feat: add support for aws ecr helm repository

README.md

@@ -8,27 +8,29 @@ GitHub action for deploying to AWS EKS clusters using helm.
 
 Following inputs can be used as `step.with` keys
 
-| Name             | Type    | Description                        |
-|------------------|---------|------------------------------------|
-| `aws-secret-access-key`          | String  | AWS secret access key part of the aws credentials. This is used to login to EKS. |
-| `aws-access-key-id`      | String  | AWS access key id part of the aws credentials. This is used to login to EKS. |
-| `aws-region`      | String  | AWS region to use. This must match the region your desired cluster lies in. |
-| `cluster-name`      | String  | The name of the desired cluster. |
-| `cluster-role-arn`      | String  | If you wish to assume an admin role, provide the role arn here to login as. |
-| `config-files`      | String  | Comma separated list of helm values files. |
-| `namespace`      | String  | Kubernetes namespace to use. |
-| `values`      | String  | Comma separates list of value set for helms. e.x: key1=value1,key2=value2 |
-| `name`      | String  | The name of the helm release |
-| `chart-path`      | String  | The path to the chart. (defaults to `helm/`) (For local repo)|
-| `chart-repository`    | String | The URL of the chart repository. (For remote repo)|
-| `chart-name`    | String | Helm chart name inside the repository. (For remote repo)|
-| `repo-username`   | String | Username for repository basic auth|
-| `repo-password`   | String | Password for repository basic auth|
-| `chart-version`   | String | The version number of the chart|
+| Name                      | Type   | Description                                                                      |
+|---------------------------|--------|----------------------------------------------------------------------------------|
+| `aws-secret-access-key`   | String | AWS secret access key part of the aws credentials. This is used to login to EKS. |
+| `aws-access-key-id`       | String | AWS access key id part of the aws credentials. This is used to login to EKS.     |
+| `aws-region`              | String | AWS region to use. This must match the region your desired cluster lies in.      |
+| `cluster-name`            | String | The name of the desired cluster.                                                 |
+| `cluster-role-arn`        | String | If you wish to assume an admin role, provide the role arn here to login as.      |
+| `config-files`            | String | Comma separated list of helm values files.                                       |
+| `namespace`               | String | Kubernetes namespace to use.                                                     |
+| `values`                  | String | Comma separates list of value set for helms. e.x: key1=value1,key2=value2        |
+| `name`                    | String | The name of the helm release                                                     |
+| `chart-path`              | String | The path to the chart. (For local helm chart)                                    |
+| `chart-repository`        | String | The URL of the chart repository. (For remote repo)                               |
+| `chart-name`              | String | Helm chart name inside the repository. (For remote repo)                         |
+| `repo-username`           | String | Username for repository basic auth                                               |
+| `repo-password`           | String | Password for repository basic auth                                               |
+| `chart-version`           | String | The version number of the chart                                                  |
+| `helm-ecr-aws-account-id` | String | AWS account ID for the helm ECR                                                  |
+| `helm-ecr-aws-region`     | String | AWS region for the helm ECR                                                      |
 
 
 ## Example usage
-#### Local repository
+### Local repository
 
 ```yaml
 uses: craftech-io/eks-helm-deploy-action@v1
@@ -44,7 +46,7 @@ with:
   name: release_name
 ```
 
-#### Remote repository
+### Remote repository
 
 ```yaml
 uses: craftech-io/eks-helm-deploy-action@v1
@@ -62,7 +64,7 @@ with:
   name: release_name
 ```
 
-#### Remote repository w/basic auth
+### Remote repository w/basic auth
 
 ```yaml
 uses: craftech-io/eks-helm-deploy-action@v1
@@ -80,4 +82,23 @@ with:
   namespace: dev
   values: key1=value1,key2=value2
   name: release_name
+```
+
+### AWS ECR helm repository
+
+```yaml
+uses: craftech-io/eks-helm-deploy-action@v3
+with:
+  aws-access-key-id: ${{ secrets.AWS_ACCESS__KEY_ID }}
+  aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+  aws-region: us-west-2
+  cluster-name: mycluster
+  config-files: .github/values/dev.yaml
+  chart-name: example
+  chart-version: 1.0.0
+  namespace: dev
+  values: key1=value1,key2=value2
+  name: release_name
+  helm-ecr-aws-account-id: 111111111111111
+  helm-ecr-aws-region: us-west-2
 ```

action.yaml

@@ -12,9 +12,8 @@ inputs:
         description: 'AWS credentials used to login to eks.'
         required: true
     aws-region:
-        description: 'AWS region to use (default: us-west-2)'
+        description: 'AWS region to use'
         required: true
-        default: us-west-2
     cluster-name:
         description: 'EKS cluster name.'
         required: true
@@ -36,7 +35,7 @@ inputs:
     chart-path:
         description: 'The path of the chart.'
         required: false
-        default: 'helm/'
+        default: ''
     chart-repository:
         description: 'The repository of the chart.'
         required: false
@@ -46,7 +45,7 @@ inputs:
     timeout:
         description: 'Timeout for the job.'
         required: true
-        default: 0
+        default: '0'
     update-deps:
         description: 'Update chart dependencies'
         required: false
@@ -63,6 +62,14 @@ inputs:
     chart-version:
         description: 'The version number of the chart.'
         required: false
+    helm-ecr-aws-account-id:
+        description: 'AWS account ID for the helm ECR'
+        required: false
+        default: ''
+    helm-ecr-aws-region:
+        description: 'AWS region for the helm ECR'
+        required: false
+        default: ''
 runs:
     using: 'docker'
     image: 'Dockerfile'
@@ -84,4 +91,6 @@ runs:
         REPO_NAME: ${{ inputs.repo-name }}
         REPO_USERNAME: ${{ inputs.repo-username }}
         REPO_PASSWORD: ${{ inputs.repo-password }}
-        CHART_VERSION: ${{ inputs.chart-version }}
+        CHART_VERSION: ${{ inputs.chart-version }}
+        HELM_ECR_AWS_ACCOUNT_ID: ${{ inputs.helm-ecr-aws-account-id }}
+        HELM_ECR_AWS_REGION: ${{ inputs.helm-ecr-aws-region }}

deploy.sh

@@ -2,64 +2,75 @@
 
 # Login to Kubernetes Cluster.
 if [ -n "$CLUSTER_ROLE_ARN" ]; then
-    aws eks \
-        --region ${AWS_REGION} \
-        update-kubeconfig --name ${CLUSTER_NAME} \
-        --role-arn=${CLUSTER_ROLE_ARN}
+  aws eks \
+    --region ${AWS_REGION} \
+    update-kubeconfig --name ${CLUSTER_NAME} \
+    --role-arn=${CLUSTER_ROLE_ARN}
 else
-    aws eks \
-        --region ${AWS_REGION} \
-        update-kubeconfig --name ${CLUSTER_NAME} 
+  aws eks \
+    --region ${AWS_REGION} \
+    update-kubeconfig --name ${CLUSTER_NAME}
+fi
+
+if [ ! -z ${HELM_ECR_AWS_ACCOUNT_ID} ] && [ ! -z ${HELM_ECR_AWS_REGION} ]; then
+  echo "Login AWS ECR repository ${HELM_ECR_AWS_ACCOUNT_ID}.dkr.ecr.${HELM_ECR_AWS_REGION}.amazonaws.com"
+  aws ecr get-login-password \
+    --region ${HELM_ECR_AWS_REGION} | helm registry login \
+    --username AWS \
+    --password-stdin ${HELM_ECR_AWS_ACCOUNT_ID}.dkr.ecr.${HELM_ECR_AWS_REGION}.amazonaws.com
 fi
 
 # Helm Deployment
 
-####################
-# Dependency Update
-####################
 # Verify local or remote repository
-if [  -z  ${HELM_CHART_NAME} ]; then
-    HELM_CHART_NAME=${DEPLOY_CHART_PATH%/*}
+if [ -z ${HELM_CHART_NAME} ]; then
+  HELM_CHART_NAME=${DEPLOY_CHART_PATH%/*}
 fi
 if [ ! -z "$HELM_REPOSITORY" ]; then
-    #Verify basic auth
-    if [ ! -z ${REPO_USERNAME} ] && [ ! -z ${REPO_PASSWORD} ]; then
-        echo "Executing: helm repo add  --username="${REPO_USERNAME}" --password="${REPO_PASSWORD}" ${HELM_CHART_NAME} ${HELM_REPOSITORY}"
-        helm repo add  --username="${REPO_USERNAME}" --password="${REPO_PASSWORD}" ${HELM_CHART_NAME} ${HELM_REPOSITORY}
-    else
-        echo "Executing: helm repo add ${HELM_CHART_NAME} ${HELM_REPOSITORY}"
-        helm repo add ${HELM_CHART_NAME} ${HELM_REPOSITORY}
-    fi
-else
-    echo "Executing: helm dependency update ${DEPLOY_CHART_PATH}"
-    helm dependency update ${DEPLOY_CHART_PATH}
+  # Verify basic user/pass auth
+  if [ ! -z ${REPO_USERNAME} ] && [ ! -z ${REPO_PASSWORD} ]; then
+    echo "Executing: helm repo add  --username="${REPO_USERNAME}" --password="${REPO_PASSWORD}" ${HELM_CHART_NAME} ${HELM_REPOSITORY}"
+    helm repo add --username="${REPO_USERNAME}" --password="${REPO_PASSWORD}" ${HELM_CHART_NAME} ${HELM_REPOSITORY}
+  else
+    echo "Executing: helm repo add ${HELM_CHART_NAME} ${HELM_REPOSITORY}"
+    helm repo add ${HELM_CHART_NAME} ${HELM_REPOSITORY}
+  fi
 fi
 
 ####################
 # Helm upgrade
 ####################
 
 UPGRADE_COMMAND="helm upgrade -i --timeout ${TIMEOUT}"
-for config_file in ${DEPLOY_CONFIG_FILES//,/ }
-do
-    UPGRADE_COMMAND="${UPGRADE_COMMAND} -f ${config_file}"
+for config_file in ${DEPLOY_CONFIG_FILES//,/ }; do
+  UPGRADE_COMMAND="${UPGRADE_COMMAND} -f ${config_file}"
 done
+
 if [ -n "$DEPLOY_NAMESPACE" ]; then
-    UPGRADE_COMMAND="${UPGRADE_COMMAND} -n ${DEPLOY_NAMESPACE}"
+  UPGRADE_COMMAND="${UPGRADE_COMMAND} -n ${DEPLOY_NAMESPACE}"
 fi
+
 if [ -n "$DEPLOY_VALUES" ]; then
-    UPGRADE_COMMAND="${UPGRADE_COMMAND} --set ${DEPLOY_VALUES}"
+  UPGRADE_COMMAND="${UPGRADE_COMMAND} --set ${DEPLOY_VALUES}"
+fi
+
+# Dependency Update
+if [ ${UPDATE_DEPS} == "true" ]; then
+  echo "Adding dependency update flag"
+  UPGRADE_COMMAND="${UPGRADE_COMMAND} --dependency-update"
 fi
 
-if [ -z "$HELM_REPOSITORY" ]; then
-    UPGRADE_COMMAND="${UPGRADE_COMMAND} ${DEPLOY_NAME} ${DEPLOY_CHART_PATH}"
+if [ -z "$HELM_REPOSITORY" ] && [ ! -z ${DEPLOY_CHART_PATH} ]; then
+  UPGRADE_COMMAND="${UPGRADE_COMMAND} ${DEPLOY_NAME} ${DEPLOY_CHART_PATH}"
+elif [ ! -z ${HELM_ECR_AWS_ACCOUNT_ID} ] && [ ! -z ${HELM_ECR_AWS_REGION} ]; then
+  UPGRADE_COMMAND="${UPGRADE_COMMAND} ${DEPLOY_NAME} oci://${HELM_ECR_AWS_ACCOUNT_ID}.dkr.ecr.${HELM_ECR_AWS_REGION}.amazonaws.com/${HELM_CHART_NAME}"
 else
-    UPGRADE_COMMAND="${UPGRADE_COMMAND} ${DEPLOY_NAME} ${HELM_CHART_NAME}/${HELM_CHART_NAME}"
+  UPGRADE_COMMAND="${UPGRADE_COMMAND} ${DEPLOY_NAME} ${HELM_CHART_NAME}/${HELM_CHART_NAME}"
 fi
 
 if [ -n "$CHART_VERSION" ]; then
-    UPGRADE_COMMAND="${UPGRADE_COMMAND} --version ${CHART_VERSION}"
+  UPGRADE_COMMAND="${UPGRADE_COMMAND} --version ${CHART_VERSION}"
 fi
-    
+
 echo "Executing: ${UPGRADE_COMMAND}"
-${UPGRADE_COMMAND}
+${UPGRADE_COMMAND}