Manual Helm Chart Release
This guide explains how to manually trigger the build and publication of a Helm chart to the OCI registry (Docker Hub).
Overview
Helm charts are published to Docker Hub as OCI artifacts. The chart version follows the pattern:
<MAVEN_VERSION>-RELEASEFor example, if the project version in pom.xml is 1.2.4-SNAPSHOT, the Helm chart version will be 1.2.4-SNAPSHOT-RELEASE.
Triggering the Workflow
The Helm release is a manual GitHub Actions workflow (workflow_dispatch).
Workflow Process
The workflow performs these steps:
-
Checkout repository
-
Setup JDK with Maven caching
-
Initialize Helm via Maven:
mvn helm:init -
Login to Docker Hub using Helm registry login
-
Package and Push:
mvn helm:package helm:push
Workflow Configuration
name: 'Helm release'
on:
workflow_dispatch:
inputs:
maven-profiles:
description: 'Profile to activate during packaging. Defaults to dev.'
required: false
type: string
default: 'dev'
jdk-version:
description: 'JDK version to use. Defaults to 17.'
required: false
type: string
default: '17'
jobs:
helm-build:
name: 'Package and Push'
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up JDK
uses: actions/setup-java@v3
with:
java-version: ${{ inputs.jdk-version }}
distribution: 'temurin'
cache: maven
- name: Initialize Helm
run: mvn helm:init --batch-mode -P${{ inputs.maven-profiles }}
- name: Login to Docker Hub Registry
run: echo "${{ secrets.DOCKER_PAT }}" | helm registry login registry-1.docker.io -u christhonie --password-stdin
- name: Package and Push Helm Chart
run: mvn helm:package helm:push --batch-mode -P${{ inputs.maven-profiles }}Required Secrets
The workflow requires these GitHub secrets:
| Secret | Purpose |
|---|---|
|
Docker Hub Personal Access Token for pushing charts |
|
GitHub token for accessing private Maven dependencies |
Helm Chart Location
Charts are stored in Docker Hub under the christhonie namespace:
registry-1.docker.io/christhonie/<chart-name>:<version>Examples:
-
registry-1.docker.io/christhonie/registration-portal:1.2.4-SNAPSHOT-RELEASE -
registry-1.docker.io/christhonie/membership-ui:0.1.5-SNAPSHOT-RELEASE -
registry-1.docker.io/christhonie/event-admin-ui:0.1.11-SNAPSHOT-RELEASE
Verifying the Published Chart
After the workflow completes:
# Pull chart info
helm show chart oci://registry-1.docker.io/christhonie/<chart-name> --version <version>
# Pull chart locally
helm pull oci://registry-1.docker.io/christhonie/<chart-name> --version <version>Common Issues
Workflow Fails at helm:init
-
Ensure Maven dependencies are accessible
-
Check
EVENT_PACKAGE_REPO_TOKENsecret is valid -
Verify
pom.xmlhas correct helm-maven-plugin configuration
Maven Helm Plugin Configuration
The helm-maven-plugin in pom.xml controls chart packaging:
<plugin>
<groupId>io.kokuwa.maven</groupId>
<artifactId>helm-maven-plugin</artifactId>
<configuration>
<chartDirectory>src/main/helm</chartDirectory>
<chartVersion>${revision}-RELEASE</chartVersion>
<appVersion>${revision}</appVersion>
<uploadRepoStable>
<name>dockerhub</name>
<url>oci://registry-1.docker.io/christhonie</url>
<type>OCI</type>
</uploadRepoStable>
</configuration>
</plugin>Key configuration:
-
chartVersion: Appends-RELEASEto Maven revision -
appVersion: Uses Maven revision (matches Docker image tag) -
uploadRepoStable: OCI registry URL for Docker Hub