ci: publish Helm chart repository via chart-releaser on release tags#200
Draft
aslakknutsen wants to merge 1 commit intonetworking-incubator:mainfrom
Draft
ci: publish Helm chart repository via chart-releaser on release tags#200aslakknutsen wants to merge 1 commit intonetworking-incubator:mainfrom
aslakknutsen wants to merge 1 commit intonetworking-incubator:mainfrom
Conversation
github-actions
bot
added
area/infrastructure
Contributor
There was a problem hiding this comment.
Pull request overview
Automates publishing the Helm chart as a GitHub Pages-hosted Helm repository on version tags, using helm/chart-releaser-action as part of the existing release workflow.
Changes:
- Add a
publish-helm-chart-repojob to package the chart and run chart-releaser (upload + index update togh-pages). - Stop attaching
dist/*.tgzto the version-tag GitHub release so chart-releaser is the sole publisher of the chart asset. - Add
.cr.yamlconfiguration and documenthelm repo addinstallation via GitHub Pages in the chart README.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
charts/coraza-kubernetes-operator/README.md |
Documents installing the chart from a GitHub Pages Helm repo. |
.github/workflows/release.yml |
Adds chart-repo publishing job and removes .tgz from the tag release assets. |
.cr.yaml |
Configures chart-releaser to push the Helm index to the gh-pages branch. |
| run: | | ||
| rm -rf .cr-release-packages | ||
| mkdir -p .cr-release-packages | ||
| make release.manifests |
There was a problem hiding this comment.
make release.manifests runs helm.sync (which can modify tracked chart files). If the repo ends up with a dirty working tree, chart-releaser’s cr index --push step can fail when switching branches (or accidentally include unrelated changes). It would be safer to assert the tree is clean after packaging (and fail early if not), or otherwise ensure the packaging step doesn’t leave local modifications before invoking chart-releaser.
Suggested change
| make release.manifests | |
| make release.manifests | |
| # Ensure no tracked files were modified by packaging (e.g., via helm.sync) | |
| if [[ -n "$(git status --porcelain --untracked-files=no)" ]]; then | |
| echo "::error::Working tree is dirty after 'make release.manifests'. Aborting chart release." | |
| echo "Modified tracked files:" | |
| git status --porcelain --untracked-files=no | |
| echo "Diff:" | |
| git diff | |
| exit 1 | |
| fi |
Add publish-helm-chart-repo job using helm/chart-releaser-action with skip_packaging and Makefile-built tarballs in .cr-release-packages. Stop attaching dist/*.tgz from softprops; chart-releaser uploads the chart. Add .cr.yaml (gh-pages) and document helm repo add for GitHub Pages. Resolves networking-incubator#175 Signed-off-by: Aslak Knutsen <aslak@4fs.no>
aslakknutsen
force-pushed
the
feat/issue-30-chart-releaser
branch
from
f45d695 to
6b7d270
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Add a
publish-helm-chart-repojob to the release workflow that useshelm/chart-releaser-action(withskip_packaging) to publish the Helm chart to a GitHub Pages-hosted repository on each version tag.make release.manifests, places the tarball in.cr-release-packages/, and delegates upload + index update to chart-releaser.dist/*.tgzfrom thesoftprops/action-gh-releasestep so chart-releaser is the sole publisher of the chart asset (avoids duplicate uploads)..cr.yamlpointing atgh-pagesand documentshelm repo addusage in the chart README.Resolves: #175
Manual steps after merge
One-time (repository setup)
gh-pagesbranch — the first successfulpublish-helm-chart-reporun will pushindex.yamlthere viacr index --push. The branch does not need to exist beforehand (chart-releaser creates it), but if the push fails due to branch protection, create an emptygh-pagesbranch manually.gh-pages, folder/(root). This can only be done aftergh-pagesexists.Verification on first release tag
vX.Y.Z) and confirm thepublish-helm-chart-repojob succeeds in Actions.crds.yaml,operator.yaml,samples.yaml(no.tgz).<chart-name>-<version>): contains the chart.tgz;index.yamlongh-pagesreferences it.Test plan
gh-pagesbranch is created/updated withindex.yamlhelm repo add+helm search reporeturns the chart.tgz(only manifests)mark_as_latest: false