-
Notifications
You must be signed in to change notification settings - Fork 226
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Host NFD Helm repo in gh-pages #457
Conversation
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: marquiz The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Needs some more testing... |
55730f8
to
8c8ae46
Compare
7a52c5e
to
b4f0b2d
Compare
This deployment using my personal Helm repo works:
It has v0.7.0 chart generated by the I think this is ready for review. It'd be good if someone more acquainted with Helm than me (e.g. @adrianchiris) would take a look 😉 |
b4f0b2d
to
1953251
Compare
Awesome @marquiz ! i will definitely dig into this PR. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi there @marquiz ! Sorry for the late response.
Overall, i think this change is good.
A couple of (naive) comments.
my next step is to fork and play around with this change.
Make the update-gh-pages.sh script to maintain a Helm charts repository under charts/ subdirectory in gh-pages. The script now (always) scans throught all release assets and injects any found Helm chart archives into the Helm repo. In practice, new assets in all Github releases are scanned and the Helm repo is updated on any update of the master or release branches or on any new tags. Asset ids are tracked/cached in order to avoid unnecessary downloads, but also, to capture any changes in assets that were already merged in the repo index. After this a user is able to do something like $ helm repo add nfd http://kubernetes-sigs.github.io/node-feature-discovery/charts ... $ helm repo update ... $ helm install nfd/node-feature-discovery --namespace nfd --create-namespace --generate-name ...
8f4b3ef
to
88a1613
Compare
Prepare a signed Helm chart package to be uploaded to the Github release page.
Capture process for Helm charts and remove some outdated bits.
@adrianchiris have you had the time to look at this? |
not since our last slack discussion, will get to it this week. |
That would be great as this is basically the last open PR blocking the release |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK, not a bash expert here but the code seems OK to me.
i have also tested the changes by doing a dummy release on my forked repo ensuring the chart can be downloaded and is of the correct version.
I wasnt able to verify the package with provenance file unfortunately, but that may be related to my gpg setup and helm quirks.
@marquiz were you able do do a helm verify on the package ?
other than that im lgtm on this.
Thanks for the review @adrianchiris! I thought I correctly verified the |
549807b
to
4e65178
Compare
Need to create the provenance file by hand as we mangle the name of the chart archive. However, this also provides better user experience (for the release manager) as gpg version 2.1 and later are supported.
4e65178
to
fd2dcc2
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
pulled the change,
after creating the chart package:
helm verify ./node-feature-discovery-chart-0.8.0.tgz
Signed by: Adrian Chiris <adrianc@nvidia.com>
Using Key With Fingerprint: 7E3B1541735B7D751CD2BB1BCC911D9D88FC463E
Chart Hash Verified: sha256:08932a483344cb5e3ef501083253fc8ab7bfe00f0463e6c06a2fe1bfa2851abd
Yeah, I also verified this locally. Not with |
@adrianchiris verified install from my personal repo now works:
|
Awsome ! /lgtm |
Awesome. :) Can someone add a reference to the repo to artifacthub.io please? |
under charts/ subdirectory in gh-pages. The script now (always) scans
throught all release assets and injects any found Helm chart archives
into the Helm repo. In practice, new assets in all Github releases are
scanned and the Helm repo is updated on any update of the master or
release branches or on any new tags. Asset ids are tracked/cached in
order to avoid unnecessary downloads, but also, to capture any changes
in assets that were already merged in the repo index.
Prepare a signed Helm chart package to be uploaded to the Github release page.
Capture process for Helm charts and remove some outdated bits.
I ended up this solution because:
gh-pages
branch stays fully automated. No need for manual pushes/PRs