diff --git a/.env.example b/.env.example deleted file mode 100644 index 941c866..0000000 --- a/.env.example +++ /dev/null @@ -1,16 +0,0 @@ -# Required: Helm OCI namespace to push to (host/org or host/user) -# Examples: ghcr.io/your-org, gitea.example.com/your-user -HELM_OCI_NAMESPACE= - -# Optional: Registry credentials (if not already logged in via `helm registry login`) -HELM_USERNAME= -HELM_PASSWORD= - -# Optional: Space separated chart dirs. If unset, script auto-discovers -# CHART_DIRS="code-server-chart vllm-serve" - -# Optional: Set to 1 to only build locally without pushing -# DRY_RUN=1 - -# Optional: Extra flags for helm push -# HELM_PUSH_EXTRA_ARGS="--insecure-skip-tls-verify" diff --git a/.gitea/workflows/helm-publish.yml b/.gitea/workflows/helm-publish.yml deleted file mode 100644 index 4e5a604..0000000 --- a/.gitea/workflows/helm-publish.yml +++ /dev/null @@ -1,28 +0,0 @@ -name: Helm Publish - -on: - push: - branches: - - "**" - -jobs: - package-and-push: - runs-on: ubuntu-latest - env: - HELM_OCI_NAMESPACE: ${{ secrets.HELM_OCI_NAMESPACE }} - HELM_USERNAME: ${{ secrets.HELM_USERNAME }} - HELM_PASSWORD: ${{ secrets.HELM_PASSWORD }} - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Setup Helm - uses: azure/setup-helm@v4 - with: - token: ${{ github.token }} - version: v3.12.3 - - - name: Package and Push Charts - run: | - set -euo pipefail - bash scripts/helm_publish.sh diff --git a/README.md b/README.md index 44bfc95..e0119ae 100644 --- a/README.md +++ b/README.md @@ -1,15 +1,15 @@ # helm-charts repo -This repository manages two Helm charts (e.g., `code-server-chart`, `vllm-serve`) and automates packaging and publishing on every `git push`. +This repository manages two Helm charts (e.g., `code-server-chart`, `vllm-serve`) and automates packaging and publishing on every `git push` (local pre-push hook only; no CI runner required). ## How it works - Local pre-push hook runs `scripts/helm_publish.sh` to `helm package` and `helm push` all charts found under this folder (directories containing a `Chart.yaml`). -- A Gitea Actions workflow at `.gitea/workflows/helm-publish.yml` does the same on the server side for each push. + - If any chart fails to package/push, the Git push is aborted. ## Configure registry -1. Copy `.env.example` to `.env` and fill in: +1. Create `.env` and fill in: ``` HELM_OCI_NAMESPACE=gitea.example.com/your-user @@ -17,12 +17,12 @@ HELM_USERNAME=your-username HELM_PASSWORD=your-token-or-password ``` -2. For CI, add these as repository secrets in Gitea: - - `HELM_OCI_NAMESPACE` - - `HELM_USERNAME` - - `HELM_PASSWORD` +The charts are pushed to `oci://$HELM_OCI_NAMESPACE` (Helm appends the chart name and version). For self-signed or HTTP registries, you can add: -The charts are pushed to `oci://$HELM_OCI_NAMESPACE` (Helm appends the chart name and version). +``` +HELM_PUSH_EXTRA_ARGS="--insecure-skip-tls-verify --plain-http" +HELM_LOGIN_EXTRA_ARGS="--insecure --plain-http" +``` ## Chart discovery diff --git a/code-server-chart/values.yaml b/code-server-chart/values.yaml index 8e0f563..8cb3107 100644 --- a/code-server-chart/values.yaml +++ b/code-server-chart/values.yaml @@ -106,7 +106,7 @@ resources: limits: cpu: 4000m memory: 8192Mi - nvidia.com/gpu: "1" + nvidia.com/gpu: 1 requests: cpu: 2000m memory: 4000Mi diff --git a/scripts/helm_publish.sh b/scripts/helm_publish.sh index 1f6e362..5d39902 100755 --- a/scripts/helm_publish.sh +++ b/scripts/helm_publish.sh @@ -6,6 +6,7 @@ set -euo pipefail # HELM_OCI_NAMESPACE e.g. ghcr.io/OWNER or gitea.example.com/OWNER # Optional env: # HELM_USERNAME / HELM_PASSWORD for registry login +# HELM_LOGIN_EXTRA_ARGS: extra flags for `helm registry login` (e.g., --insecure --plain-http) # CHART_DIRS: space-separated list of chart directories; if empty, auto-discover # DRY_RUN=1: only package, do not push # HELM_PUSH_EXTRA_ARGS: extra flags for `helm push` (e.g., --insecure-skip-tls-verify) @@ -38,7 +39,8 @@ fi # Login if credentials present if [[ -n "${HELM_USERNAME:-}" && -n "${HELM_PASSWORD:-}" ]]; then echo "[helm_publish] Logging into registry ${HELM_REGISTRY_HOST} as ${HELM_USERNAME}" - helm registry login "$HELM_REGISTRY_HOST" -u "$HELM_USERNAME" -p "$HELM_PASSWORD" + # shellcheck disable=SC2086 + helm registry login ${HELM_LOGIN_EXTRA_ARGS:-} "$HELM_REGISTRY_HOST" -u "$HELM_USERNAME" -p "$HELM_PASSWORD" else echo "[helm_publish] HELM_USERNAME/HELM_PASSWORD not set; assuming registry creds already configured" fi