Merge pull request #2737 from replicatedhq/helm-airgap-download

Helm airgap download instructions

Author: grantmiller

docs/partials/helm/_helm-install-prereqs.mdx

@@ -0,0 +1,5 @@
+* You must have a customer in the Replicated Vendor Portal with a valid email address. This email address is only used as a username for the Replicated registry and is never contacted. For more information about creating and editing customers in the Vendor Portal, see [Creating a Customer](/vendor/releases-creating-customer).
+
+* To ensure that the Replicated proxy registry can be used to grant proxy access to your application images during Helm installations, you must create an image pull secret for the proxy registry and add it to your Helm chart. To do so, follow the steps in [Using the Proxy Registry with Helm Installations](/vendor/helm-image-registry).
+
+* (Recommended) To install the Replicated SDK alongside the application, declare the SDK as a dependency. For more information, see [Install the SDK as a Subchart](replicated-sdk-installing#install-the-sdk-as-a-subchart) in _Installing the Replicated SDK_.

docs/vendor/helm-install-airgap.mdx

@@ -0,0 +1,103 @@
+import Prerequisites from "../partials/helm/_helm-install-prereqs.mdx"
+
+# Installing and Updating with Helm in Air Gap Environments (Alpha)
+
+:::note
+Air gap Helm installations are an Alpha feature. If you are interested in trying Helm air gap installations and providing feedback, please reach out to your account rep to enable this feature.
+:::
+
+## Overview
+
+Replicated supports installing and updating Helm charts in air gap environments with no outbound internet access. In air gap Helm installations, customers are guided through the process with instructions provided in the [Replicated Download Portal](/vendor/releases-share-download-portal).
+
+When air gap Helm installations are enabled, an **Existing cluster with Helm** option is displayed in the Download Portal on the left nav. When selected, **Existing cluster with Helm** displays three tabs (**Install**, **Manual Update**, **Automate Updates**), as shown in the screenshot below:
+
+![download helm option](/images/download-helm.png)
+
+[View a larger version of this image](/images/download-helm.png)
+
+Each tab provides instructions for how to install, perform a manual update, or configure automatic updates, respectively.
+
+These installing and updating instructions assume that your customer is accessing the Download Portal from a workstation that can access the internet and their internal private registry. Direct access to the target cluster is not required.
+
+Each method assumes that your customer is familiar with `curl`, `docker`, `helm`, `kubernetes`, and a bit of `bash`, particularly for automating updates.
+
+## Prerequisites
+
+Before you install, complete the following prerequisites:
+
+* Reach out to your account rep to enable the Helm air gap installation feature.
+
+<Prerequisites/>
+
+## Install
+
+The installation instructions provided in the Download Portal are designed to walk your customer through the first installation of your chart in an air gap environment.
+
+To install with Helm in an air gap environment:
+
+1. In the [Vendor Portal](https://vendor.replicated.com), go to **Customers > [Customer Name] > Reporting**.
+
+1. In the **Download portal** section, click **Visit download portal** to log in to the Download Portal for the customer.
+
+1. In the Download Portal left nav, click **Existing cluster with Helm**. 
+
+     ![download helm option](/images/download-helm.png)
+
+     [View a larger version of this image](/images/download-helm.png)
+
+1. On the **Install** tab, in the **App version** dropdown, select the target application version to install.
+
+1. Run the first command to authenticate into the Replicated proxy registry with the customer's credentials (the `license_id`).
+
+1. Under **Get the list of images**, run the command provided to generate the list of images needed to install.
+
+1. For **(Optional) Specify registry URI**, provide the URI for an internal image registry where you want to push images. If a registry URI is provided, Replicatd automatically updates the commands for tagging and pushing images with the URI.    
+
+1. For **Pull, tag, and push each image to your private registry**, copy and paste the docker commands provided to pull, tag, and push each image to your internal registry.
+
+    :::note
+    If you did not provide a URI in the previous step, ensure that you manually replace the image names in the `tag` and `push` commands with the target registry URI.
+    :::
+
+1. Run the command to authenticate into the OCI registry that contains your Helm chart.
+
+1. Run the command to install the `preflight` plugin. This allows you to run preflight checks before installing to ensure that the installation environment meets the requirements for the application.
+
+1. For **Determine install method**, select one of the options depending on your ability to access the internet and the cluster from your workstation.
+
+1. Run the `helm show values` command to download the default `values.yaml`. Then, edit the values as required. 
+
+    :::note
+    Replicated recommends that vendors provide detailed documentation that describes the values that customers need to configure. 
+    :::
+
+1. Finally, use the commands provided and the edited `values.yaml` to run preflight checks and install the release with Helm.
+
+## Perform Updates
+
+This section describes the processes of performing manual and automatic updates with Helm in air gap environments using the instructions provided in the Download Portal.
+
+### Manual Updates
+
+The manual update instructions provided in the Download Portal are similar to the installation instructions.
+
+However, the first step prompts the customer to select their current version an the target version to install. This step takes [required releases](/vendor/releases-about#properties) into consideration, thereby guiding the customer to the versions that are upgradable from their current version. 
+
+The additional steps are consistent with installation process until the `preflight` and `install` commands where customers provide the existing values from the cluster with the `helm get values` and `--reuse-values` commands.
+
+If the new version introduces new images or other values, Replicated recommends that you explain this at the top of your release notes so that customers know they will need to make additional edits to the `values.yaml` before installing. 
+
+### Automate Updates
+
+The instructions in the Download Portal for automating updates use API endpoints that your customers can automate against. 
+
+The instructions in the Download Portal provide customers with example commands that can be put into a script that they run periodically (nightly, weekly) using GitHub Actions, Jenkins, or other platforms.
+
+This method assumes that the customer has already done a successful manual installation, including the configuration of the appropriate `values`.
+
+After logging into the registry, the customer exports their current version and uses that to query an endpoint that provides the latest installable version number (either the next required release, or the latest release) and export it as the target version. With the target version, they can now query an API for the list of images. 
+
+With the list of images the provided `bash` script will automate the process of pulling updated images from the repository, tagging them with a name for an internal registry, and then pushing the newly tagged images to their internal registry. 
+
+With the assumption that the customer has set up the `values` to preserve the updated tag, they should now be able to login to the OCI registry and perform the commands to install the updated chart.

docs/vendor/helm-install-overview.mdx

@@ -0,0 +1,68 @@
+import HelmDiagramOverview from "../partials/helm/_helm-diagram-overview.mdx"
+import Helm from "../partials/helm/_helm-definition.mdx"
+
+# About Helm Installations with Replicated
+
+This topic provides an introduction to Helm installations for applications distributed with Replicated.
+
+## Overview
+
+<Helm/>
+
+Replicated strongly recommends that all applications are packaged using Helm because many enterprise users expect to be able to install an application with the Helm CLI. 
+
+Existing releases in the Replicated Platform that already support installation with Replicated KOTS and Replicated Embedded Cluster (and that include one or more Helm charts) can also be installed with the Helm CLI; it is not necessary to create and manage separate releases or channels for each installation method.
+
+The following diagram shows how Helm charts distributed with Replicated are installed with Helm in online (internet-connected) customer environments:
+
+<img src="/images/helm-install-diagram.png" alt="diagram of a helm chart in a custom environment" width="700px"/> 
+
+[View a larger version of this image](/images/helm-install-diagram.png)
+
+<HelmDiagramOverview/>
+
+For information about how to install with Helm, see:
+* [Installing with Helm](/vendor/install-with-helm)
+* [Installing and Updating with Helm in Air Gap Environments (Alpha)](helm-install-airgap)
+
+## About the `global.replicated` Helm Values
+
+When a customer installs your Helm chart from the Replicated registry, the Replicated registry injects values into the `global.replicated` field of the Helm chart values file.
+
+The following is an example of a Helm values file containing the `global.replicated` field injected by the Replicated registry:
+
+```yaml
+# Helm values.yaml
+global:
+  replicated:
+    channelName: Stable
+    customerEmail: [email protected]
+    customerName: Example Customer
+    dockerconfigjson: eyJhdXRocyI6eyJd1dIRk5NbEZFVGsxd2JGUmFhWGxYWm5scloyNVRSV1pPT2pKT2NGaHhUVEpSUkU1...
+    licenseFields:
+      expires_at:
+        description: License Expiration
+        name: expires_at
+        signature:
+          v1: iZBpESXx7fpdtnbMKingYHiJH42rP8fPs0x8izy1mODckGBwVoA... 
+        title: Expiration
+        value: "2023-05-30T00:00:00Z"
+        valueType: String
+    licenseID: YiIXRTjiB7R...
+    licenseType: dev
+```
+
+The values in the `global.replicated` field provide information about the following:
+* Details about the fields in the customer's license, such as the field name, description, signature, value, and any custom license fields that you define. You can use this license information to check license entitlments before the application is installed. For more information, see [Checking Entitlements in Helm Charts Before Deployment](/vendor/licenses-reference-helm).
+* A base64 encoded Docker configuration file. To proxy images from an external private registry with the Replicated proxy registry, you can use the `global.replicated.dockerconfigjson` field to create an image pull secret for the proxy registry. For more information, see [Proxying Images for Helm Installations](/vendor/helm-image-registry). 
+
+## Limitations
+
+Helm installations have the following limitations:
+
+* Installing with Helm in air gap environments is an Alpha feature. For more information, see [Installing and Updating with Helm in Air Gap Environments](/vendor/helm-install-airgap).
+* Helm CLI installations do not provide access to any of the features of the Replicated KOTS installer, such as:
+    * The KOTS Admin Console
+    * Strict preflight checks that block installation
+    * Backup and restore with snapshots
+    * Required releases with the **Prevent this release from being skipped during upgrades** option

docs/vendor/install-with-helm.md

@@ -1,65 +1,14 @@
-import HelmDiagramOverview from "../partials/helm/_helm-diagram-overview.mdx"
+import Prerequisites from "../partials/helm/_helm-install-prereqs.mdx"
 
 # Installing with Helm
 
 This topic describes how to use Helm to install releases that contain one or more Helm charts. For more information about the `helm install` command, including how to override values in a chart during installation, see [Helm Install](https://helm.sh/docs/helm/helm_install/) in the Helm documentation.
 
-## Overview
-
-The following diagram shows how Helm charts distributed with Replicated are installed with Helm in customer environments:
-
-<img src="/images/helm-install-diagram.png" alt="diagram of a helm chart in a custom environment" width="700px"/> 
-
-[View a larger version of this image](/images/helm-install-diagram.png)
-
-<HelmDiagramOverview/>
-
-### Replicated Helm Values
-
-When a customer installs your Helm chart from the Replicated registry, the Replicated registry injects values into the `global.replicated` field of the Helm chart values file.
-
-The following is an example of a Helm values file containing the `global.replicated` field injected by the Replicated registry:
-
-```yaml
-# Helm values.yaml
-global:
-  replicated:
-    channelName: Stable
-    customerEmail: [email protected]
-    customerName: Example Customer
-    dockerconfigjson: eyJhdXRocyI6eyJd1dIRk5NbEZFVGsxd2JGUmFhWGxYWm5scloyNVRSV1pPT2pKT2NGaHhUVEpSUkU1...
-    licenseFields:
-      expires_at:
-        description: License Expiration
-        name: expires_at
-        signature:
-          v1: iZBpESXx7fpdtnbMKingYHiJH42rP8fPs0x8izy1mODckGBwVoA... 
-        title: Expiration
-        value: "2023-05-30T00:00:00Z"
-        valueType: String
-    licenseID: YiIXRTjiB7R...
-    licenseType: dev
-```
-
-The values in the `global.replicated` field provide information about the following:
-* Details about the fields in the customer's license, such as the field name, description, signature, value, and any custom license fields that you define. You can use this license information to check license entitlments before the application is installed. For more information, see [Checking Entitlements in Helm Charts Before Deployment](/vendor/licenses-reference-helm).
-* A base64 encoded Docker configuration file. To proxy images from an external private registry with the Replicated proxy registry, you can use the `global.replicated.dockerconfigjson` field to create an image pull secret for the proxy registry. For more information, see [Proxying Images for Helm Installations](/vendor/helm-image-registry). 
-
-### Limitations
-
-Helm CLI installations do not provide access to any of the features of the Replicated KOTS installer, such as:
-* Air gap bundles for installations into air gapped environments
-* The KOTS Admin Console
-* Strict preflight checks that block installation
-* Backup and restore with snapshots
-* Required releases with the **Prevent this release from being skipped during upgrades** option
-
 ## Prerequisites
 
 Before you install, complete the following prerequisites:
 
-* You must have a customer in the Replicated Vendor Portal with a valid email address. This email address is only used as a username for the Replicated registry and is never contacted. For more information about creating and editing customers in the Vendor Portal, see [Creating a Customer](/vendor/releases-creating-customer).
-* (Recommended) To install the Replicated SDK alongside the application, declare the SDK as a dependency. For more information, see [Install the SDK as a Subchart](replicated-sdk-installing#install-the-sdk-as-a-subchart) in _Installing the Replicated SDK_.
+<Prerequisites/>
 
 ## Install
 

package.json

@@ -22,6 +22,7 @@
     "@types/node": "18.15.11",
     "@types/react": "18.3.5",
     "clsx": "^2.1.0",
+    "docusaurus": "^1.14.7",
     "loader-utils": "3.3.1",
     "prism-react-renderer": "^2.3.0",
     "react": "^18.2.0",

sidebars.js

@@ -488,7 +488,15 @@ const sidebars = {
       'reference/cron-expressions',
     ],
   },
-  'vendor/install-with-helm',
+  {
+    type: 'category',
+    label: 'Installing with Helm',
+    items: [
+      'vendor/helm-install-overview',
+      'vendor/install-with-helm',
+      'vendor/helm-install-airgap',
+    ],
+  },
   {
     type: 'category',
     label: 'Replicated SDK (Beta)',