Upload Helm charts to container registries
The Helm Push plugin streamlines the packaging and distribution of Helm charts to container registries.
For more information about why we created this plugin, go to the Harness blog post Push Helm Charts to Container Registries with Harness CI. For more information about the Helm commands used by this plugin, go to the Helm documentation on Using an OCI-based registry.
For general information about using plugins in CI pipelines, go to Explore plugins and Use Drone plugins.
Supported registries
Currently, this plugin supports pushing Helm charts to Docker Hub and Google Artifact Registry.
If you need to upload Helm charts to another to a Docker-compliant OCI registry that is not supported by this plugin, you can run the necessary helm commands in a Run step or use the Helm Push plugin as a basis to write your own plugin. For more information on the helm commands, go to the Helm documentation on Using an OCI-based registry.
Configure the Helm Push plugin
- Upload Helm charts to GAR
- Upload Helm charts to Docker Hub
To use the Helm Push plugin to upload Helm charts to GAR, add a Plugin step to your CI pipeline. For example:
- step:
type: Plugin
name: upload_helm_chart
identifier: upload_helm_chart
spec:
connectorRef: account.harnessImage
image: plugins/helm-push:ARCH_TAG
settings:
registry_url: LOCATION-docker.pkg.dev
registry_username: oauth2accesstoken
registry_password: <+secrets.getValue("access_token")>
chart_path: path/to/chart
gcloud_project_id: PROJECT_ID
registry_namespace: REPO_ID
To use the Helm Push plugin, configure the Plugin step settings as follows:
| Keys | Type | Description | Value example |
|---|---|---|---|
connectorRef | String | Select a Docker connector. Harness uses this connector to pull the plugin image. | account.harnessImage |
image | String | Enter plugins/helm-push:ARCH_TAG and replace ARCH_TAG with the relevant architecture tag to use. For a list of available tags, go to the Helm Push plugin README. | plugins/helm-push:linux-amd64 |
registry_url | String | Base URL for the Docker registry where the packaged chart will be published. For GAR, this must be LOCATION-docker.pkg.dev. Replace LOCATION with your GAR repository's regional or multi-regional location. | us-east4-docker.pkg.dev |
registry_username | String | For GAR, this must be oauth2accesstoken | oauth2accesstoken |
registry_password | String | Reference to a Harness text secret containing your GAR Helm access token. | <+secrets.getValue("docker_chart_registry_password")> |
chart_path | String | Path to the directory containing the Helm chart to upload, relative to the pipeline workspace. The default is /harness (the pipeline workspace root directory). | charts (navigates to /harness/charts) |
gcloud_project_id | String | Your Google Cloud project ID | my-project |
registry_namespace | String | Your GAR repository name where you want to publish the chart. | my-repo |
To use the Helm Push plugin to upload Helm charts to Docker Hub, add a Plugin step to your CI pipeline. For example:
- step:
type: Plugin
name: upload_helm_chart
identifier: upload_helm_chart
spec:
connectorRef: account.harnessImage
image: plugins/helm-push:ARCH_TAG
settings:
registry_url: registry.hub.docker.com
registry_username: DOCKER_USERNAME
registry_password: <secrets.getValue("docker_pat")>
chart_path: path/to/chart
registry_namespace: DOCKER_NAMESPACE
To use the Helm Push plugin, configure the Plugin step settings as follows:
| Keys | Type | Description | Value example |
|---|---|---|---|
connectorRef | String | Select a Docker connector. Harness uses this connector to pull the plugin image. | account.harnessImage |
image | String | Enter plugins/helm-push:ARCH_TAG and replace ARCH_TAG with the relevant architecture tag to use. For a list of available tags, go to the Helm Push plugin README. | plugins/helm-push:linux-amd64 |
registry_url | String | Base URL for the Docker registry where the packaged chart will be published. For Docker Hub, this must be registry.hub.docker.com | registry.hub.docker.com |
registry_username | String | Username to access your Docker Hub registry | hubuser |
registry_password | String | Reference to a Harness text secret containing a Docker Hub personal access token. | <+secrets.getValue("docker_pat")> |
chart_path | String | Path to the directory containing the Helm chart to upload, relative to the pipeline workspace. The default is /harness (the pipeline workspace root directory). | charts (navigates to /harness/charts) |
registry_namespace | String | The Docker namespace where you want to publish the Helm chart, such as your personal namespace or an org namespace. For more information, go to the Docker documentation on Pushing a Helm chart to Docker Hub. | myorg |
You can use variable expressions for plugin settings. For example, registry_username: <+stage.variables.docker_user_name> references a stage variable called DOCKER_USER_NAME.
Build logs and artifact files
When you run the pipeline, you can observe the step logs on the build details page and then find the Helm chart in your container registry.
Optionally, you can use the Artifact Metadata Publisher plugin to publish artifact URLs on the Artifacts tab. This makes it easier to find artifacts associated with specific builds.