From 6d7bc432ab22ea24bb3e1dcc582f255af7402d45 Mon Sep 17 00:00:00 2001
From: Pierre Smeyers <pierre.smeyers@gmail.com>
Date: Tue, 20 Dec 2022 19:07:03 +0100
Subject: [PATCH] refactor: remove snapshot publish in package job
---
README.md | 50 +++++++------------------
kicker.json | 71 ++++++------------------------------
templates/gitlab-ci-helm.yml | 39 +++++---------------
3 files changed, 35 insertions(+), 125 deletions(-)
diff --git a/README.md b/README.md
index 3addf35..4bbda23 100644
--- a/README.md
+++ b/README.md
@@ -292,55 +292,33 @@ This job runs [Kube-Score](https://kube-score.com/) on the resources to be creat
| `HELM_KUBE_SCORE_IMAGE` | The Docker image used to run [Kube-Score](https://kube-score.com/) | `zegl/kube-score:latest-helm3` |
| `HELM_KUBE_SCORE_ARGS` | Arguments used by the helm-score job | _none_ |
-### Charts publishing
+### `helm-package` job
-The template builds a chart package that may be pushed as two distinct packages, depending on a certain _workflow_:
+This job [packages](https://helm.sh/docs/helm/helm_package/) the Helm chart. It uses the following variables:
-1. **snapshot**: the chart is first packaged and then pushed to some registry as
- the **snapshot** image. It can be seen as the raw result of the build, but still **untested and unreliable**.
-2. **release**: once the snapshot chart has been thoroughly tested (both by `package-test` stage jobs and/or `acceptance`
- stage jobs after being deployed to some server), then the chart is pushed one more time as the **release** chart.
- This second push can be seen as the **promotion** of the snapshot chart being now **tested and reliable**.
-
-Common variables for `helm-package` and `helm-pusblish`:
-
-| Name | description | default value |
-| --------------------------------- | -------------------------------------------- | ----------------------- |
-| `HELM_REPO_PUBLISH_METHOD` | HTTP method to use to push the package | `POST` |
-| :lock: `HELM_REPO_USER` | Helm registry username | `$CI_REGISTRY_USER` |
-| :lock: `HELM_REPO_PASSWORD` | Helm registry password | `$CI_REGISTRY_PASSWORD` |
-
-#### `helm-package` job
-
-This job [packages your chart into an archive](https://helm.sh/docs/helm/helm_package/), optionaly push it to a snapshot repository and uses the following variables:
-
-| Name | description | default value |
-| ------------------------------------- | ---------------------------------------- | ----------------- |
-| `HELM_PACKAGE_ARGS` | The Helm [command with options](https://helm.sh/docs/helm/helm_package/) to perform the packaging (_without dynamic arguments such as the chart path_) | `package --dependency-update` |
-| `HELM_SEMREL_RELEASE_DISABLED` | Set to `true` to disable usage of `semantic-release` release info for helm package (see next chapter) | _none_ (enabled) |
-| `HELM_PUBLISH_SNAPSHOT_URL` | The URL of the Helm repository to publish your Helm package as a snapshot | _gitlab repository on snapshot channel_ `${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/helm/api/snapshot/charts` |
-| `HELM_REPO_SNAPSHOT_PUBLISH_METHOD` | HTTP method to use to push the package | `$HELM_REPO_PUBLISH_METHOD` |
-| `HELM_REPO_SNAPSHOT_USER` | Snapshot repository username | `$HELM_REPO_USER` |
-| :lock: `HELM_REPO_SNAPSHOT_PASSWORD` | Snapshot repository password | `$HELM_REPO_PASSWORD` |
+| Name | description | default value |
+| ----------------------------------- | --------------------------------------------- | --------------------------------- |
+| `HELM_PACKAGE_ARGS` | The Helm [command with options](https://helm.sh/docs/helm/helm_package/) to perform the packaging (_without dynamic arguments such as the chart path_) | `package --dependency-update` |
+| `HELM_SEMREL_RELEASE_DISABLED` | Set to `true` to disable usage of `semantic-release` release info for helm package (see next chapter) | _none_ (enabled) |
#### `semantic-release` integration
-If you activate the [`semantic-release-info` job from the `semantic-release` template](https://gitlab.com/to-be-continuous/semantic-release/#semantic-release-info-job), the `helm-publish` job will automatically use the generated next version info for both application version (`--app-version`) and chart version (`--version`).
+If you activate the [`semantic-release-info` job from the `semantic-release` template](https://gitlab.com/to-be-continuous/semantic-release/#semantic-release-info-job), the `helm-package` job will automatically use the generated next version info for the chart version (`--version`).
-If no next version info is generated by `semantic-release`, the package will be created, but without versioning info.
+If no next version info is determined by `semantic-release`, the package will be created, but without versioning info.
Note: You can disable the `semantic-release` integration described herebefore the `HELM_SEMREL_RELEASE_DISABLED` variable.
-#### `helm-publish` job
+### `helm-publish` job
-This job push helm package to a release repository and uses the following variables:
+This job publishes the packaged chart to a release repository or registry. It uses the following variables:
| Name | description | default value |
| ----------------------------------- | --------------------------------------------- | --------------------------------- |
-| `HELM_PUBLISH_URL` | The URL of the Helm repository to publish your Helm package | _gitlab repository on release channel_ `${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/helm/api/release/charts` |
-| `HELM_REPO_RELEASE_PUBLISH_METHOD` | HTTP method to use to push the package | `$HELM_REPO_PUBLISH_METHOD` |
-| `HELM_REPO_RELEASE_USER` | Release repository username (for PUT request auth) | `$HELM_REPO_USER` |
-| :lock: `HELM_REPO_RELEASE_PASSWORD` | Release repository password (for PUT request auth) | `$HELM_REPO_PASSWORD` |
+| `HELM_PUBLISH_METHOD` | HTTP method to use to push the package | `POST` |
+| :lock: `HELM_PUBLISH_USER` | Helm registry username | `$CI_REGISTRY_USER` |
+| :lock: `HELM_PUBLISH_PASSWORD` | Helm registry password | `$CI_REGISTRY_PASSWORD` |
+| `HELM_PUBLISH_URL` | The URL of the Helm repository to publish your Helm package | `${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/helm/api/release/charts` ([Helm chart registry for GitLab](https://docs.gitlab.com/ee/user/packages/helm_repository/#publish-a-package) on _release_ channel) |
### `helm-test` job
diff --git a/kicker.json b/kicker.json
index 445a4b2..5e5bc77 100644
--- a/kicker.json
+++ b/kicker.json
@@ -82,24 +82,6 @@
"description": "The name of the Helm [value](https://helm.sh/docs/chart_best_practices/values/) containing the _environment hostname_ (extracted from the environment URL)",
"default": "hostname",
"advanced": true
- },
- {
- "name": "HELM_REPO_USER",
- "description": "Helm repository username",
- "default": "$CI_REGISTRY_USER",
- "advanced": true
- },
- {
- "name": "HELM_REPO_PASSWORD",
- "description": "Helm repository password",
- "default": "$CI_REGISTRY_PASSWORD",
- "advanced": true
- },
- {
- "name": "HELM_REPO_PUBLISH_METHOD",
- "description": "HTTP method to use to push the package",
- "default": "POST",
- "advanced": true
}
],
"features": [
@@ -190,36 +172,7 @@
"description": "Disable semantic-release integration",
"type": "boolean",
"advanced": true
- },
- {
- "name": "HELM_PUBLISH_SNAPSHOT_URL",
- "description": "The URL of the Helm repository to publish your Helm package as a snapshot",
- "default": "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/helm/api/snapshot/charts",
- "advanced": true
- },
- {
- "name": "HELM_REPO_SNAPSHOT_USER",
- "description": "Snapshot repository username",
- "default": "$HELM_REPO_USER",
- "secret": true,
- "advanced": true
- },
- {
- "name": "HELM_REPO_SNAPSHOT_PASSWORD",
- "description": "Snapshot repository password",
- "default": "$HELM_REPO_PASSWORD",
- "secret": true,
- "advanced": true
- },
- {
- "name": "HELM_REPO_SNAPSHOT_PUBLISH_METHOD",
- "description": "HTTP method to use to push the snapshot package",
- "default": "$HELM_REPO_PUBLISH_METHOD",
- "advanced": true
}
-
-
-
]
},
{
@@ -234,23 +187,21 @@
"advanced": true
},
{
- "name": "HELM_REPO_RELEASE_USER",
- "description": "Release repository username",
- "default": "$HELM_REPO_USER",
- "secret": true,
- "advanced": true
+ "name": "HELM_PUBLISH_USER",
+ "description": "Helm repository username",
+ "default": "$CI_REGISTRY_USER",
+ "secret": true
},
{
- "name": "HELM_REPO_RELEASE_PASSWORD",
- "description": "Release repository password",
- "default": "$HELM_REPO_PASSWORD",
- "secret": true,
- "advanced": true
+ "name": "HELM_PUBLISH_PASSWORD",
+ "description": "Helm repository password",
+ "default": "$CI_REGISTRY_PASSWORD",
+ "secret": true
},
{
- "name": "HELM_REPO_RELEASE_PUBLISH_METHOD",
- "description": "HTTP method to use to push the release package",
- "default": "$HELM_REPO_PUBLISH_METHOD",
+ "name": "HELM_PUBLISH_METHOD",
+ "description": "HTTP method to use to push the package",
+ "default": "POST",
"advanced": true
}
]
diff --git a/templates/gitlab-ci-helm.yml b/templates/gitlab-ci-helm.yml
index 40f333c..8e9c6c9 100644
--- a/templates/gitlab-ci-helm.yml
+++ b/templates/gitlab-ci-helm.yml
@@ -59,8 +59,7 @@ variables:
HELM_SCRIPTS_DIR: "."
HELM_PACKAGE_ARGS: "package --dependency-update"
HELM_PUBLISH_URL: "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/helm/api/release/charts"
- HELM_PUBLISH_SNAPSHOT_URL: "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/helm/api/snapshot/charts"
- HELM_REPO_PUBLISH_METHOD: "POST"
+ HELM_PUBLISH_METHOD: "POST"
HELM_REPOS: "stable@https://charts.helm.sh/stable bitnami@https://charts.bitnami.com/bitnami"
@@ -439,17 +438,16 @@ stages:
helm_opts="$helm_opts --namespace $namespace"
fi
- package=$(ls -1 ./helm_packages/*.tgz 2>/dev/null || echo "")
- package=${package:-$HELM_DEPLOY_CHART}
- if [ -z "${package}" ]; then
+ chart=${HELM_DEPLOY_CHART:-$HELM_CHART_DIR}
+ if [ -z "${chart}" ]; then
log_error "No Chart to deploy! Please use \\e[32m\$HELM_DEPLOY_CHART\\e[0m to deploy a chart from a repository"
log_error "Or check the provided variables to package your own chart!"
exit 1
fi
- log_info "--- using \\e[32mpackage\\e[0m: \\e[33;1m${package}\\e[0m"
+ log_info "--- using \\e[32mchart\\e[0m: \\e[33;1m${chart}\\e[0m"
# shellcheck disable=SC2086
- helm ${TRACE+--debug} $helm_opts $HELM_DEPLOY_ARGS $environment_name $package
+ helm ${TRACE+--debug} $helm_opts $HELM_DEPLOY_ARGS $environment_name $chart
# maybe execute post deploy script
postscript="$HELM_SCRIPTS_DIR/helm-post-deploy.sh"
@@ -773,30 +771,14 @@ helm-package:
if [[ "$SEMREL_INFO_ON" ]] && [[ "$SEMREL_INFO_NEXT_VERSION" ]] && [[ "$HELM_SEMREL_RELEASE_DISABLED" != "true" ]]
then
log_info "semantic-release info is activated, using computed next version for release: \\e[1;94m${SEMREL_INFO_NEXT_VERSION}\\e[0m"
- helm_version_opts="--app-version ${SEMREL_INFO_NEXT_VERSION} --version ${SEMREL_INFO_NEXT_VERSION}"
+ helm_version_opts="--version ${SEMREL_INFO_NEXT_VERSION}"
fi
- helm $HELM_PACKAGE_ARGS ${TRACE+--debug} $helm_version_opts $HELM_CHART_DIR --destination helm_packages
- - |
- package=$(ls -1 ./helm_packages/*.tgz 2>/dev/null || echo "")
- if [ -n "$HELM_PUBLISH_SNAPSHOT_URL" ] && [ -n "${package}" ]
- then
- package_file=$(basename ${package})
- log_info "publishing helm chart ${package_file} to snapshot url: ${HELM_PUBLISH_SNAPSHOT_URL}"
- username="${HELM_REPO_SNAPSHOT_USER:-${HELM_REPO_USER:-$CI_REGISTRY_USER}}"
- password="${HELM_REPO_SNAPSHOT_PASSWORD:-${HELM_REPO_PASSWORD:-$CI_REGISTRY_PASSWORD}}"
- method="${HELM_REPO_SNAPSHOT_PUBLISH_METHOD:-$HELM_REPO_PUBLISH_METHOD}"
- if [[ "$method" == "POST" ]]
- then
- maybe_install_curl
- curl --fail --request POST --form "chart=@${package}" --user "$username:$password" $HELM_PUBLISH_SNAPSHOT_URL
- else
- wget -v --method=PUT --user="$username" --password="$password" --body-file="${package}" "$HELM_PUBLISH_SNAPSHOT_URL/${package_file}" -O -
- fi
- fi
rules:
- exists:
- "**/Chart.yaml"
artifacts:
+ name: "$CI_JOB_NAME artifacts from $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG"
expire_in: 1 week
paths:
- helm_packages/
@@ -814,10 +796,9 @@ helm-publish:
then
package_file=$(basename ${package})
log_info "publishing helm chart ${package_file} to release url: ${HELM_PUBLISH_URL}"
- username="${HELM_REPO_RELEASE_USER:-${HELM_REPO_USER:-$CI_REGISTRY_USER}}"
- password="${HELM_REPO_RELEASE_PASSWORD:-${HELM_REPO_PASSWORD:-$CI_REGISTRY_PASSWORD}}"
- method="${HELM_REPO_RELEASE_PUBLISH_METHOD:-$HELM_REPO_PUBLISH_METHOD}"
- if [[ "$method" == "POST" ]]
+ username="${HELM_PUBLISH_USER:-$CI_REGISTRY_USER}"
+ password="${HELM_PUBLISH_PASSWORD:-$CI_REGISTRY_PASSWORD}"
+ if [[ "$HELM_PUBLISH_METHOD" == "POST" ]]
then
maybe_install_curl
curl --fail --request POST --form "chart=@${package}" --user "$username:$password" $HELM_PUBLISH_URL
--
GitLab