This GitHub repository is the official source for Sysdig's Helm charts.
For instructions about how to install charts from this repository, visit the public website at https://charts.sysdig.com
If you make changes to an existing chart, but do not change its version, nothing new will be published to the charts repository.
Checklist to comply-with when doing the PR
- Title of the PR starts with type and scope, for more details check Commit and PR tile guidelines
- Chart Version bumped
- Variables are documented in the README.md (or README.tpl in some charts)
- Check GithubAction checks (like lint) to avoid merge-check stoppers
- Changelogs and Release Notes are automated based on the commit messages using git-chglog
In order to automatically generate a meaningful changelog PR titles must respect the following rules (the same title must be used when merging it)
A Type must be specified, avalilable types are:
- feat
- fix
- refactor
- chore
- docs
A Scope should be always present, a few examples:
- (agent)
- (sysdig-deploy)
- (agent,node-analyzer,sysdig-deploy)
Full PR title example
feat(agent,node-analyzer,sysdig-deploy): add automated changelogs
If necessary it is possible to add extended details to a changelog entry by adding a special section in the commit body.
The custom section must start with Extended Changelog:
, in order to instruct the rendering engine to stop and avoid capturing things like Signed-off-by:
it is possible to add @@__CHGLOG_DELIMITER__@@
at the end of the section.
Example with Signed-off-by
Extended Changelog: Fixed 21 CVEs in total, the ones with high or critical severity are:
* CVE-2022-1941
* CVE-2022-1996
@@__CHGLOG_DELIMITER__@@
Signed-off-by: [email protected]
NOTE: Do not add the delimiter
@@__CHGLOG_DELIMITER__@@
at the end of the commit body as it will cause an error.
Example without Signed-off-by
Extended Changelog: Fixed 21 CVEs in total, the ones with high or critical severity are:
* CVE-2022-1941
* CVE-2022-1996
NOTE: While merging a PR with squash&merge the
Extended Changelog
section must be manually added to the body or the workflow won't be able to process it.
Although not usually recommended it is possible to manually add a changelog entry, the ci does a simple grep in the CHANGELOG.md
file and if the version being released is already present it will skip adding a new entry.
Make sure to comply with
lint
checks, running$ make lint
docs
autogeneration, based onvalues.yaml
. this does only apply to charts withREADME.tpl
templates (ex.: admission-controller)$ make docs
To do this automatically, you can install pre-commit plugin, configured in /.pre-commit-config.yaml
, to automate this step, and validate/detect the issues when committing from your local.
https://charts.sysdig.com is managed through GithubPages action.
.github/workflows/release.yml
will merge each charts/*/README.md
into the gh-pages
branch.
To add a new chart, create a directory inside charts with it contents at master branch.
When you commit it, it will be picked up by the GitHub action, and if it contains a chart and version that doesn't already exist in the charts repository, a new release with the package for the chart will be published on the GitHub repository,
and the list of all charts at index.yaml
on gh-pages branch will be updated on the charts repository.
TL;DR
When a commit to master includes a new version of a chart, a GitHub action will make it available on the charts repository.
With each commit to master, a GitHub action will compare all charts versions at the charts
folder on master branch with published versions at the index.yaml
chart list on gh-pages branch.
When it detects that the version in the folder doesn't exist in index.yaml
, it will create a release with the packaged chart content on the GitHub repository, and update index.yaml
to include it on the charts repository
.
index.yaml
is accesible from https://sysdiglabs.github.io/charts/index.yaml and is the list of all charts and their versions available when you interact with the charts repository using Helm.
The packaged referenced in index.yaml
, when it's updated using the GitHub action, will link for download to the URL provided by the GitHub repository release files.
You can find more information at: