Should Helm dependencies (charts folder) be version controlled?

Question

I've devised below way for managing helm chart dependencies in the context of CI/CD pipelines and not sure it's correct.

• each chart source code has to be in a dedicated repository as a convention.
• each chart should specify its dependencies in Chart.yaml under dependencies field
• folder charts should be in .gitignore
• CI pipelines will:
  • run helm repo add for each dependency helm repo
  • run helm dependency build to download dependencies to charts folder according to lock file.
  • run helm package in order to include charts folder in the built chart during release phase. Built chart will be promoted to higher environments and pipelines as is with its dependencies (no dependency updates will be performed there).

What's the industry standard way for managing dependencies of a helm chart (should they be ignored in .gitignore?)

Answer 1

In general, binary dependencies should not be committed to git if they can easily be downloaded in a reproducible way. Also, if you look at some of the popular charts, for example the bitnami charts, they do indeed ignore chart dependencies. Similarly the kube-prometheus-stack also ignores the charts subdirectories. So I think it's safe to say that this is a best practice.

With that said, most chart dependency tarballs tend to be pretty small, so IMHO as long as they are not constantly being updated, it's probably fine to add them to git if it makes the build/deploy process simpler.