Allow users other than root to use helm plugins

[aperigault]

Hi,
as discussed in this issue #1134, I propose to allow all users to go through root directory to be able to use helm plugins in container running as non root users.

[aperigault]

Hi @mumoshu, what do you think about that?

[mumoshu]

@aperigault Hey! Thanks. Honestly speaking I don't understand for what usecase this can be helpful.

How did you test this? What was your example usecase and the exact docker-run command you used to verify this?

[mumoshu]

Or maybe you tried to complement #1134 (comment) and tried to fix #1134 (comment)?

[aperigault]

Hi!
My use case is to run this container as non root in kubernetes due to PSP limitations and use plugins installed in /root folder.
Yes I want to fix #1134 (comment)

[aperigault]

Hi @mumoshu, do you think this is a good workaround ?

[pathob]

As already mentioned by a couple of users here, the current Helmfile image is pretty useless in many cases. I tried to use it in a Jenkins pipeline and there is either a permission problem and if you adjust the UID / GID to a non-root user, you cannot use the Helm plugins.

A more clean approach than in this PR, would probably be to set the HELM_HOME variable, create a non-root user and set a workdir.

For those who stumble across the tickets here or this PR, I recommend using the Helmfile image by Jenkins. https://github.com/jenkins-infra/docker-helmfile The only thing I needed to adjust was overriding the entrypoint (--entrypoint=""). Works like a charm for us.

[mumoshu]

I'm not sure if forcing everyone to use non-root user within a helmfile container is the right thing to do either, as it might limit debugging operations within the container. Or perhaps I'm still missing something? 🤔

Probably this is a good workaround. This is almost a year old but it's better done than nothing! Thanks for your feedback and contribution. Merging.