diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 0000000..39178a3 --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,27 @@ +name: Release Charts + +on: + push: + branches: + - main + +jobs: + release: + permissions: + contents: write + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Configure git + run: | + git config user.name "$GITHUB_ACTOR" + git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + + - name: Run chart-releaser + uses: helm/chart-releaser-action@v1.6.0 + env: + CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/README.md b/README.md index 8b1dede..258ccad 100644 --- a/README.md +++ b/README.md @@ -3,4 +3,22 @@ Helm Charts for use with the [cluster-templates-operator](https://github.com/stolostron/cluster-templates-operator/). Refer to the Operator's documentation for more information. -See [index.yaml](index.yaml) for available charts. +To install a chart/create a cluster (and infra/iam): + +```shell +helm install --wait --wait-for-jobs --timeout 20m my-cluster +``` + +To uninstall a chart/destroy a cluster (and infra/iam): + +```shell +helm uninstall --timeout 20m my-cluster +``` + +## Releases + +A GitHub Actions [workflow](.github/workflows/release.yaml) is used to automatically release new +charts upon merge to the `main` branch. + +The chart repository is hosted with GitHub Pages and located at +https://konflux-ci.dev/cluster-template-charts. diff --git a/charts/hypershift-aws-template/Chart.yaml b/charts/hypershift-aws-template/Chart.yaml new file mode 100644 index 0000000..cce238a --- /dev/null +++ b/charts/hypershift-aws-template/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: hypershift-aws-template +description: A Helm chart for provisioning a hypershift cluster with a single NodePool in AWS + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.0.1 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "0.0.1" diff --git a/charts/hypershift-aws-template/templates/create-cluster-job.yaml b/charts/hypershift-aws-template/templates/create-cluster-job.yaml new file mode 100644 index 0000000..a5df759 --- /dev/null +++ b/charts/hypershift-aws-template/templates/create-cluster-job.yaml @@ -0,0 +1,53 @@ +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: create-cluster-{{ .Release.Name }} + namespace: {{ .Release.Namespace }} +spec: + template: + metadata: + name: create-cluster-{{ .Release.Name }} + spec: + serviceAccountName: {{ .Values.serviceAccount }} + restartPolicy: Never + containers: + - name: hypershift + image: quay.io/hypershift/hypershift-operator:{{ .Values.hypershiftImageTag }} + args: + - create + - cluster + - aws + - --name + - {{ .Release.Name }} + - --infra-id + - {{ .Release.Name | trunc -12 }} + - --secret-creds + - {{ .Values.secret }} + - --region + - {{ .Values.region }} + - --arch + {{- if hasPrefix "m6g." .Values.instanceType }} + - arm64 + {{- else }} + - amd64 + {{- end }} + - --instance-type + - {{ .Values.instanceType }} + - --node-pool-replicas + - "{{ .Values.nodePoolReplicas }}" + - --release-image + - quay.io/openshift-release-dev/ocp-release:{{ .Values.version }}-multi + - --control-plane-availability-policy + - SingleReplica + - --infra-availability-policy + - SingleReplica + - --annotations + - argocd.argoproj.io/tracking-id={{ .Release.Name }}:hypershift.openshift.io/HostedCluster:{{ .Release.Namespace }}/{{ .Release.Name }} + - --annotations + - argocd.argoproj.io/compare-options=IgnoreExtraneous + - --annotations + - argocd.argoproj.io/sync-options=Prune=false,Delete=false + - --timeout + - 20m + - --wait diff --git a/charts/hypershift-aws-template/templates/destroy-cluster-job.yaml b/charts/hypershift-aws-template/templates/destroy-cluster-job.yaml new file mode 100644 index 0000000..352fc51 --- /dev/null +++ b/charts/hypershift-aws-template/templates/destroy-cluster-job.yaml @@ -0,0 +1,35 @@ +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: destroy-cluster-{{ .Release.Name }} + namespace: {{ .Release.Namespace }} + annotations: + helm.sh/hook: post-delete + helm.sh/hook-delete-policy: hook-succeeded + argocd.argoproj.io/hook: PostDelete + argocd.argoproj.io/hook-delete-policy: HookSucceeded +spec: + template: + metadata: + name: destroy-cluster-{{ .Release.Name }} + spec: + serviceAccountName: {{ .Values.serviceAccount }} + restartPolicy: Never + containers: + - name: hypershift + image: quay.io/hypershift/hypershift-operator:{{ .Values.hypershiftImageTag }} + args: + - destroy + - cluster + - aws + - --name + - {{ .Release.Name }} + - --infra-id + - {{ .Release.Name | trunc -12 }} + - --secret-creds + - {{ .Values.secret }} + - --region + - {{ .Values.region }} + - --base-domain + - {{ .Values.baseDomain }} diff --git a/charts/hypershift-aws-template/values.schema.json b/charts/hypershift-aws-template/values.schema.json new file mode 100644 index 0000000..fc7a8cb --- /dev/null +++ b/charts/hypershift-aws-template/values.schema.json @@ -0,0 +1,54 @@ +{ + "$schema": "http://json-schema.org/schema#", + "type": "object", + "required": [ + "baseDomain", + "hypershiftImageTag", + "instanceType", + "nodePoolReplicas", + "region", + "secret", + "serviceAccount", + "version" + ], + "properties": { + "baseDomain": { + "description": "Base domain already configured in AWS Route53", + "type": "string" + }, + "hypershiftImageTag": { + "description": "Container image tag for the hypershift CLI", + "type": "string" + }, + "instanceType": { + "type": "string", + "description": "AWS EC2 instance type for worker nodes. Use m5.* for amd64 and m6g.* for arm64.", + "enum": [ + "m5.large", "m5.xlarge", "m5.2xlarge", + "m6g.large", "m6g.xlarge", "m6g.2xlarge" + ] + }, + "nodePoolReplicas": { + "type": "integer", + "description": "Size of the worker node pool", + "maximum": 3, + "minimum": 2 + }, + "region": { + "type": "string", + "description": "AWS region where the cluster will be provisioned" + }, + "secret": { + "type": "string", + "description": "Name of the secret containing the credentials for hypershift (AWS account creds, OCP pull secret, SSH keypairs, and base domain)" + }, + "serviceAccount": { + "type": "string", + "description": "Service account used for the workload" + }, + "version": { + "type": "string", + "description": "OpenShift version" + } + } +} diff --git a/charts/hypershift-aws-template/values.yaml b/charts/hypershift-aws-template/values.yaml new file mode 100644 index 0000000..d5a4e62 --- /dev/null +++ b/charts/hypershift-aws-template/values.yaml @@ -0,0 +1,13 @@ +# Default values for hypershift-aws-template. + +hypershiftImageTag: latest + +instanceType: m5.large + +nodePoolReplicas: 2 + +region: us-east-1 + +secret: hypershift + +serviceAccount: cluster-provisioner