Oracle Cloud Infrastructure Documentation

Adding a Helm Chart

Before adding the Helm chart for deployment, the chart must be located in the OCI Container Registry repository. You can package and push Helm chart to the Container Registry from the build pipeline. See Adding a Managed Build Stage. For deploying, see Deploying a Helm Chart.

The integrity of a Helm chart can be verified before the deployment. For this, the Helm chart must be signed through a valid Pretty Good Privacy (PGP) key pair in a binary format. See Helm Provenance and Integrity. The public key can be stored in an OCI vault or specified inline. If the public key is specified while adding the Helm chart artifact, then the verification occurs before deploying the Helm chart. If the verification fails, then the Helm chart isn't deployed.

You must create an artifact reference to point to the repository location containing the Helm chart. Before you create an artifact reference, you must have a DevOps project.

For accessing DevOps using the Oracle Cloud Console, REST API, and CLI, see Accessing DevOps.

    1. Open the navigation menu and click Developer Services. Under DevOps, click Projects.
    2. On the DevOps Projects page, select the project for which you want to add an artifact.
    3. On the details page of the project, from the left side, click Artifacts.
    4. On the Artifacts page, click Add artifact.
    5. In the Add artifact panel, provide the following details:
      1. Enter a name for the artifact.
      2. For Type, select Helm Chart.
      3. Enter Helm chart URL.

        For example, oci://<region-key>.ocir.io/<tenancy-namespace>/<repo-name> is the URL of a Helm chart located in the OCI Container Registry repository. Here <repo-name> is a repository in Container Registry.

      4. Enter the Helm chart version to be deployed.

        Follow the Semantic Versioning format while specifying the version. You can validate the version value against the regular expression, ^v?([0-9]+)(\.[0-9]+)?(\.[0-9]+)?(-([0-9A-Za-z\-]+(\.[0-9A-Za-z\-]+)*))?(\+([0-9A-Za-z\-]+(\.[0-9A-Za-z\-]+)*))?$

        You can also provide the chart version at runtime by entering the value as ${chartVersion}.

      5. (Optional) Select one of the given options to verify the Helm chart:
        1. None: No validation.
        2. Vault: Select the OCI vault and vault secret where the public key is stored.
        3. Inline public key: Enter the current public key encoded in base64. You can also specify the previous version of the public key to be used for key rotation.
      6. (Optional) To add tags to the artifact, click Show tagging options. Tagging is a metadata system that lets you organize and track the resources in the tenancy.

        If you have permissions to create a resource, you also have permissions to add free-form tags to that resource.

        To add a defined tag, you must have permissions to use the tag namespace.

        For more information, see Resource Tags.

    6. Click Add.

  • To add a Helm chart, run the create-helm-repository-artifact command:

    oci devops deploy-artifact create-helm-repository-artifact

    Required parameters:

    • --argument-substitution-mode

      Provide value as NONE.

    • --artifact-chart-url
    • --artifact-version
    • --artifact-type
    • --project-id

    To get all the commands for deploy-artifact:

    oci devops deploy-artifact -h

    To get help for the create-helm-repository-artifact command:

    oci devops deploy-artifact create-helm-repository-artifact -h

  • To add a Helm chart, use the CreateDeployArtifact operation. For the deployArtifactType attribute, specify the value as HELM_CHART.