a Kubernetes secret object and use the TrueFoundry secret FQN when setting the value.Creating secrets using Kustomize
data and stringData fields of Kubernetes secret. For data fields, you just need to base64 encode the value when creating the TrueFoundry secret.Kustomize Integration
Kustomize Integration
TrueFoundry supports Kustomize for advanced customization of your Helm deployments:
Kustomize Configuration
Patch Configuration
Use patches to modify existing Kubernetes resources generated by your Helm chart:Additional Manifests
Add custom Kubernetes resources alongside your Helm chart:Exposing Endpoints with VirtualService
To expose your Helm chart deployment as an endpoint, you can add a VirtualService as an additional manifest:Example: Exposing Redis Endpoint
Here’s a complete example of deploying Redis with a LoadBalancer service to expose the endpoint:Step 1: Basic Configuration
Step 1: Basic Configuration
Step 2: Create TrueFoundry Secret
Step 2: Create TrueFoundry Secret
To securely manage the Redis password, you can use TrueFoundry secrets as described in the Advanced Configuration section. Here’s a quick example:
-
Create a secret in TrueFoundry:
Redis Password Secret Example
-
Copy the secret FQN (e.g.,
tfy-secret://truefoundry:redis-secrets:password) to use in the next step.
Step 3: Values Configuration
Step 3: Values Configuration
Step 4: Kustomize Patch and Endpoint Exposure (Optional)
Step 4: Kustomize Patch and Endpoint Exposure (Optional)
Additional customization using Kustomize and exposing the endpoint by adding a VirtualService as an additional manifest:
Final Redis Deployment Result