Deploy with Helm

4 minute read

Package, push, install, and uninstall Helm charts in your CloudBees Unify workflows using CloudBees Helm actions.

Pushing a Helm chart requires OCI registry credentials to be configured before the push step. Refer to Configure container registry credentials.

Package a Helm chart

Use the cloudbees-io/helm-package action to package a Helm chart directory into a versioned TGZ archive file.

All CloudBees action repositories are listed at CloudBees, Inc. on GitHub.

Inputs

Table 1. Input details
Input name Data type Required? Description

chart

String

Yes

The path of the Helm chart to be packaged.

destination

String

Yes

The path of the packaged Helm chart.

version

String

Yes

The Helm release version.

app-version

String

Yes

The application version.

verify

Boolean

No

Default is false. When value is true, the package is verified.

sign

Boolean

No

Default is false. When value is true, the package is signed.

sign-key

String

No

The signing key.

Usage example

In your YAML file, add:

- name: Package Helm chart uses: https://github.com/cloudbees-io/helm-package@v1 with: chart: ./charts/example destination: ./output-directory version: "0.0.1" app-version: "0.3.0" verify: "false" sign: "false" sign-key: "mykeyname"

Push a Helm chart

Use the cloudbees-io/helm-push action to publish a packaged Helm chart to an OCI registry. The action also registers the chart as a trackable artifact in CloudBees Unify.

All CloudBees action repositories are listed at CloudBees, Inc. on GitHub.

Automatic artifact data reporting

This action reports artifact-related data to the workflow run for artifact traceability purposes.

Do not include the Register and track artifacts action for the same artifact version, as the resulting run would register duplicate artifact entries to CloudBees Unify.

Inputs

Table 2. Input details
Input name Data type Required? Description

artifact-name

String

No

The name of the artifact, used when registering the build artifact in CloudBees Unify. If not provided, the artifact name defaults to the name of the chart.

chart

String

Yes

The path of the Helm chart package to be published.

commit

String

No

The commit ID from the source repository, used when registering the build artifact in CloudBees Unify. Default is ${{ cloudbees.scm.sha }}.

component-id

String

No

The component ID associated with the artifact. If not provided, the artifact is registered with the component of the current workflow run. Default is ${{ cloudbees.component.id }}.

ref

String

No

The ref or branch of the source repository, used when registering the build artifact in CloudBees Unify. Default is ${{ cloudbees.scm.ref }}.

remote

String

Yes

The URL of the published Helm chart package.

repository-url

String

No

The clone URL of the source repository, used when registering the build artifact in CloudBees Unify. Default is ${{ cloudbees.scm.repositoryUrl }}.

Outputs

Table 3. Output details
Output name Data type Description

artifact-id

String

The unique identifier of the artifact reported to CloudBees Unify.

chart

String

The image reference pointing to the chart upload location.

version

String

The version of the uploaded Helm chart package.

Usage examples

The following examples show a basic push and a full workflow that packages, configures registry credentials, pushes, and verifies the output.

Basic example

- name: Push Helm chart uses: https://github.com/cloudbees-io/helm-push@v1 with: chart: ./charts/example remote: oci://registry.example.com/example

Full workflow example

The following workflow packages and publishes a Helm chart to an AWS ECR registry, which is compatible with Open Container Initiative (OCI) standards, then verifies the output.

Example workflow YAML file
apiVersion: automation.cloudbees.io/v1alpha1 kind: workflow name: test on: push: branches: - '**' jobs: test: permissions: scm-token-own: read id-token: write steps: - name: Get source code uses: cloudbees-io/checkout@v1 with: repository: my-name/my-repo-name - name: Package the Helm chart id: package uses: cloudbees-io/helm-package@v1 with: chart: my-name/my-repo-name/charts/example destination: ./chart-output - name: Login to AWS uses: https://github.com/cloudbees-io/configure-aws-credentials@v1 with: aws-region: us-east-1 role-to-assume: ${{ vars.oidc_staging_iam_role }} role-duration-seconds: "3600" - name: Configure container registry for staging ECR id: ecrconfig uses: cloudbees-io/configure-ecr-credentials@v1 - name: Push Helm chart id: push-chart uses: cloudbees-io/helm-push@v1 with: chart: ${{ steps.package.outputs.chart }} remote: oci://123456789012.dkr.ecr.us-east-1.amazonaws.com/for-testing - name: Verify the output uses: docker://alpine/helm:3.12.1 run: | set -x [ "$CHART" = oci://123456789012.dkr.ecr.us-east-1.amazonaws.com/for-testing/example-chart ] [ "$VERSION" = 3.2.1 ] MANIFEST="$(helm template myrelease $CHART --version=$VERSION)" echo "$MANIFEST" | grep -q "my example data" echo "The artifact ID for $CHART:$VERSION is ${{ steps.push-chart.outputs.artifact-id }}" env: CHART: ${{ steps.push-chart.outputs.chart }} VERSION: ${{ steps.push-chart.outputs.version }}

After the run completes, the artifact version and chart reference output display in both Components  Artifacts and Run details  Build artifacts in CloudBees Unify.

Artifact details
Figure 1. Artifact information in Run details  Build artifacts

Install a Helm chart

Use the cloudbees-io/helm-install action to install a Helm chart into a Kubernetes cluster.

This action does not support using Helm charts from traditional Helm repositories, because it does not expose a repository input.
All CloudBees action repositories are listed at CloudBees, Inc. on GitHub.

Inputs

Table 4. Input details
Input name Data type Required? Description

release-name

String

Yes

The Helm release name.

chart-location

String

Yes

The Helm chart location, which is one of the following:

  • An OCI-based chart URL.

  • A local chart in TGZ archive format.

  • An unpacked local chart directory.

Usage example

In your YAML file, add:

- name: Install Helm chart uses: https://github.com/cloudbees-io/helm-install@v1 with: release-name: nginx chart-location: oci://ghcr.io/nginxinc/charts/nginx-ingress

Uninstall a Helm chart

Use the cloudbees-io/helm-uninstall action to remove a Helm chart release from a Kubernetes cluster.

All CloudBees action repositories are listed at CloudBees, Inc. on GitHub.

Inputs

Table 5. Input details
Input name Data type Required? Description

release-name

String

Yes

The Helm chart release name.

namespace

String

Yes

The Kubernetes namespace.

Usage example

In your YAML file, add:

- name: Uninstall Helm chart uses: https://github.com/cloudbees-io/helm-uninstall@v1 with: release-name: nginx namespace: default