A Helm plugin to validate charts against the Datree policy
helm plugin install https://github.com/datreeio/helm-datree
Windows users can work around this by using Helm under WSL
helm plugin update datree
helm plugin uninstall datree
helm datree test [CHART_DIRECTORY]
If you need to pass helm arguments to your template, you will need to add -- before them:
helm datree test [CHART_DIRECTORY] -- --values values.yaml --set name=prod
By default, test files generated by Helm will be skipped. If you wish to include test files in your policy check, add the --include-tests flag:
helm datree test --include-tests [CHART_DIRECTORY]
helm datree version
helm datree help
Helm might be installed through other tooling like microk8s. The DATREE_HELM_COMMAND allows specifying a command to run helm (default: helm):
DATREE_HELM_COMMAND="microk8s helm3" helm datree test [CHART_DIRECTORY]
helm plugin install https://github.com/datreeio/helm-datree
git clone git@github.com:datreeio/examples.git
helm datree test examples/helm-chart/nginx
This is actually expected behavior because it's raised by Helm itself every time a plugin returns a non-zero exit code.
Therefore, if you will run datree plugin on a Chart that will pass the policy check, it will return 0 as exit code, and you will not see this error.
This error occurs when trying to scan Chart.yaml or values.yaml files instead of the chart directory.
Solution: Pass the helm chart directory path to Datree's CLI, instead of to the file itself:
- Correct -
helm datree test examples/helm-chart/nginx - Wrong -
helm datree test examples/helm-chart/nginx/values.yaml
The best way to determine if a false-positive result is a bug or a true misconfiguration, is by rendering the Kubernetes manifest with helm and then checking it manually:
helm template [CHART_DIRECTORY]
If after eyeballing the rendered manifest you still suspect it's a bug, please open an issue.