chore: local-only flow (remove Gitea workflow) + docs for local pre-push and insecure/HTTP registries
This commit is contained in:
Ivan087
16
.env.example
16
.env.example
@ -1,16 +0,0 @@
|
|||||||
# Required: Helm OCI namespace to push to (host/org or host/user)
|
|
||||||
# Examples: ghcr.io/your-org, gitea.example.com/your-user
|
|
||||||
HELM_OCI_NAMESPACE=
|
|
||||||
|
|
||||||
# Optional: Registry credentials (if not already logged in via `helm registry login`)
|
|
||||||
HELM_USERNAME=
|
|
||||||
HELM_PASSWORD=
|
|
||||||
|
|
||||||
# Optional: Space separated chart dirs. If unset, script auto-discovers
|
|
||||||
# CHART_DIRS="code-server-chart vllm-serve"
|
|
||||||
|
|
||||||
# Optional: Set to 1 to only build locally without pushing
|
|
||||||
# DRY_RUN=1
|
|
||||||
|
|
||||||
# Optional: Extra flags for helm push
|
|
||||||
# HELM_PUSH_EXTRA_ARGS="--insecure-skip-tls-verify"
|
|
||||||
@ -1,28 +0,0 @@
|
|||||||
name: Helm Publish
|
|
||||||
|
|
||||||
on:
|
|
||||||
push:
|
|
||||||
branches:
|
|
||||||
- "**"
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
package-and-push:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
env:
|
|
||||||
HELM_OCI_NAMESPACE: ${{ secrets.HELM_OCI_NAMESPACE }}
|
|
||||||
HELM_USERNAME: ${{ secrets.HELM_USERNAME }}
|
|
||||||
HELM_PASSWORD: ${{ secrets.HELM_PASSWORD }}
|
|
||||||
steps:
|
|
||||||
- name: Checkout
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: Setup Helm
|
|
||||||
uses: azure/setup-helm@v4
|
|
||||||
with:
|
|
||||||
token: ${{ github.token }}
|
|
||||||
version: v3.12.3
|
|
||||||
|
|
||||||
- name: Package and Push Charts
|
|
||||||
run: |
|
|
||||||
set -euo pipefail
|
|
||||||
bash scripts/helm_publish.sh
|
|
||||||
16
README.md
16
README.md
@ -1,15 +1,15 @@
|
|||||||
# helm-charts repo
|
# helm-charts repo
|
||||||
|
|
||||||
This repository manages two Helm charts (e.g., `code-server-chart`, `vllm-serve`) and automates packaging and publishing on every `git push`.
|
This repository manages two Helm charts (e.g., `code-server-chart`, `vllm-serve`) and automates packaging and publishing on every `git push` (local pre-push hook only; no CI runner required).
|
||||||
|
|
||||||
## How it works
|
## How it works
|
||||||
|
|
||||||
- Local pre-push hook runs `scripts/helm_publish.sh` to `helm package` and `helm push` all charts found under this folder (directories containing a `Chart.yaml`).
|
- Local pre-push hook runs `scripts/helm_publish.sh` to `helm package` and `helm push` all charts found under this folder (directories containing a `Chart.yaml`).
|
||||||
- A Gitea Actions workflow at `.gitea/workflows/helm-publish.yml` does the same on the server side for each push.
|
- If any chart fails to package/push, the Git push is aborted.
|
||||||
|
|
||||||
## Configure registry
|
## Configure registry
|
||||||
|
|
||||||
1. Copy `.env.example` to `.env` and fill in:
|
1. Create `.env` and fill in:
|
||||||
|
|
||||||
```
|
```
|
||||||
HELM_OCI_NAMESPACE=gitea.example.com/your-user
|
HELM_OCI_NAMESPACE=gitea.example.com/your-user
|
||||||
@ -17,12 +17,12 @@ HELM_USERNAME=your-username
|
|||||||
HELM_PASSWORD=your-token-or-password
|
HELM_PASSWORD=your-token-or-password
|
||||||
```
|
```
|
||||||
|
|
||||||
2. For CI, add these as repository secrets in Gitea:
|
The charts are pushed to `oci://$HELM_OCI_NAMESPACE` (Helm appends the chart name and version). For self-signed or HTTP registries, you can add:
|
||||||
- `HELM_OCI_NAMESPACE`
|
|
||||||
- `HELM_USERNAME`
|
|
||||||
- `HELM_PASSWORD`
|
|
||||||
|
|
||||||
The charts are pushed to `oci://$HELM_OCI_NAMESPACE` (Helm appends the chart name and version).
|
```
|
||||||
|
HELM_PUSH_EXTRA_ARGS="--insecure-skip-tls-verify --plain-http"
|
||||||
|
HELM_LOGIN_EXTRA_ARGS="--insecure --plain-http"
|
||||||
|
```
|
||||||
|
|
||||||
## Chart discovery
|
## Chart discovery
|
||||||
|
|
||||||
|
|||||||
@ -106,7 +106,7 @@ resources:
|
|||||||
limits:
|
limits:
|
||||||
cpu: 4000m
|
cpu: 4000m
|
||||||
memory: 8192Mi
|
memory: 8192Mi
|
||||||
nvidia.com/gpu: "1"
|
nvidia.com/gpu: 1
|
||||||
requests:
|
requests:
|
||||||
cpu: 2000m
|
cpu: 2000m
|
||||||
memory: 4000Mi
|
memory: 4000Mi
|
||||||
|
|||||||
@ -6,6 +6,7 @@ set -euo pipefail
|
|||||||
# HELM_OCI_NAMESPACE e.g. ghcr.io/OWNER or gitea.example.com/OWNER
|
# HELM_OCI_NAMESPACE e.g. ghcr.io/OWNER or gitea.example.com/OWNER
|
||||||
# Optional env:
|
# Optional env:
|
||||||
# HELM_USERNAME / HELM_PASSWORD for registry login
|
# HELM_USERNAME / HELM_PASSWORD for registry login
|
||||||
|
# HELM_LOGIN_EXTRA_ARGS: extra flags for `helm registry login` (e.g., --insecure --plain-http)
|
||||||
# CHART_DIRS: space-separated list of chart directories; if empty, auto-discover
|
# CHART_DIRS: space-separated list of chart directories; if empty, auto-discover
|
||||||
# DRY_RUN=1: only package, do not push
|
# DRY_RUN=1: only package, do not push
|
||||||
# HELM_PUSH_EXTRA_ARGS: extra flags for `helm push` (e.g., --insecure-skip-tls-verify)
|
# HELM_PUSH_EXTRA_ARGS: extra flags for `helm push` (e.g., --insecure-skip-tls-verify)
|
||||||
@ -38,7 +39,8 @@ fi
|
|||||||
# Login if credentials present
|
# Login if credentials present
|
||||||
if [[ -n "${HELM_USERNAME:-}" && -n "${HELM_PASSWORD:-}" ]]; then
|
if [[ -n "${HELM_USERNAME:-}" && -n "${HELM_PASSWORD:-}" ]]; then
|
||||||
echo "[helm_publish] Logging into registry ${HELM_REGISTRY_HOST} as ${HELM_USERNAME}"
|
echo "[helm_publish] Logging into registry ${HELM_REGISTRY_HOST} as ${HELM_USERNAME}"
|
||||||
helm registry login "$HELM_REGISTRY_HOST" -u "$HELM_USERNAME" -p "$HELM_PASSWORD"
|
# shellcheck disable=SC2086
|
||||||
|
helm registry login ${HELM_LOGIN_EXTRA_ARGS:-} "$HELM_REGISTRY_HOST" -u "$HELM_USERNAME" -p "$HELM_PASSWORD"
|
||||||
else
|
else
|
||||||
echo "[helm_publish] HELM_USERNAME/HELM_PASSWORD not set; assuming registry creds already configured"
|
echo "[helm_publish] HELM_USERNAME/HELM_PASSWORD not set; assuming registry creds already configured"
|
||||||
fi
|
fi
|
||||||
|
|||||||
Reference in New Issue
Block a user