Skip to content

Add Helm chart OCI push to cloudbuild#81

Merged
k8s-ci-robot merged 1 commit intokubernetes-sigs:mainfrom
nojnhuh:helm-push
Mar 3, 2025
Merged

Add Helm chart OCI push to cloudbuild#81
k8s-ci-robot merged 1 commit intokubernetes-sigs:mainfrom
nojnhuh:helm-push

Conversation

@nojnhuh
Copy link
Contributor

@nojnhuh nojnhuh commented Mar 1, 2025
edited
Loading

These changes enable the Helm chart to be pushed as an OCI artifact to the staging repository. This is the rough release process I had in mind, hoping to gather feedback and iterate in this PR:

  1. We open a PR here to update the Chart.yaml's appVersion to match the new tag that will be created.
  2. A maintainer pushes a semver Git tag (e.g. v0.1.0) which matches the chart's new appVersion.
    • Prow kicks off an image build and pushes to the staging repo, resulting in the image us-central1-docker.pkg.dev/k8s-staging-images/dra-example-driver/dra-example-driver:v0.1.0.
  3. For the same commit, a maintainer pushes a chart/<semver> Git tag, (e.g. chart/0.12.0, no leading "v").
    • Prow similarly pushes the chart to us-central1-docker.pkg.dev/k8s-staging-images/charts/dra-example-driver:0.12.0
  4. Anyone can then open a PR to k8s.io that will promote the image and chart to registry.k8s.io (e.g. Kueue: Promote container images for v0.9.4 kubernetes/k8s.io#7830).
  5. A maintainer publishes a GitHub release.

@k8s-ci-robot k8s-ci-robot requested review from byako and klueska March 1, 2025 01:05
@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Mar 1, 2025
nojnhuh
nojnhuh commented Mar 1, 2025
View reviewed changes
deployments/helm/dra-example-driver/Chart.yaml
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "0.1.0"
appVersion: "v0.1.0"
Copy link
Contributor Author

@nojnhuh nojnhuh Mar 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think keeping the chart and image versions separate is worthwhile because it allows releasing a new version of the chart without building new images or publishing a whole GitHub release. Keeping those versions in lockstep can result in some awkward releases where only the chart was changed, but new equivalent images were built and a full Github release was published anyway. And it allows classifying changes as breaking/feature/bug separately between the image and the chart.

@nojnhuh nojnhuh mentioned this pull request Mar 1, 2025
Closed
@kannon92
Copy link
Contributor

kannon92 commented Mar 1, 2025

I would just publish the images and charts in the same step.

@nojnhuh
Copy link
Contributor Author

nojnhuh commented Mar 1, 2025

I would just publish the images and charts in the same step.

Makes sense. That might not be possible if the chart refers to the image by its digest if we can't determine that before the image is built. But that does cut out a few steps, so I think that's worthwhile. I'll update the description.

@kannon92
Copy link
Contributor

kannon92 commented Mar 1, 2025

In Kueue and Jobset we use this script to push helm charts.

https://github.com/kubernetes-sigs/kueue/blob/main/hack/push-chart.sh

Essentially our cloud build command pushes images and then pushes the helm charts. It’s built on each push. We tag the repo and then grab those sha for the image promotion.

byako
byako approved these changes Mar 3, 2025
View reviewed changes
Copy link
Contributor

@byako byako left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm, not adding a label because I'm not familiar with registry.k8s.io permissions.

@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Mar 3, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: byako, nojnhuh

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Mar 3, 2025
@pohly
Copy link
Contributor

pohly commented Mar 3, 2025

lgtm, not adding a label because I'm not familiar with registry.k8s.io permissions.

Neither am I, but I am not sure whether we have anyone better suited for a formal approval. Let's go ahead and refine if something doesn't work...

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Mar 3, 2025
@k8s-ci-robot k8s-ci-robot merged commit 5eb2322 into kubernetes-sigs:main Mar 3, 2025
6 checks passed
@nojnhuh nojnhuh deleted the helm-push branch March 3, 2025 15:52
@pohly pohly moved this from 🆕 New to ✅ Done in Dynamic Resource Allocation Mar 4, 2025
@nojnhuh nojnhuh mentioned this pull request Mar 4, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@klueska klueska Awaiting requested review from klueska

1 more reviewer

@byako byako byako approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@pohly pohly

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@nojnhuh @kannon92 @k8s-ci-robot @pohly @byako