helm / chart-releaser Goto Github PK
View Code? Open in Web Editor NEWHosting Helm Charts via GitHub Pages and Releases
License: Apache License 2.0
Hosting Helm Charts via GitHub Pages and Releases
License: Apache License 2.0
Would it be possible to get a new release including my recent change that keeps the generated
field of the index updated?
Proposal:
/vendor
and /dist
dirsSee https://github.com/scottrigby/example-dep-no-vendor for how and why
Also see helm/chart-testing#29 (comment) for related discussion, some version of which was done for chart-testing.
When using the chart-releaser via the official GitHub chart-releaser Action on a repo containing the application as well as the Helm chart the tags that are created are confusing unless something is added to the chart name to clarify that it is a chart (see kubernetes-sigs/descheduler#248 (comment) & kubernetes/autoscaler#3393).
This results in the two charts above being called descheduler/descheduler-chart
& autoscaler/cluster-autoscaler-chart
respectively just to make sure the tags are created correctly.
It would be really useful to enable a custom tag prefix via the cr
command so these charts can loose the -chart
postfix from their name which is confusing and unnecessary beyond tagging concerns.
Hello,
I've noticed that cr index --push
does not work for Github Enterprise Users because it tries to use github.com
to push index file. The reason is that the base URL is hardcoded:
chart-releaser/pkg/releaser/releaser.go
Line 210 in c7da1f3
However, I dot not know if there is a straightforward way to fix it since git-base-url
is used to configure the GitHub API URL (https://ghe.example.com/api/v3/
) and not the GitHub base URL (https://ghe.example.com/
).
I could draft a PR, but I think I would need some advice on how best to fix this.
I guess we could / should have something like that:
property | Current | GitHub.com | GitHub Ent. |
---|---|---|---|
git-base-url |
https://api.github.com | https://github.com | https://ghe.example.com |
git-upload-url |
https://uploads.github.com | https://uploads.github.com | https://ghe.example.com/api/uploads |
git-api-url |
NA | https://api.github.com | https://ghe.example.com/api/v3 |
Best
I'm trying to use chart-releaser in a private repository.
Steps:
cr package ...
cr upload ...
cr index --push ...
helm repo add my_private_repo <owner>.github.io/<repo_name> --username <user> --password <token>
helm pull my_private_repo/<chart>
<-ERRORhttps://github.com/<owner>/<repo>/releases/download/<release>/<chart>.tgz
: 404 Not FoundAm I missing something or chart-releaser is useless on private repositories?
Consider enabling chartmuseum as a target instead of GitHub pages.
Reading the code and documentation I couldn't figure out how to use this for a repo with multiple charts in it. Does it even support such use cases?
likely operator error, but i'm having an issue setting up index.yaml
.
i'm trying to run via docker image with something like:
docker run \
--rm \
-v /Users/tony/git-alt/helm-charts/build:/build \
-e CR_OWNER=the-watchmen \
-e CR_GIT_REPO=helm-charts \
-e CR_PACKAGE_PATH=/build \
-e CR_INDEX_PATH=/build/index.yaml \
-e CR_CHARTS_REPO=https://github.com/the-watchmen/helm-charts \
-e CR_TOKEN={my-token} \
quay.io/helmpack/chart-releaser:v0.2.3 \
cr index
and seeing:
====> UpdateIndexFile new index at /build/index.yaml
Error: GET https://api.github.com/repos/the-watchmen/helm-charts/releases/tags/index: 404 Not Found []
contents of /Users/tony/git-alt/helm-charts/build
:
bash-3.2$ ls -la build
total 32
drwxr-xr-x 5 tony staff 160 Mar 22 13:29 .
drwxr-xr-x 9 tony staff 288 Mar 22 13:29 ..
-rw-r--r-- 1 tony staff 528 Mar 22 13:29 index.yaml
-rw-r--r-- 1 tony staff 1477 Mar 22 13:29 micro-service-1.0.0.tgz
-rw-r--r-- 1 tony staff 5542 Mar 22 13:29 tls-1.0.0.tgz
am i missing some pre-requisite steps?
i manually created a gh-pages
branch, but that didn't help.
here is the repo that i am working with...
Required for any security-related patches for previous (Helm 2) releases.
Branch from the commit before #47 was merged
In order to make cr
easier to aquire and upgrade chart-releaser (without having to manually go to the github releases page, download it, move it to bin/
, etc.), could this binary be made available on homebrew tap?
If you didn't want to submit it to the "main" homebrew tap or kubernetes tap, another option would be to update .goreleaser
to publish a cr.rb
file in the root of this project as part of the release process, and then users could do:
brew tap helm/chart-releaser https://github.com/helm/chart-releaser
brew install helm/chart-releaser/chart-releaser
That is a technique it appears other CLI tools are taking, though to be honest I can't speak to whether or not it's the best idea / if there are consequences of doing it that way
I was trying to use tags as v<sem_ver>
to create a release on github with the helm chart plus some other files and then rebuild the index correctly with cr index
. I didn't want to use the cr upload
command because it does not allow to upload other files easily and another process was already in place to create the release with a meaningful release note, etc.
But I hit the following issue:
Currently due to some assumptions on release tags made by the cr index
command (the presence of a -
in order to split package name and version), it is not possible to use such kind of "simple tags" because passing --release-name-template "{{ .Version }}
returns an index error here.
Proposed solution:
I think a user should be able to pass explicitly the package name (maybe as a template) and the package version as a template separately and if not provided fallback to the current assumption.
Following the instructions in README.md, the version from locally built binary is less than the current released version.
git clone https://github.com/helm/chart-releaser
cd chart-releaser
go mod download
go install ./...
go version
The binary is installed at $HOME/go/bin/cr
and when getting the version cr version
:
Version: v0.2.3
Git commit: 5e239bd19fbefb9eb0181ecf0c7ef73b8fe2753c
Date: 2019-11-22T14:28:30Z
License: Apache 2.0
The released version is v1.1.1, so expected that the version would be this or greater.
Current plan is this will be for the Helm chart-releaser GitHub app as a service.
Replace the current circle setup with gh-actions.
Have a build workflow, and a release-workflow which we can trigger by clicking.
When I suggested using semver spec Item 10 (metadata) for the chart name so we could still be semver compliant, I somehow missed this important point:
Build metadata SHOULD be ignored when determining version precedence. Thus two versions that differ only in the build metadata, have the same precedence. Examples: 1.0.0-alpha+001, 1.0.0+20130313144700, 1.0.0-beta+exp.sha.5114f85.
In our case, if there are two charts in a GitHub repo named foo
and bar
with the same version 1.0.0
, the tags 1.0.0+foo
and 1.0.0+bar
would have the same precedence 🤦♂️ @mattfarina confirmed this is how Helm handles build metadata. So… we can't do that.
I think we should go with what @prydonius suggested: CHARTNAME-VERSION
. This way it's not valid semver (git release tags don't need to be for this), and so bypasses it altogether. This is also the same pattern helm package
uses (minus the .tgz
).
This should be automated.
Right now, all your packages must be in your --package-path
directory when you build your index. I'd like to add the ability to build your index with only new packages in --package-path
. This way, you don't have to keep around the --package-path
directory and can use releases as the sole source of truth.
I can write in this functionality, I just want to make sure this is a welcome addition first.
We should probably write these for go test
.
Having the index.yaml
generated is great and all, but have you considered adding (or accepting a PR That adds) an index.html
that shows a simple list of all the charts and the latest version? So that who ever visits the chart repo URL we pass around have an idea of what's in the repo without having to parse the YAML
?
i have a repo with a series of charts in it and i just wrote a script to iterate over each chart
calling helm package
on every chart, and then call cr upload
on the result.
works the first time, but then the second time i get 422's.
to account for this situation, do you think cr
should ignore or warn on duplicates?
or do you think that the consumer should be smart enough to only generate packages for those things that have changed?
docker run \
--rm \
-v /Users/tony/git-alt/helm-charts/build:/build \
-e CR_OWNER=the-watchmen \
-e CR_GIT_REPO=helm-charts \
-e CR_PACKAGE_PATH=/build \
-e CR_TOKEN=$CR_TOKEN \
quay.io/helmpack/chart-releaser:v1.0.0-beta.1 \
cr upload
Error: error creating GitHub release: POST https://api.github.com/repos/the-watchmen/helm-charts/releases: 422 Validation Failed [{Resource:Release Field:tag_name Code:already_exists Message:}]
We agreed to move https://github.com/paulczar/charthub to https://github.com/helm/chart-releaser, but the project strings also now need to be renamed.
version: v0.2.3
helm version 2
I have configured the following in my config file chart-releaser.yaml
owner: SouthbankSoftware
git-repo: provendb-helm
package-path: ./
git-base-url: https://api.github.com/
git-upload-url: https://uploads.github.com/
token: 2332
charts-repo: provendb-helm
index-path: ./index.yaml
I could upload the helm chart correctly with
cr upload --config chart-releaser.yaml
When I create an index like this
cr index --config ./chart-releaser.yaml
I get the following error:
Error: Get provendb-helm/index.yaml: unsupported protocol scheme ""
Am I missing something?
Yo!
Been experimenting a bit with the chart-releaser in a private github repository to see if it would be possible to use for hosting charts. I think it could be possible to get it working with some small changes.
Current issues / limitations:
When chart-releaser downloads assets it assumes the project is public and uses browser url, would need to use assets api for private repos, and set this url in the generated index.
index would have to be public (gh-pages), exposing which packages exist.
it looks like you can do helm repo add helm-demo https://raw.githubusercontent.com/paulczar/helm-demo/master/docs
which would also be accessible with a personal access token
Downloading assets with helm client would require github token authorization, I think this stale proposal could probably resolve that. helm/helm#3102
Some teams choose to host their helm chart repos on a different branch for github pages. cr index
and cr upload
should have an option to specify which branch.
charts
|- chart1
|- charts
|- sub-chart1 -> ../../../sub-chart1
|- sub-chart1
In this case the ct lint
requires that the Chart.yaml
for chart1
have an entry for dependencies
such as:
dependencies:
- name: sub-chart1
version: ">= 0.0.0 || >= 0.0.0-0"
Problem is when I try to run cr package chart/chart1
i get:
Error: could not find protocol handler for:
if i run a helm dependency update
first then it generates a Chart.lock file and then the cr package
passes
make it so cr package
works for local dependencies without a Chart.lock file (or generate the lock file as part of the process if needed)
Hi all,
It seems that there is a problem with the new release for the homebrew tap formula. I get this error:
brew install chart-releaser
==> Installing chart-releaser from helm/tap
==> Downloading https://github.com/helm/chart-releaser/releases/download/v1.2.0/chart-releaser_1.2.0_darwin_amd64.tar.gz
==> Downloading from https://github-releases.githubusercontent.com/144605653/153ca700-719e-11eb-97aa-a88dc46c26db?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210219%2Fus
######################################################################## 100.0%
Error: An exception occurred within a child process:
Errno::ENOENT: No such file or directory - chart-releaser
https://github.com/helm/chart-releaser/blob/master/pkg/releaser/releaser.go#L210
github.com
is hardcoded in this line, which breaks cr index --push/--pr
when using Github Enterprise.
fork demo, then failed to create release:
chart-releaser upload -o daixiang0 -r helm-demo -t $token -p ~/helm-demo/ --recursive
--> Processing package demo-0.1.0.tgz
release "demo-0.1.0"====> Creating release demo-0.1.0
Error: failed to create a release: POST https://api.github.com/repos/daixiang0/helm-demo/releases: 404 Not Found []
Usage:
chart-releaser upload [flags]
Flags:
-h, --help help for upload
-o, --owner string github username or organization
-p, --path string Path to Helm Artifacts
--recursive recursively find artifacts
-r, --repo string github repository
-t, --token string Github Auth Token
Global Flags:
--config string config file (default is $HOME/.chart-releaser.yaml)
failed to create a release: POST https://api.github.com/repos/daixiang0/helm-demo/releases: 404 Not Found []
Hi, I have a single repo containing my container source and the relevant helm package.
I'd like to do the following on every push to master:
gh-pages
Altough I'm unsure how to do this since chart-releaser
will create the GitHub release itself, but there is no way to re-use that release for the image tag? Anyone doing the same?
When you create a release at an earlier commit point, cr upload
release a package at the current commit point in origin/master
.
As an example, I have ef6f90
that you want to be dgraph-0.0.6
, and I want to publish an earlier commit at c4a062de
that you want to be dgraph-0.0.5
* ef6ef90 - (HEAD -> master, origin/master, origin/HEAD) super duper tls secret support (#37) (2 days ago) <me>
* 5debc54 - some bug that was fixed (6 days ago) <another dev>
* c4a062e - ingress on steroids support (4 weeks ago) <me>
Then you do:
git checkout c4a062e
helm package charts/dgraph --destination .packages/
cr upload --config ~/.config/chart-releaser/config.yaml
It creates a tag at ef6ef90
, not c4a062e
.
I wanted the tag at c4a062e
or have a command option or other method to do that.
Current, does not work:
https://api.github.com/repos/tidepool-org/development/releases/tags/
vs
Updated, works:
Should I use cr index
to generate index.yaml file?
I ran
cr index -i ./index.yaml -p .deploy -o <MyID> -r charts -c https://github.xyz.com/MyID/charts/releases/download --token <myToken>
This returns
====> Using existing index at ./index.yaml
Error: error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string into Go value of type repo.IndexFile
Usage:
cr index [flags]
And index.yaml file contains
<h3>You are being redirected to your identity provider in order to authenticate.</h3>
But the same token works with cr upload
. So its not an issue token issue.
The tool works like a charm. However, tags should not only be named after the version. If you have different charts in one repo, you will sooner or later run into version conflicts. Plus, you cannot identify by the tag name which chart the tag is for.
Gave it a try but ran into the following when creating the index:
# Example
cr index --charts-repo https://my-repo/k8s/helm/charts --owner wallyqs --git-repo https://github.com/wallyqs/my-charts
====> UpdateIndexFile new index at .cr-index/index.yaml
Error: open .cr-release-packages: no such file or directory
Thanks :)
Hi,
I have a strange behaviour. When I try to run:
alias cr="docker run --rm -w /charts -v \$(pwd):/charts quay.io/helmpack/chart-releaser:v0.2.2 cr"
cr upload --config config.yaml -t 82a57cbf1885517dca002fa1a25c88c9222bbafa
I'm getting:
Error: error creating GitHub release: Post https://api.github.com/repos/CrowdfoxGmbH/cfcharts/releases: x509: certificate signed by unknown authority
Which is not the case. I can do:
docker run --rm quay.io/helmpack/chart-releaser:v0.2.1 apk add curl && curl https://api.github.com/repos/crowdfoxgmbh/cfcharts/releases
Without any problems.
Consider using semantic-release to
Hey,
Thanks for a great package, but I have a small issue.
The first time I uploaded my helm chart everything worked well, cr upload and then cr index did the job.
But now, when I am trying to upload a new version I keep getting:
422 Validation Failed [{Resource:Release Field:tag_name Code:already_exists Message:}]
Tried increasing the version and the appVersion in Chart.yaml but still keep getting the same error.
What am I doing wrong?
Thanks!
Hey guys.
I'm trying to install packages from a private repository I've deployed using chart-releaser
, but I'm not being able to do it.
Here is what I've done:
helm package charts/* --destination .deploy
cr upload -o odelucca -r helm-charts -p .deploy -t $MY_TOKEN
index.yaml
with the following command:cr index --config .cr.yaml -t $MY_TOKEN
# My .cr.yaml file:
# owner: odelucca
# git-repo: helm-charts
# package-path: .deploy
# index-path: index.yaml
# charts-repo: https://github.com/odelucca/helm-charts/
I've commit the index.yaml
to the repo
I've added the remote helm repo with the following command:
helm repo add helm-charts https://raw.githubusercontent.com/odelucca/helm-charts/master --username $MY_EMAIL --password $MY_TOKEN
dependencies:
- name: serverless-common
version: 1.0.0
repository: "@helm-charts"
helm dep update
Hang tight while we grab the latest from your chart repositories...
...Unable to get an update from the "local" chart repository (http://127.0.0.1:8879/charts):
Get http://127.0.0.1:8879/charts/index.yaml: dial tcp 127.0.0.1:8879: connect: connection refused
...Successfully got an update from the "helm-charts" chart repository
...Successfully got an update from the "stable" chart repository
Update Complete.
Saving 1 charts
Downloading serverless-common from repo https://raw.githubusercontent.com/odelucca/helm-charts/master
Save error occurred: could not download https://github.com/odelucca/helm-charts/releases/download/serverless-common-1.0.0/serverless-common-1.0.0.tgz: Failed to fetch https://github.com/odelucca/helm-charts/releases/download/serverless-common-1.0.0/serverless-common-1.0.0.tgz : 404 Not Found
Deleting newly downloaded charts, restoring pre-update state
Error: could not download https://github.com/odelucca/helm-charts/releases/download/serverless-common-1.0.0/serverless-common-1.0.0.tgz: Failed to fetch https://github.com/odelucca/helm-charts/releases/download/serverless-common-1.0.0/serverless-common-1.0.0.tgz : 404 Not Found
Anyone can help me? I've tried a lot of different approaches, and none of them fix it
We still need to test PRs… so far I only added for tag releases. We discussed but didn't implement this yet.
Hello
Sorry if this is more of a question than a bug. We're using the chart-releaser over at https://github.com/k8s-at-home/charts
We've noticed that the top level generated
field in the index.yaml
is not being updated when charts are being updated. Tools like flux2 expect this field to be updated when a chart is released so it knows when to update the repo.
You can see in index.yaml the generated
field is not being updated and it's currently pinned to generated: "2019-12-22T07:05:20.914237208Z"
My question is should this field be updated when a new chart is released, or is it something that could be supported in the future?
Thanks!
For Github Enterprise, chart-releaser
users need git-base-url
and git-upload-url
correctly, but the correct values are not always obvious.
Often they are along these lines:
https://example.com/api/v3/
https://example.com/api/uploads/
If however you set the upload URL incorrectly, let's say to something like https://example.com/uploads/
, then cr upload
will appear to work, but there will only be the 2 source code assets and the third asset is missing. This will become apparent when you run cr index
and it always claims that nothing has changed, because it can't find any assets for the release.
The initial issue might be a problem in the go-github
Do
call, but basically if the asset upload fails the release should be rolled back (deleted) and a an appropriate log message should be displayed.
It is likely that the cr index
command should also generate at least a warning when a release has no assets attached to it.
Note:
If you are trying to figure out what your upload_url is try to use a curl command like this:
curl -u username:token https://example.com/api/v3/repos/org/repo/releases
and then look for "upload_url"
- You need the part before repos/
This merge never had an official release cut? Was this expected?
This URL: https://api.github.com/repos/neo4j-contrib/neo4j-helm/releases/tags/ is a 404.
This URL: (a specific release) https://api.github.com/repos/neo4j-contrib/neo4j-helm/releases/tags/4.0.4-2 works just fine.
Is it built into the tool, the assumption that the GitHub API will allow you to enumerate releases with this endpoint? Because GitHub appears not to allow that.
$ cr index -c https://github.com/neo4j-contrib/neo4j-helm.git -r neo4j-helm -i index.yaml -o neo4j-contrib -p .
====> UpdateIndexFile new index at index.yaml
Error: GET https://api.github.com/repos/neo4j-contrib/neo4j-helm/releases/tags/: 404 Not Found []
Usage:
cr index [flags]
Flags:
-c, --charts-repo string The URL to the charts repository
-b, --git-base-url string GitHub Base URL (only needed for private GitHub) (default "https://api.github.com/")
-r, --git-repo string GitHub repository
-u, --git-upload-url string GitHub Upload URL (only needed for private GitHub) (default "https://uploads.github.com/")
-h, --help help for index
-i, --index-path string Path to index file (default ".cr-index/index.yaml")
-o, --owner string GitHub username or organization
-p, --package-path string Path to directory with chart packages (default ".cr-release-packages")
-t, --token string GitHub Auth Token (only needed for private repos)
Global Flags:
--config string Config file (default is $HOME/.cr.yaml)
This would be a ideal fit as an helm plugin to have like a single command helm release
that would propose options to do both commands, the release and the index update.
Hi,
When using a private GitHub repository, the Helm client is not able to fetch the release artifacts due to the standard browser download url used in the generated index.yaml
. It's mentioned in the following PR that the url in the index.yaml
needs to be adjusted, and the PR also references a fix (#43) which introduced some changes.
PR: #14
I've checked the code, but it seems there is currently no way to tweak the actual download url in the generated index.yaml
(e.g. like mentioned in this comment #14 (comment)) or?
-- Sven
Hi, just FYI I've setup a workflow that uses plain helm
without GitHub Pages: https://github.com/ironpeakservices/iron-chart-go/blob/master/.github/workflows/release.yml
Might be interesting for others.
You install via
# first add our helm repository
# provide a GitHub token if it's private
% helm repo add ironchartgo https://${GITHUB_TOKEN}@raw.githubusercontent.com/ironpeakservices/iron-chart-go/helmrepo/
"ironchartgo" has been added to your repositories
# now let's install our Chart from our repository
% helm install mychart ironchartgo/iron-chart-go
Currently, chart-releaser uses the default release creation behavior: target commits for a new release will be the current commit on the default branch.
This is reasonable default behavior, but it would be nice to have the ability to specify the commit. Use cases - if you are doing backfill or other manual work outside of normal workflow.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.