GitHub action for deploying to AWS EKS clusters using helm.
Note: If your EKS cluster administrative access is in a private network, you will need to use a self hosted runner in that network to use this action.
Although Helm repositories are different than OCI registries, the chart-repository
variable supports both options.
See example below for reference, but should be similar to using a repo.
You can use the name as a way to filter results, or just leave it blank to get all the charts available.
Following inputs can be used as step.with
keys
Name | Type | Description |
---|---|---|
aws-secret-access-key |
String | AWS secret access key part of the aws credentials. This is used to login to EKS. |
aws-access-key-id |
String | AWS access key id part of the aws credentials. This is used to login to EKS. |
aws-region |
String | AWS region to use. This must match the region your desired cluster lies in. |
cluster-name |
String | The name of the desired cluster. |
cluster-role-arn |
String | If you wish to assume an admin role, provide the role arn here to login as. |
action |
String | Determines if we install /uninstall the chart, or list . (Optional, Defaults to install ) |
dry-run |
Boolean | Toggles dry-run option for install /uninstall action. (Defaults to false ) |
config-files |
String | Comma separated list of helm values files. |
namespace |
String | Kubernetes namespace to use. Will create if it does not exist |
values |
String | Comma separated list of value set for helms. e.x:key1=value1,key2=value2 |
name |
String | The name of the helm release |
chart-path |
String | The path to the chart. (defaults to helm/ ) |
chart-repository |
String | The URL of the chart-repository (Optional) Note: If oci based registry, set url to oci:// |
version |
String | The version of the chart (Optional) |
plugins |
String | Comma separated list of plugins to install. e.x: https://github.com/hypnoglow/helm-s3.git, https://github.com/someuser/helm-plugin.git (defaults to none) |
timeout |
String | The value of the timeout for the helm release |
update-deps |
Boolean | Update chart dependencies |
helm-wait |
String | Add the helm --wait flag to the helm Release (Optional) |
atomic |
String | Add the helm --atomic flag if set (Optional) |
ca-file |
String | Verify certificates of HTTPS-enabled servers using this CA bundle. |
cert-file |
String | Identify HTTPS client using this SSL certificate file. |
key-file |
String | Identify HTTPS client using this SSL key file. |
insecure-skip-tls-verify |
String | Skip tls certificate checks for the chart download. |
pass-credentials |
String | Pass credentials to all domains. set (Optional) |
username |
String | Chart repository username where to locate the requested chart. |
password |
String | Chart repository password where to locate the requested chart. |
use-secrets-vals |
Boolean | Use secrets plugin using vals to evaluate the secrets |
- name: Deploy Helm
uses: bitovi/[email protected]
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-west-2
cluster-name: mycluster
config-files: .github/values/dev.yaml
chart-path: chart/
namespace: dev
values: key1=value1,key2=value2
name: release_name
- name: Deploy Helm
uses: bitovi/[email protected]
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-west-2
cluster-name: mycluster
cluster-role-arn: ${{ secrets.AWS_ROLE_ARN }}
config-files: fluent-bit/prod/values.yaml
chart-path: fluent/fluent-bit
namespace: logging
name: fluent-bit
chart-repository: https://fluent.github.io/helm-charts
version: 0.20.6
atomic: true
- name: Deploy Helm
uses: bitovi/[email protected]
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-west-2
cluster-name: mycluster
cluster-role-arn: ${{ secrets.AWS_ROLE_ARN }}
chart-repository: oci://registry.io/
chart-path: organization/chart
namespace: org
name: some-name
version: 0.1.0
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: arn:aws:iam::${{ env.aws-account-id }}:role/${{ env.aws-assume-role }}
aws-region: ${{ env.aws-region }}
- name: Install Helm Chart
uses: bitovi/[email protected]
with:
aws-region: ${{ env.aws-region }}
cluster-name: eks-cluster-${{ env.environment }}
... (put your other arguments here)
- name: Deploy Helm
uses: bitovi/[email protected]
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-west-2
cluster-name: mycluster
config-files: .github/values/dev.yaml
chart-path: chart/
namespace: dev
values: key1=value1,key2=value2
name: release_name
use-secrets-vals: true
plugins: https://github.com/jkroepke/helm-secrets
- name: Deploy Helm
uses: bitovi/[email protected]
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-west-2
action: uninstall
cluster-name: mycluster
namespace: dev
name: release_name
- name: Deploy Helm
uses: bitovi/[email protected]
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-west-2
action: list
namespace: dev
name: release_name
We would love for you to contribute to bitovi/github-actions-deploy-eks-helm
. Issues and Pull Requests are welcome!
The scripts and documentation in this project are released under the MIT License.
Bitovi is a proud supporter of Open Source software.
You can get help or ask questions on Discord channel! Come hangout with us!
Or, you can hire us for training, consulting, or development. Set up a free consultation.