Helm deployments#1156
Merged
Merged
Conversation
Currently set to false for now
Sam Gibson (samgibsonmoj)
had a problem deploying
to
dev
GitHub Actions
Failure
Sam Gibson (samgibsonmoj)
had a problem deploying
to
dev
GitHub Actions
Failure
✅ No Schema ChangesNo schema changes detected in this PR. |
Sam Gibson (samgibsonmoj)
force-pushed
the
feature/ci-workflow
branch
from
c5bc7df to
57085f2
Compare
Sam Gibson (samgibsonmoj)
had a problem deploying
to
dev
GitHub Actions
Failure
Sam Gibson (samgibsonmoj)
had a problem deploying
to
dev
GitHub Actions
Failure
Limitations with dotnet publish container means digests cannot be appended to pin an image
Sam Gibson (samgibsonmoj)
force-pushed
the
feature/ci-workflow
branch
from
52d0ce7 to
b0d90fe
Compare
Sam Gibson (samgibsonmoj)
temporarily deployed
to
dev
GitHub Actions
Inactive
Contributor
Author
|
FYI I've opted out of using the |
Copilot started reviewing on behalf of
Carl Sixsmith (carlsixsmith-moj)
June 22, 2026 19:41
View session
Contributor
There was a problem hiding this comment.
Pull request overview
This PR migrates CATS deployment from hand-written Kubernetes manifests to a Helm-based approach, adding a first-party chart with environment overlays and updating GitHub Actions workflows to build images and deploy via helm upgrade --install.
Changes:
- Introduces a Helm chart (
helm_deploy/cats) with env-specific values and templates for Redis, RabbitMQ, migrator/seeder pods, and an optional RDS port-forward deployment. - Replaces the deploy workflow to build/push containers with
docker buildand deploy via Helm (including separate Helm releases for migrate/seed). - Adds a CI workflow to lint/template the Helm chart for dev/staging/production.
Reviewed changes
Copilot reviewed 31 out of 32 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| src/Worker/Dockerfile | New Dockerfile for Worker container image build/publish. |
| src/Server.UI/Dockerfile | New Dockerfile for Server.UI container image build/publish. |
| src/DatabaseSeeding/Dockerfile | New Dockerfile for DatabaseSeeding container image build/publish. |
| src/Database/Dockerfile | Updates base SDK/runtime image versions for database/migrator image build. |
| infra/seeder-pod.yml | Removes legacy manifest (replaced by Helm templates). |
| infra/redis-service.yml | Removes legacy manifest (replaced by Helm templates). |
| infra/redis-deployment.yml | Removes legacy manifest (replaced by Helm templates). |
| infra/rabbitmq-service.yml | Removes legacy manifest (replaced by Helm templates). |
| infra/rabbitmq-deployment.yml | Removes legacy manifest (replaced by Helm templates). |
| infra/port-forward-deployment.yml | Removes legacy manifest (replaced by Helm templates). |
| infra/migrator-pod.yml | Removes legacy manifest (replaced by Helm templates). |
| infra/cats-worker-service.yml | Removes legacy manifest (replaced by Helm templates). |
| infra/cats-worker-deployment.yml | Removes legacy manifest (replaced by Helm templates). |
| infra/cats-service.yml | Removes legacy manifest (replaced by Helm templates). |
| infra/cats-ingress.yml | Removes legacy manifest (replaced by Helm via generic-service dependency). |
| infra/cats-deployment.yml | Removes legacy manifest (replaced by Helm via generic-service dependency). |
| helm_deploy/cats/values.yaml | Adds chart defaults and per-component enablement switches, env vars, and secret mappings. |
| helm_deploy/cats/values-dev.yaml | Adds dev overlay values (host/env overrides). |
| helm_deploy/cats/values-staging.yaml | Adds staging overlay values (host/env overrides). |
| helm_deploy/cats/values-production.yaml | Adds production overlay values (host/class/resources/env overrides). |
| helm_deploy/cats/templates/seeder-pod.yaml | Adds Helm-templated seeder pod (opt-in). |
| helm_deploy/cats/templates/migrator-pod.yaml | Adds Helm-templated migrator pod (opt-in). |
| helm_deploy/cats/templates/redis.yaml | Adds Helm-templated Redis Deployment + Service (opt-in). |
| helm_deploy/cats/templates/rabbitmq.yaml | Adds Helm-templated RabbitMQ Deployment + Service (opt-in). |
| helm_deploy/cats/templates/rds-port-forward-deployment.yaml | Adds optional RDS port-forward helper Deployment (opt-in). |
| helm_deploy/cats/templates/_helpers.tpl | Adds shared helper template for database env var injection. |
| helm_deploy/cats/Chart.yaml | Adds chart metadata and generic-service dependencies (app + worker). |
| helm_deploy/cats/.helmignore | Adds Helm ignore rules. |
| .github/workflows/validate-helm.yml | Adds PR-time Helm lint/template validation workflow. |
| .github/workflows/deploy.yml | Updates deployment workflow to build/push Docker images and deploy via Helm. |
| .gitignore | Ignores Helm dependency artifacts (charts/, Chart.lock). |
| .dockerignore | Adds docker build context exclusions to speed up/clean builds. |
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Sam Gibson (samgibsonmoj)
requested a review
from Carl Sixsmith (carlsixsmith-moj)
Carl Sixsmith (carlsixsmith-moj)
approved these changes
Jun 23, 2026
Carl Sixsmith (carlsixsmith-moj)
pushed a commit
that referenced
this pull request
Jun 25, 2026
* Environment selection * Helm deployments (with hmpps charts) * Pin helm setup * Add helm validation ci step * Health checks for redis/rabbit + templates * Bump sdk * Add flag for enabling/disabling prometheus alerts Currently set to false for now * Fix for recreate strategy - most override rolling updates * Chart cleanup * Add gating to manifests * Add --wait-for-jobs to wait until completion * Cleanup prometheus alerts (temporarily disabled) * ModSec: enable WAF (detection only) * use pods instead of jobs for migrate/seeding * Remove/ignore Chart.lock * Use CP's modsec defaults * Translate port-forward-deployment to helm * Remove readme * Reset global.json * Pin .NET runtime/sdk version in Dockerfile * Pin dotnet container publishes to immutable digests * Remove redundant sqlpackage install * Add dockerfile's to individual projects Limitations with dotnet publish container means digests cannot be appended to pin an image * Update helper comment Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * Explicit port forward deploy for environments, excluding non-dev envs --------- Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request introduces Helm-based deployment for the CATS application, replacing the previous Kubernetes manifest approach. It adds a new Helm chart with environment-specific values, updates the deployment workflow to use Helm, and introduces a CI workflow to validate Helm changes. Additionally, supporting deployments for Redis, RabbitMQ, and RDS port-forwarding are included, along with security and configuration improvements.