Launching JFrog ChartCenter: The Helm Chart Central Repository for the Community
By
5 min read
UPDATE: As of May 1, 2021 – ChartCenter central repository has been sunset and all features deprecated. For more information on the sunsetting of the centers read the Centers deprecation blog post
The number of publicly available Helm charts is continuously growing and while this is great for the community, it can be challenging to navigate the vast sea of Helm charts and Helm chart repositories.
Like a ship’s captain, you need more than just a list of where you can go, but the details to ensure those under your charge arrive certainly and safely. Not just what can be seen on the surface, but what lies underneath, and the hazards that await.
This is why we’re proud to announce the launch of ChartCenter, a free, central repository of public Helm charts for the developer community.
The ChartCenter Edge
Through ChartCenter’s rich UI, you can search among thousands of Kubernetes-ready packages to find the ones you need. You can discover and launch applications distributed across many public repositories. In this way, ChartCenter is similar to the search services Helm Hub and Artifact Hub.
But ChartCenter is much more than a catalog. Powered by Artifactory, it’s a repository of Helm charts that holds immutable versions. So your Helm CLI can pull all the public Helm charts you use from a single, central place with certainty, and be your single source of truth.
Every stored Helm chart is also maintained with robust metadata that provides you critical information you need to make smart choices. Here’s what these features mean for you:
Immutable, Versioned Helm Charts
ChartCenter is your single source of truth for all chart versions. You can always be certain that the Helm chart version you use today is the same as the one you used last month, or last year, even if the Helm chart’s owner improperly changed or deleted it in their repo. ChartCenter will also flag that version if it happens, so you won’t be surprised. ChartCenter also provides a failsafe if the original repo becomes unavailable for any reason.
ChartCenter also maintains metadata for every Helm chart version, apiVersion and appVersion.
Usage Data
ChartCenter informs you where else a Helm chart is used as a dependency for another Helm chart (as a subchart).
Dependencies Identified
For every Helm chart version, ChartCenter identifies all of the dependencies used, including Docker images and subcharts. You can browse the UI to see all layers for each dependent Docker image.
Vulnerabilities Revealed
ChartCenter performs a vulnerability analysis of all the Helm chart’s dependent container images, powered by the deep-recursive scanning of JFrog Xray. So you can assess the security risks of any K8s app before you deploy it.
Security Mitigation for Maintainers
ChartCenter also provides chart maintainers the ability to provide mitigation notes and an overview of the status of their chart security on our UI. We’ve developed a security-mitigation.yaml file so you can tag CVEs and provide notes. These notes will be available once maintainers provide the yaml in an updated chart and they will be shown like this:
Using ChartCenter
Now that we’ve covered some of the features of ChartCenter, let’s cover how to use ChartCenter with a Helm client.
Step 1: Add ChartCenter as your Helm repository
Set your Helm client to use the ChartCenter repository as your single central location to consume charts:
$ helm repo add center https://repo.chartcenter.io
$ helm repo update
$ helm search repo center/
The last command will show a list of charts from around 200+ Helm repositories. We’ve made some index.yaml optimizations resulting in a smaller index.yaml size, which speeds up Helm client usage.
Step 2: Using ChartCenter as a repository
Let’s check a few Helm repositories:
$ helm search repo center/jfrog/artifactory-jcr
NAME CHART VERSION APP VERSION DESCRIPTION
center/jfrog/artifactory-jcr 2.3.1 7.5.7 JFrog Container Registry
$ helm search repo center/rancher
NAME CHART VERSION APP VERSION DESCRIPTION
center/rancher-stable/rancher 2.4.5 v2.4.5 Install Rancher Server to manage Kubernetes clu...
Here, you’re able to see how much easier it is to use one central repository than it is to add many Helm repositories.
Charting the Next Level
ChartCenter’s launch today is just the start of our voyage to better Helm Chart consumption. We’d also like to work directly with the community to build out these features and we’d love to get your input on things such as improvements to the UI, additional security information, Helm plugin considerations and Helm repository best practices.
