ivanwu/helm-charts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: local-only flow (remove Gitea workflow) + docs for local pre-push and insecure/HTTP registries

Browse Source
This commit is contained in:
Ivan087
2025-11-17 17:05:22 +08:00
parent e8451c0675
commit f0cf557067
5 changed files with 12 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
.env.example
View File

@ -1,16 +0,0 @@
# Required: Helm OCI namespace to push to (host/org or host/user)
# Examples: ghcr.io/your-org, gitea.example.com/your-user
HELM_OCI_NAMESPACE=
# Optional: Registry credentials (if not already logged in via `helm registry login`)
HELM_USERNAME=
HELM_PASSWORD=
# Optional: Space separated chart dirs. If unset, script auto-discovers
# CHART_DIRS="code-server-chart vllm-serve"
# Optional: Set to 1 to only build locally without pushing
# DRY_RUN=1
# Optional: Extra flags for helm push
# HELM_PUSH_EXTRA_ARGS="--insecure-skip-tls-verify"

28
.gitea/workflows/helm-publish.yml
View File

@ -1,28 +0,0 @@
name: Helm Publish
on:
push:
branches:
- "**"
jobs:
package-and-push:
runs-on: ubuntu-latest
env:
HELM_OCI_NAMESPACE: ${{ secrets.HELM_OCI_NAMESPACE }}
HELM_USERNAME: ${{ secrets.HELM_USERNAME }}
HELM_PASSWORD: ${{ secrets.HELM_PASSWORD }}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Helm
uses: azure/setup-helm@v4
with:
token: ${{ github.token }}
version: v3.12.3
- name: Package and Push Charts
run: |
set -euo pipefail
bash scripts/helm_publish.sh

16
README.md
View File

@ -1,15 +1,15 @@
# helm-charts repo
This repository manages two Helm charts (e.g., `code-server-chart`, `vllm-serve`) and automates packaging and publishing on every `git push`.
This repository manages two Helm charts (e.g., `code-server-chart`, `vllm-serve`) and automates packaging and publishing on every `git push` (local pre-push hook only; no CI runner required).
## How it works
- Local pre-push hook runs `scripts/helm_publish.sh` to `helm package` and `helm push` all charts found under this folder (directories containing a `Chart.yaml`).
- A Gitea Actions workflow at `.gitea/workflows/helm-publish.yml` does the same on the server side for each push.
- If any chart fails to package/push, the Git push is aborted.
## Configure registry
1. Copy `.env.example` to `.env` and fill in:
1. Create `.env` and fill in:
```
HELM_OCI_NAMESPACE=gitea.example.com/your-user
@ -17,12 +17,12 @@ HELM_USERNAME=your-username
HELM_PASSWORD=your-token-or-password
```
2. For CI, add these as repository secrets in Gitea:
- `HELM_OCI_NAMESPACE`
- `HELM_USERNAME`
- `HELM_PASSWORD`
The charts are pushed to `oci://$HELM_OCI_NAMESPACE` (Helm appends the chart name and version). For self-signed or HTTP registries, you can add:
The charts are pushed to `oci://$HELM_OCI_NAMESPACE` (Helm appends the chart name and version).
```
HELM_PUSH_EXTRA_ARGS="--insecure-skip-tls-verify --plain-http"
HELM_LOGIN_EXTRA_ARGS="--insecure --plain-http"
```
## Chart discovery

2
code-server-chart/values.yaml
View File

@ -106,7 +106,7 @@ resources:
limits:
cpu: 4000m
memory: 8192Mi
nvidia.com/gpu: "1"
nvidia.com/gpu: 1
requests:
cpu: 2000m
memory: 4000Mi

4
scripts/helm_publish.sh
View File

@ -6,6 +6,7 @@ set -euo pipefail
# HELM_OCI_NAMESPACE e.g. ghcr.io/OWNER or gitea.example.com/OWNER
# Optional env:
# HELM_USERNAME / HELM_PASSWORD for registry login
# HELM_LOGIN_EXTRA_ARGS: extra flags for `helm registry login` (e.g., --insecure --plain-http)
# CHART_DIRS: space-separated list of chart directories; if empty, auto-discover
# DRY_RUN=1: only package, do not push
# HELM_PUSH_EXTRA_ARGS: extra flags for `helm push` (e.g., --insecure-skip-tls-verify)
@ -38,7 +39,8 @@ fi
# Login if credentials present
if [[ -n "${HELM_USERNAME:-}" && -n "${HELM_PASSWORD:-}" ]]; then
echo "[helm_publish] Logging into registry ${HELM_REGISTRY_HOST} as ${HELM_USERNAME}"
helm registry login "$HELM_REGISTRY_HOST" -u "$HELM_USERNAME" -p "$HELM_PASSWORD"
# shellcheck disable=SC2086
helm registry login ${HELM_LOGIN_EXTRA_ARGS:-} "$HELM_REGISTRY_HOST" -u "$HELM_USERNAME" -p "$HELM_PASSWORD"
else
echo "[helm_publish] HELM_USERNAME/HELM_PASSWORD not set; assuming registry creds already configured"
fi