Merge pull request #6 from appthrust/fix-gha2

add karpenter-aws-default-nodepool chart and ci: Add Helm chart release GitHub workflow

Author: kahirokunn

.github/workflows/release-helm.yml

@@ -0,0 +1,58 @@
+name: Release Helm Charts
+
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+
+jobs:
+  plan:
+    runs-on: ubuntu-latest
+    outputs:
+      charts: ${{ steps.plan.outputs.charts }}
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Plan
+        id: plan
+        run: |
+          CHART_PATHS=$(find charts -name 'Chart.yaml' -exec dirname {} \;)
+          CHARTS_JSON=$(echo "${CHART_PATHS}" | while read -r path; do
+            name=$(yq e '.name' "$path/Chart.yaml")
+            version=$(yq e '.version' "$path/Chart.yaml")
+            echo "{\"path\": \"$path\", \"name\": \"$name\", \"version\": \"$version\"}"
+          done | jq -s -c)
+          echo "charts=${CHARTS_JSON}" | tee -a "$GITHUB_OUTPUT"
+
+  push-chart:
+    needs: [plan]
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        charts: ${{ fromJson(needs.plan.outputs.charts) }}
+
+    env:
+      HELM_EXPERIMENTAL_OCI: 1
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup Helm
+        uses: azure/setup-helm@v4
+
+      - name: Helm login
+        run: echo "${{ secrets.GITHUB_TOKEN }}" | helm registry login ghcr.io -u ${{ github.repository_owner }} --password-stdin
+
+      - name: Package Helm Chart
+        run: |
+          helm package ${{ matrix.charts.path }} --destination packaged
+
+      - name: Push Helm Chart to GHCR
+        run: |
+          CHART_FILE=packaged/${{ matrix.charts.name }}-${{ matrix.charts.version }}.tgz
+          helm push $CHART_FILE oci://ghcr.io/appthrust/charts

.gitignore

@@ -31,3 +31,6 @@ references
 aws-creds-secret.yaml
 debug
 dist
+
+*.tgz
+.DS_Store

charts/karpenter/aws/default-nodepool/Chart.yaml

@@ -0,0 +1,6 @@
+apiVersion: v2
+name: karpenter-aws-default-nodepool
+description: A Helm chart for creating EC2NodeClass and NodePool resources for Karpenter
+type: application
+version: 0.1.0
+appVersion: "1.0"

charts/karpenter/aws/default-nodepool/templates/default.yaml

@@ -0,0 +1,49 @@
+{{- if not .Values.clusterName -}}
+{{- fail "The 'clusterName' value is required but not provided. Please set it in your values.yaml." -}}
+{{- end -}}
+---
+apiVersion: karpenter.k8s.aws/v1
+kind: EC2NodeClass
+metadata:
+  name: {{ .Values.name }}
+spec:
+  amiSelectorTerms:
+    - alias: bottlerocket@latest
+  role: {{ .Values.nodeRoleName | default (printf "%s-node" .Values.clusterName) | quote }}
+  subnetSelectorTerms:
+    - tags:
+        karpenter.sh/discovery: {{ .Values.clusterName | quote }}
+  securityGroupSelectorTerms:
+    - tags:
+        karpenter.sh/discovery: {{ .Values.clusterName | quote }}
+  tags:
+    karpenter.sh/discovery: {{ .Values.clusterName | quote }}
+---
+apiVersion: karpenter.sh/v1
+kind: NodePool
+metadata:
+  name: {{ .Values.name }}
+spec:
+  template:
+    spec:
+      nodeClassRef:
+        group: karpenter.k8s.aws
+        kind: EC2NodeClass
+        name: {{ .Values.name }}
+      requirements:
+        - key: "karpenter.k8s.aws/instance-category"
+          operator: In
+          values: ["c", "m", "r"]
+        - key: "karpenter.k8s.aws/instance-hypervisor"
+          operator: In
+          values: ["nitro"]
+        - key: "karpenter.k8s.aws/instance-generation"
+          operator: Gt
+          values: ["2"]
+  limits: {{ toYaml .Values.limits | nindent 4 }}
+  disruption:
+    consolidationPolicy: WhenEmptyOrUnderutilized
+    consolidateAfter: 1m
+    {{- with .Values.budgets }}
+    budgets: {{ toYaml . | nindent 6 }}
+    {{- end }}

charts/karpenter/aws/default-nodepool/values.yaml

@@ -0,0 +1,6 @@
+name: default
+clusterName:
+budgets:
+limits:
+  cpu: 1000
+nodeRoleName: