add oci chart release for robusta

[DrFaust92]

closes #1801

[coderabbitai]

Walkthrough

Added GitHub Actions steps to authenticate with GitHub Container Registry and to package and push the Helm chart to an OCI registry (ghcr.io) during the release workflow.

Changes

Cohort / File(s)	Summary
Release workflow — GHCR login & Helm OCI publish .github/workflows/release.yaml	Added docker/login-action@v3 step to log in to ghcr.io using GITHUB_TOKEN; added steps to helm package the chart (helm/robusta) and helm push the produced robusta-${{ env.RELEASE_VER }}.tgz to oci://ghcr.io/${{ github.repository_owner }}/charts.

Sequence Diagram(s)

sequenceDiagram
  participant GH as GitHub Actions
  participant Runner as Workflow Runner
  participant GHCR as GitHub Container Registry (ghcr.io)
  participant HelmChart as Helm chart (repo/helm/robusta)

  rect rgba(150, 200, 250, 0.12)
    Note over GH,Runner: Release workflow starts
  end

  GH->>Runner: checkout + setup
  GH->>Runner: run docker/login-action@v3 (login to ghcr.io)
  Runner->>GHCR: authenticate (GITHUB_TOKEN)
  GH->>Runner: helm package helm/robusta -> robusta-<RELEASE_VER>.tgz
  Runner->>GHCR: helm push robusta-<RELEASE_VER>.tgz to oci://ghcr.io/.../charts
  GHCR-->>Runner: accept/publish chart
  GH->>GH: workflow completes

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

• Single workflow file changed; configuration-only additions.
• Pay attention to:
  • correct use of ${{ env.RELEASE_VER }} and tarball name consistency,
  • helm push OCI syntax and presence of necessary Helm plugins/version,
  • appropriate permissions for GITHUB_TOKEN to publish to ghcr.io.

Pre-merge checks and finishing touches

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The pull request title 'add oci chart release for robusta' accurately summarizes the main change: adding OCI chart release capability to the Robusta workflow.
Description check	✅ Passed	The pull request description 'closes #1801' is relevant and links to the corresponding issue for OCI Helm chart publishing.
Linked Issues check	✅ Passed	The PR adds workflow steps to login to GitHub Container Registry and push Helm charts to OCI registry, directly addressing issue #1801's requirement to publish Helm charts to OCI repositories.
Out of Scope Changes check	✅ Passed	All changes are scoped to adding OCI chart release functionality in the GitHub Actions workflow, which is directly aligned with the linked issue #1801 requirements.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b19d53e and 2cb9d5c.

📒 Files selected for processing (1)

• .github/workflows/release.yaml (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• .github/workflows/release.yaml

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: run_tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 2618af6 and b19d53e.

📒 Files selected for processing (1)

• .github/workflows/release.yaml (3 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: run_tests

🔇 Additional comments (2)

.github/workflows/release.yaml (2)

127-132: GitHub Container Registry login looks good.

The GHCR login is correctly configured with the standard docker/login-action@v3, ghcr.io registry, and GITHUB_TOKEN for authentication. The workflow permissions include packages: write, which is appropriate.

---

134-137: All helm push configuration verified as correct.

The three concerns have been confirmed:

1. The helm push syntax for OCI registries in helm v3+ uses the format helm push <archive>.tgz oci://<registry>/<repo>, which matches your code.

2. Filename matching will work: Chart.yaml version is updated to ${{env.RELEASE_VER}} (lines 49, 51) before helm package helm/robusta executes, so the generated .tgz will be named robusta-${{env.RELEASE_VER}}.tgz as expected.

3. GHCR authentication is properly configured via the docker/login-action@v3 step (lines 127-132) with ${{ secrets.GITHUB_TOKEN }} before the helm push command.

The implementation is correct. Consider adding an explicit helm setup step if reproducibility across different runners is desired, but it's not required since helm is typically pre-installed on ubuntu-latest.