Skip to content

Latest commit

 

History

History
181 lines (154 loc) · 10.7 KB

README.md

File metadata and controls

181 lines (154 loc) · 10.7 KB

EKS deployments with Helm

GitHub action for deploying to AWS EKS clusters using helm.

Note: If your EKS cluster administrative access is in a private network, you will need to use a self hosted runner in that network to use this action.

Customizing

Note on chart repository / oci registry

Although Helm repositories are different than OCI registries, the chart-repository variable supports both options.

See example below for reference, but should be similar to using a repo.

Note on charts list command

You can use the name as a way to filter results, or just leave it blank to get all the charts available.

Inputs

Following inputs can be used as step.with keys

Name Type Description
aws-secret-access-key String AWS secret access key part of the aws credentials. This is used to login to EKS.
aws-access-key-id String AWS access key id part of the aws credentials. This is used to login to EKS.
aws-region String AWS region to use. This must match the region your desired cluster lies in.
cluster-name String The name of the desired cluster.
cluster-role-arn String If you wish to assume an admin role, provide the role arn here to login as.
action String Determines if we install/uninstall the chart, or list. (Optional, Defaults to install)
dry-run Boolean Toggles dry-run option for install/uninstall action. (Defaults to false)
config-files String Comma separated list of helm values files.
namespace String Kubernetes namespace to use. Will create if it does not exist
values String Comma separated list of value set for helms. e.x:key1=value1,key2=value2
name String The name of the helm release
chart-path String The path to the chart. (defaults to helm/)
chart-repository String The URL of the chart-repository (Optional) Note: If oci based registry, set url to oci://
version String The version of the chart (Optional)
plugins String Comma separated list of plugins to install. e.x: https://github.com/hypnoglow/helm-s3.git, https://github.com/someuser/helm-plugin.git (defaults to none)
timeout String The value of the timeout for the helm release
update-deps Boolean Update chart dependencies
helm-wait String Add the helm --wait flag to the helm Release (Optional)
atomic String Add the helm --atomic flag if set (Optional)
ca-file String Verify certificates of HTTPS-enabled servers using this CA bundle.
cert-file String Identify HTTPS client using this SSL certificate file.
key-file String Identify HTTPS client using this SSL key file.
insecure-skip-tls-verify String Skip tls certificate checks for the chart download.
pass-credentials String Pass credentials to all domains. set (Optional)
username String Chart repository username where to locate the requested chart.
password String Chart repository password where to locate the requested chart.
use-secrets-vals Boolean Use secrets plugin using vals to evaluate the secrets

Example 1 - local repo chart

    - name: Deploy Helm
      uses: bitovi/github-actions-deploy-eks-helm@v1.2.4
      with:
        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        aws-region: us-west-2
        cluster-name: mycluster
        config-files: .github/values/dev.yaml
        chart-path: chart/
        namespace: dev
        values: key1=value1,key2=value2
        name: release_name

Example 2 - Custom Chart Repo

    - name: Deploy Helm
      uses: bitovi/github-actions-deploy-eks-helm@v1.2.4
      with:
        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        aws-region: us-west-2
        cluster-name: mycluster
        cluster-role-arn: ${{ secrets.AWS_ROLE_ARN }}
        config-files: fluent-bit/prod/values.yaml
        chart-path: fluent/fluent-bit
        namespace: logging
        name: fluent-bit
        chart-repository: https://fluent.github.io/helm-charts
        version: 0.20.6
        atomic: true

Example 3 - OCI Chart Repo

    - name: Deploy Helm
      uses: bitovi/github-actions-deploy-eks-helm@v1.2.4
      with:
        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        aws-region: us-west-2
        cluster-name: mycluster
        cluster-role-arn: ${{ secrets.AWS_ROLE_ARN }}
        chart-repository: oci://registry.io/
        chart-path: organization/chart
        namespace: org
        name: some-name
        version: 0.1.0

Example 4 - Separate AWS login

    - name: Configure AWS credentials
      uses: aws-actions/configure-aws-credentials@v2
      with:
        role-to-assume: arn:aws:iam::${{ env.aws-account-id }}:role/${{ env.aws-assume-role }}
        aws-region: ${{ env.aws-region }}

    - name: Install Helm Chart
      uses: bitovi/github-actions-deploy-eks-helm@v1.2.4
      with:
        aws-region: ${{ env.aws-region }}
        cluster-name: eks-cluster-${{ env.environment }}
        ... (put your other arguments here)

Example 5 - Use secrets with vals backend

    - name: Deploy Helm
      uses: bitovi/github-actions-deploy-eks-helm@v1.2.4
      with:
        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        aws-region: us-west-2
        cluster-name: mycluster
        config-files: .github/values/dev.yaml
        chart-path: chart/
        namespace: dev
        values: key1=value1,key2=value2
        name: release_name
        use-secrets-vals: true
        plugins: https://github.com/jkroepke/helm-secrets

Example Uninstall

    - name: Deploy Helm
      uses: bitovi/github-actions-deploy-eks-helm@v1.2.4
      with:
        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        aws-region: us-west-2
        action: uninstall
        cluster-name: mycluster
        namespace: dev
        name: release_name

Example List

    - name: Deploy Helm
      uses: bitovi/github-actions-deploy-eks-helm@v1.2.4
      with:
        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        aws-region: us-west-2
        action: list
        namespace: dev
        name: release_name

Contributing

We would love for you to contribute to bitovi/github-actions-deploy-eks-helm. Issues and Pull Requests are welcome!

License

The scripts and documentation in this project are released under the MIT License.

Provided by Bitovi

Bitovi is a proud supporter of Open Source software.

Need help or have questions?

You can get help or ask questions on Discord channel! Come hangout with us!

Or, you can hire us for training, consulting, or development. Set up a free consultation.