Skip to content

Github action that performs a Helm deployment with support for Helm Secrets

License

Notifications You must be signed in to change notification settings

matthiasmetzen/helm-deploy-1

 
 

Repository files navigation

Helm Deploy Github action

Github action that performs a Helm deployment with support for Helm Secrets. Largely based on deliverybot/helm. Only supports Helm 3.

Limitations

  • No Helm 2 support
  • Only supports the SOPS secret driver with GCP KMS (and possibly PGP)

Parameters

Inputs

  • release: Helm release name. (required)
  • namespace: Kubernetes namespace name. (required)
  • chart: Helm chart path. (required)
  • chart_version: Helm chart version.
  • repository: Helm repository to get the chart from.
  • values: Helm chart values, expected to be a YAML or JSON string.
  • value-files: Additional value files to apply to the helm chart. Expects JSON encoded array or a string.
  • secrets-files: Helm Secrets files to apply to the helm chart as values. Expects JSON encoded array or a string.
  • task: Task name. If the task is "remove" it will remove the configured helm release.
  • dry-run: Helm dry-run option.
  • atomic: If true, upgrade process rolls back changes made in case of failed upgrade. Defaults to true.
  • timeout: specify a timeout for helm deployment
  • image: Image to deploy. Overrides the image.name value.
  • tag: Image tag to deploy, usually commit sha or Git tag. Overrides the image.tag value.

Environment

  • KUBECONFIG_FILE: Kubeconfig file for Kubernetes cluster access.
  • GCP_KMS_KEY_FILE: Key file for a GCP service account with access to the KMS keys. Required if secrets files are (partially) encrypted with GCP KMS.

Example usage

name: Deploy with Helm

on:
  push:
    branches: [master]

jobs:
  deploy:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout repository
        uses: actions/checkout@v2

      - name: Deploy
        uses: ivido/helm-deploy@v1
        with:
          release: my-release
          namespace: my-namespace
          chart: ./chart
          value-files: "./chart/values.yaml"
          secrets-files: "./chart/secrets.yaml"
          tag: ${{ github.sha }}
        env:
          KUBECONFIG_FILE: ${{ secrets.KUBECONFIG }}
          GCP_KMS_KEY_FILE: ${{ secrets.GCP_KMS_KEY }}

About

Github action that performs a Helm deployment with support for Helm Secrets

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • JavaScript 85.2%
  • Dockerfile 14.8%