In my previous post, we briefly covered how to publish a Helm chart to ACR using Azure DevOps. In this post we will use GitHub actions to build and publish Helm chart to ACR using GitHub Actions. We will also take a sneak peak how GitHub environments work.

Pre-requisites

I am going to assume ACR instance is setup using repository scoped tokens. Since we already covered setting up of ACR this way in the earlier post, I will not include the steps here.

Setting up secrets at GitHub

We would like store Azure Container Registry’s tokens as GitHub repository level secrets. To do that, click on Settings on the repository page and head to Secrets tab. Finally click on New repository secret and add the token name and the password. I have stored token name as ACR_PUSH_USER and token password as ACR_PUSH_TOKEN.

Add repository secrets

Creating the workflow in GitHub Actions

Publish chart to ACR

The first step is to create an yaml file under .github\workflows folder and setup a basic structure. The first things (see the yaml below) are defining name for the action, currently set to trigger via manual trigger using workflow_dispatch and define few environment variables which we are going to use later in the action.

name: ci

on: 
  workflow_dispatch:

env:
  HELM_EXPERIMENTAL_OCI: 1
  HELM_VERSION_TO_INSTALL: 3.5.0
  ACR_NAME: acrdemoutkarsh
  ACR_REPO_NAME: helmdemo/vote-app

The first environment variable conveys to ACR that we are going to publish a OCI package. Next couple of variables just define version of Helm we need on the runner, our ACR name to which we are going to publish this chart and finally to the repository we are publishing this chart to (used in below sections).

Installing Helm 3 on the agent

Now that we have all the variables defined, we need add jobs and steps to build our workflow to publish charts to ACR. We then need to install Helm tool on the agent before we can run the Helm commands. We do that using yaml below.

jobs:
  build:
    name: publish acr
    runs-on: ubuntu-latest
    environment: prod
    steps:
      - uses: actions/checkout@v2
        name: checkout repo
      
      - name: install helm
        uses: Azure/setup-helm@v1
        with:
          version: ${{ env.HELM_VERSION_TO_INSTALL }}# default is latest

As you can see, we have one job named build (which will be displayed as publish acr - see screenshot below) which runs on ubuntu-latest agent. We also are targeting our deployment to an environment prod. Environments in GitHub are cool because you can have approvers, additional protection rules for environments and environment specific secrets. In the screenshot below, notice how the flow is waiting for review.

Next, we checkout the repository and using setup-helm task from Azure repo we install the specific version (3.5.0) of Helm.

Login to the ACR using Helm

Next, we need to login to ACR registry using Helm tool.

- name: login to acr using helm
  run: |
    echo $ | helm registry login $.azurecr.io --username $ --password-stdin 

Save and push the chart to ACR

Next we need to save the chart directory to local cache and publish it to ACR.

- name: save helm chart to local registry
  run: |
    helm chart save $/src/azure-vote-helm-chart/ $.azurecr.io/$:latest
      
- name: publish chart to acr
  run: |
    helm chart push $.azurecr.io/$:latest

Run the workflow, and you will see output as below.

Go to ACR and you will see char correctly published to helmdemo/vote-app repository as declared in the env section above.

Conclusion

In this post, you saw how easily we can deploy a OCI package (helm3 chart) to ACR using GitHub actions. We also saw how GitHub environments help you approve changes to the environment. Hope you enjoyed reading this post.


About author
Utkarsh Shigihalli
Utkarsh Shigihalli
Utkarsh is passionate about software development and has experience in the areas of Azure, Azure DevOps, C# and TypeScript. Over the years he has worked as an architect, independent consultant and manager in many countries including India, United States, Netherlands and United Kingdom. He is a Microsoft MVP and has developed numerous extensions for Visual Studio, Visual Studio Code and Azure DevOps.
We Are
  • onlyutkarsh
    Utkarsh Shigihalli
    Microsoft MVP, Technologist & DevOps Coach


  • arora_tarun
    Tarun Arora
    Microsoft MVP, Author & DevOps Coach at Avanade

Do you like our posts? Subscribe to our newsletter!
Our Book