diff --git a/README.md b/README.md index bffe259..0324bd5 100644 --- a/README.md +++ b/README.md @@ -8,27 +8,29 @@ GitHub action for deploying to AWS EKS clusters using helm. Following inputs can be used as `step.with` keys -| Name | Type | Description | -|------------------|---------|------------------------------------| -| `aws-secret-access-key` | String | AWS secret access key part of the aws credentials. This is used to login to EKS. | -| `aws-access-key-id` | String | AWS access key id part of the aws credentials. This is used to login to EKS. | -| `aws-region` | String | AWS region to use. This must match the region your desired cluster lies in. | -| `cluster-name` | String | The name of the desired cluster. | -| `cluster-role-arn` | String | If you wish to assume an admin role, provide the role arn here to login as. | -| `config-files` | String | Comma separated list of helm values files. | -| `namespace` | String | Kubernetes namespace to use. | -| `values` | String | Comma separates list of value set for helms. e.x: key1=value1,key2=value2 | -| `name` | String | The name of the helm release | -| `chart-path` | String | The path to the chart. (defaults to `helm/`) (For local repo)| -| `chart-repository` | String | The URL of the chart repository. (For remote repo)| -| `chart-name` | String | Helm chart name inside the repository. (For remote repo)| -| `repo-username` | String | Username for repository basic auth| -| `repo-password` | String | Password for repository basic auth| -| `chart-version` | String | The version number of the chart| +| Name | Type | Description | +|---------------------------|--------|----------------------------------------------------------------------------------| +| `aws-secret-access-key` | String | AWS secret access key part of the aws credentials. This is used to login to EKS. | +| `aws-access-key-id` | String | AWS access key id part of the aws credentials. This is used to login to EKS. | +| `aws-region` | String | AWS region to use. This must match the region your desired cluster lies in. | +| `cluster-name` | String | The name of the desired cluster. | +| `cluster-role-arn` | String | If you wish to assume an admin role, provide the role arn here to login as. | +| `config-files` | String | Comma separated list of helm values files. | +| `namespace` | String | Kubernetes namespace to use. | +| `values` | String | Comma separates list of value set for helms. e.x: key1=value1,key2=value2 | +| `name` | String | The name of the helm release | +| `chart-path` | String | The path to the chart. (For local helm chart) | +| `chart-repository` | String | The URL of the chart repository. (For remote repo) | +| `chart-name` | String | Helm chart name inside the repository. (For remote repo) | +| `repo-username` | String | Username for repository basic auth | +| `repo-password` | String | Password for repository basic auth | +| `chart-version` | String | The version number of the chart | +| `helm-ecr-aws-account-id` | String | AWS account ID for the helm ECR | +| `helm-ecr-aws-region` | String | AWS region for the helm ECR | ## Example usage -#### Local repository +### Local repository ```yaml uses: craftech-io/eks-helm-deploy-action@v1 @@ -44,7 +46,7 @@ with: name: release_name ``` -#### Remote repository +### Remote repository ```yaml uses: craftech-io/eks-helm-deploy-action@v1 @@ -62,7 +64,7 @@ with: name: release_name ``` -#### Remote repository w/basic auth +### Remote repository w/basic auth ```yaml uses: craftech-io/eks-helm-deploy-action@v1 @@ -80,4 +82,23 @@ with: namespace: dev values: key1=value1,key2=value2 name: release_name +``` + +### AWS ECR helm repository + +```yaml +uses: craftech-io/eks-helm-deploy-action@v3 +with: + aws-access-key-id: ${{ secrets.AWS_ACCESS__KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: us-west-2 + cluster-name: mycluster + config-files: .github/values/dev.yaml + chart-name: example + chart-version: 1.0.0 + namespace: dev + values: key1=value1,key2=value2 + name: release_name + helm-ecr-aws-account-id: 111111111111111 + helm-ecr-aws-region: us-west-2 ``` \ No newline at end of file diff --git a/action.yaml b/action.yaml index 5befcc6..b197112 100644 --- a/action.yaml +++ b/action.yaml @@ -12,9 +12,8 @@ inputs: description: 'AWS credentials used to login to eks.' required: true aws-region: - description: 'AWS region to use (default: us-west-2)' + description: 'AWS region to use' required: true - default: us-west-2 cluster-name: description: 'EKS cluster name.' required: true @@ -36,7 +35,7 @@ inputs: chart-path: description: 'The path of the chart.' required: false - default: 'helm/' + default: '' chart-repository: description: 'The repository of the chart.' required: false @@ -46,7 +45,7 @@ inputs: timeout: description: 'Timeout for the job.' required: true - default: 0 + default: '0' update-deps: description: 'Update chart dependencies' required: false @@ -63,6 +62,14 @@ inputs: chart-version: description: 'The version number of the chart.' required: false + helm-ecr-aws-account-id: + description: 'AWS account ID for the helm ECR' + required: false + default: '' + helm-ecr-aws-region: + description: 'AWS region for the helm ECR' + required: false + default: '' runs: using: 'docker' image: 'Dockerfile' @@ -84,4 +91,6 @@ runs: REPO_NAME: ${{ inputs.repo-name }} REPO_USERNAME: ${{ inputs.repo-username }} REPO_PASSWORD: ${{ inputs.repo-password }} - CHART_VERSION: ${{ inputs.chart-version }} \ No newline at end of file + CHART_VERSION: ${{ inputs.chart-version }} + HELM_ECR_AWS_ACCOUNT_ID: ${{ inputs.helm-ecr-aws-account-id }} + HELM_ECR_AWS_REGION: ${{ inputs.helm-ecr-aws-region }} \ No newline at end of file diff --git a/deploy.sh b/deploy.sh index e3901c3..f39d88b 100755 --- a/deploy.sh +++ b/deploy.sh @@ -2,37 +2,39 @@ # Login to Kubernetes Cluster. if [ -n "$CLUSTER_ROLE_ARN" ]; then - aws eks \ - --region ${AWS_REGION} \ - update-kubeconfig --name ${CLUSTER_NAME} \ - --role-arn=${CLUSTER_ROLE_ARN} + aws eks \ + --region ${AWS_REGION} \ + update-kubeconfig --name ${CLUSTER_NAME} \ + --role-arn=${CLUSTER_ROLE_ARN} else - aws eks \ - --region ${AWS_REGION} \ - update-kubeconfig --name ${CLUSTER_NAME} + aws eks \ + --region ${AWS_REGION} \ + update-kubeconfig --name ${CLUSTER_NAME} +fi + +if [ ! -z ${HELM_ECR_AWS_ACCOUNT_ID} ] && [ ! -z ${HELM_ECR_AWS_REGION} ]; then + echo "Login AWS ECR repository ${HELM_ECR_AWS_ACCOUNT_ID}.dkr.ecr.${HELM_ECR_AWS_REGION}.amazonaws.com" + aws ecr get-login-password \ + --region ${HELM_ECR_AWS_REGION} | helm registry login \ + --username AWS \ + --password-stdin ${HELM_ECR_AWS_ACCOUNT_ID}.dkr.ecr.${HELM_ECR_AWS_REGION}.amazonaws.com fi # Helm Deployment -#################### -# Dependency Update -#################### # Verify local or remote repository -if [ -z ${HELM_CHART_NAME} ]; then - HELM_CHART_NAME=${DEPLOY_CHART_PATH%/*} +if [ -z ${HELM_CHART_NAME} ]; then + HELM_CHART_NAME=${DEPLOY_CHART_PATH%/*} fi if [ ! -z "$HELM_REPOSITORY" ]; then - #Verify basic auth - if [ ! -z ${REPO_USERNAME} ] && [ ! -z ${REPO_PASSWORD} ]; then - echo "Executing: helm repo add --username="${REPO_USERNAME}" --password="${REPO_PASSWORD}" ${HELM_CHART_NAME} ${HELM_REPOSITORY}" - helm repo add --username="${REPO_USERNAME}" --password="${REPO_PASSWORD}" ${HELM_CHART_NAME} ${HELM_REPOSITORY} - else - echo "Executing: helm repo add ${HELM_CHART_NAME} ${HELM_REPOSITORY}" - helm repo add ${HELM_CHART_NAME} ${HELM_REPOSITORY} - fi -else - echo "Executing: helm dependency update ${DEPLOY_CHART_PATH}" - helm dependency update ${DEPLOY_CHART_PATH} + # Verify basic user/pass auth + if [ ! -z ${REPO_USERNAME} ] && [ ! -z ${REPO_PASSWORD} ]; then + echo "Executing: helm repo add --username="${REPO_USERNAME}" --password="${REPO_PASSWORD}" ${HELM_CHART_NAME} ${HELM_REPOSITORY}" + helm repo add --username="${REPO_USERNAME}" --password="${REPO_PASSWORD}" ${HELM_CHART_NAME} ${HELM_REPOSITORY} + else + echo "Executing: helm repo add ${HELM_CHART_NAME} ${HELM_REPOSITORY}" + helm repo add ${HELM_CHART_NAME} ${HELM_REPOSITORY} + fi fi #################### @@ -40,26 +42,35 @@ fi #################### UPGRADE_COMMAND="helm upgrade -i --timeout ${TIMEOUT}" -for config_file in ${DEPLOY_CONFIG_FILES//,/ } -do - UPGRADE_COMMAND="${UPGRADE_COMMAND} -f ${config_file}" +for config_file in ${DEPLOY_CONFIG_FILES//,/ }; do + UPGRADE_COMMAND="${UPGRADE_COMMAND} -f ${config_file}" done + if [ -n "$DEPLOY_NAMESPACE" ]; then - UPGRADE_COMMAND="${UPGRADE_COMMAND} -n ${DEPLOY_NAMESPACE}" + UPGRADE_COMMAND="${UPGRADE_COMMAND} -n ${DEPLOY_NAMESPACE}" fi + if [ -n "$DEPLOY_VALUES" ]; then - UPGRADE_COMMAND="${UPGRADE_COMMAND} --set ${DEPLOY_VALUES}" + UPGRADE_COMMAND="${UPGRADE_COMMAND} --set ${DEPLOY_VALUES}" +fi + +# Dependency Update +if [ ${UPDATE_DEPS} == "true" ]; then + echo "Adding dependency update flag" + UPGRADE_COMMAND="${UPGRADE_COMMAND} --dependency-update" fi -if [ -z "$HELM_REPOSITORY" ]; then - UPGRADE_COMMAND="${UPGRADE_COMMAND} ${DEPLOY_NAME} ${DEPLOY_CHART_PATH}" +if [ -z "$HELM_REPOSITORY" ] && [ ! -z ${DEPLOY_CHART_PATH} ]; then + UPGRADE_COMMAND="${UPGRADE_COMMAND} ${DEPLOY_NAME} ${DEPLOY_CHART_PATH}" +elif [ ! -z ${HELM_ECR_AWS_ACCOUNT_ID} ] && [ ! -z ${HELM_ECR_AWS_REGION} ]; then + UPGRADE_COMMAND="${UPGRADE_COMMAND} ${DEPLOY_NAME} oci://${HELM_ECR_AWS_ACCOUNT_ID}.dkr.ecr.${HELM_ECR_AWS_REGION}.amazonaws.com/${HELM_CHART_NAME}" else - UPGRADE_COMMAND="${UPGRADE_COMMAND} ${DEPLOY_NAME} ${HELM_CHART_NAME}/${HELM_CHART_NAME}" + UPGRADE_COMMAND="${UPGRADE_COMMAND} ${DEPLOY_NAME} ${HELM_CHART_NAME}/${HELM_CHART_NAME}" fi if [ -n "$CHART_VERSION" ]; then - UPGRADE_COMMAND="${UPGRADE_COMMAND} --version ${CHART_VERSION}" + UPGRADE_COMMAND="${UPGRADE_COMMAND} --version ${CHART_VERSION}" fi - + echo "Executing: ${UPGRADE_COMMAND}" -${UPGRADE_COMMAND} \ No newline at end of file +${UPGRADE_COMMAND}