ivanwu/helm-charts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cover helm charts

Browse Source
This commit is contained in:
Ivan087
2025-11-17 17:37:30 +08:00
parent 36823577c0
commit e4164c2c9e
2 changed files with 44 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@ -22,8 +22,11 @@ The charts are pushed to `oci://$HELM_OCI_NAMESPACE` (Helm appends the chart nam
```
HELM_PUSH_EXTRA_ARGS="--insecure-skip-tls-verify --plain-http"
HELM_LOGIN_EXTRA_ARGS="--insecure --plain-http"
ALLOW_OVERWRITE=1
```
When `ALLOW_OVERWRITE=1` is set, the pre-push will first try to delete the existing `<chart>:<version>` tag from Harbor via API (requires `HELM_USERNAME`/`HELM_PASSWORD`). This is needed because OCI registries do not allow overwriting tags.
## Chart discovery
No configuration needed by default. The script auto-discovers chart directories by looking for `Chart.yaml` up to depth 2 (excluding nested `charts/` vendor dir).

43
scripts/helm_publish.sh
View File

@ -9,7 +9,8 @@ set -euo pipefail
# HELM_LOGIN_EXTRA_ARGS: extra flags for `helm registry login` (e.g., --insecure --plain-http)
# CHART_DIRS: space-separated list of chart directories; if empty, auto-discover
# DRY_RUN=1: only package, do not push
# HELM_PUSH_EXTRA_ARGS: extra flags for `helm push` (e.g., --insecure-skip-tls-verify)
# HELM_PUSH_EXTRA_ARGS: extra flags for `helm push` (e.g., --insecure-skip-tls-verify --plain-http)
# ALLOW_OVERWRITE=1: delete existing chart version in Harbor/OCI before push (OCI tags are immutable)
ROOT_DIR="$(cd "$(dirname "$0")/.." && pwd)"
cd "$ROOT_DIR"
@ -19,8 +20,23 @@ if [[ -z "${HELM_OCI_NAMESPACE:-}" ]]; then
exit 1
fi
# Derive registry host from HELM_OCI_NAMESPACE
# Derive registry host and project from HELM_OCI_NAMESPACE
HELM_REGISTRY_HOST="${HELM_OCI_NAMESPACE%%/*}"
HELM_REGISTRY_PROJECT="${HELM_OCI_NAMESPACE#*/}"
if [[ -z "$HELM_REGISTRY_PROJECT" || "$HELM_REGISTRY_PROJECT" == "$HELM_OCI_NAMESPACE" ]]; then
echo "[helm_publish] Invalid HELM_OCI_NAMESPACE: expected host/project, got '$HELM_OCI_NAMESPACE'" >&2
exit 1
fi
# Infer API scheme/insecure flags for Harbor API calls
API_SCHEME="https"
if [[ "${HELM_LOGIN_EXTRA_ARGS:-}${HELM_PUSH_EXTRA_ARGS:-}" == *"--plain-http"* ]]; then
API_SCHEME="http"
fi
INSECURE_CURL_FLAG=""
if [[ "${HELM_LOGIN_EXTRA_ARGS:-}${HELM_PUSH_EXTRA_ARGS:-}" == *"--insecure"* || "${HELM_PUSH_EXTRA_ARGS:-}" == *"--insecure-skip-tls-verify"* ]]; then
INSECURE_CURL_FLAG="-k"
fi
# Auto-discover charts when CHART_DIRS not provided
if [[ -z "${CHART_DIRS:-}" ]]; then
@ -80,6 +96,29 @@ for chart_dir in ${CHART_DIRS}; do
continue
fi
# Resolve chart name/version from Chart.yaml
chart_name=$(sed -n 's/^name:[[:space:]]*\(.*\)$/\1/p' "$chart_dir/Chart.yaml" | head -n1 | tr -d '"' | xargs || true)
chart_version=$(sed -n 's/^version:[[:space:]]*\(.*\)$/\1/p' "$chart_dir/Chart.yaml" | head -n1 | tr -d '"' | xargs || true)
# Optional pre-delete to allow overwrite of existing tag in Harbor
if [[ "${ALLOW_OVERWRITE:-}" == "1" && -n "${chart_name}" && -n "${chart_version}" ]]; then
if [[ -n "${HELM_USERNAME:-}" && -n "${HELM_PASSWORD:-}" ]]; then
del_url="${API_SCHEME}://${HELM_REGISTRY_HOST}/api/v2.0/projects/${HELM_REGISTRY_PROJECT}/repositories/${chart_name}/artifacts/${chart_version}"
echo "[helm_publish] Attempting delete (if exists): $del_url"
http_code=$(curl -sS ${INSECURE_CURL_FLAG} -u "${HELM_USERNAME}:${HELM_PASSWORD}" -o /dev/null -w "%{http_code}" -X DELETE "$del_url" || true)
case "$http_code" in
200|202|404)
echo "[helm_publish] Delete HTTP $http_code (ok)";;
"")
echo "[helm_publish] Warning: curl returned no status; continuing";;
*)
echo "[helm_publish] Warning: delete returned HTTP $http_code; continuing to push";;
esac
else
echo "[helm_publish] ALLOW_OVERWRITE=1 but HELM_USERNAME/HELM_PASSWORD not set; skip delete"
fi
fi
# Push to OCI registry; Helm will use chart name from the package
echo "[helm_publish] Pushing $pkg_path to oci://$HELM_OCI_NAMESPACE"
if ! helm push ${HELM_PUSH_EXTRA_ARGS:-} "$pkg_path" "oci://$HELM_OCI_NAMESPACE"; then