External

• https://spinnaker.io/docs/guides/user/kubernetes-v2/deploy-helm/

Internal

• Spinnaker Concepts
• Create a Deployment Pipeline
• Deploy (Manifest)

Overview

This stage renders the final form of a manifest or a multi-document manifest set, using a template renderer such as Helm.

Configuration

Add stage → Type: Bake (Manifest)

Type: Bake (Manifest)

Stage Name: Render Helm Chart

Bake (Manifest) Configuration

Template Renderer

Render Engine: HELM3

Helm Options

Name

A name that represents the artifact produced by this stage. It is logically equivalent to Helm Chart.yaml .Chart.Name.

The most obvious choice is to use the same value as the one carried by Chart.yaml. If a different value is used, the behavior depends on the chart implementation.

The value is referred in several places in the internal representation of the stage, and it is used in the definition of the externally exported artifact, defined in the Produces Artifacts section. It also surfaces in the name of the Kubernetes resources created after chart deployment.

Namespace

The target namespace to release into. If not specified, "default" will be used. ⚠️ There were (yet not elucidated) situations when even if a specific namespace was configured here, the deployment went to "default". That was fixed by overriding the namespace in the Deploy (Manifest) stage.

That is why it's probably best to make it explicit: "will-be-overridden-by-subsequent-stages"

Template Artifact

Expected Artifact → Define Artifact → "Artifact from execution context".

To define the helm chart to render, there are two choices: Helm repository or GitHub repository. In both cases, the chart to be deployed must be stored remotely as a .tar.gz archive.

GitHub Repository for Helm Chart

Account: GitHub

Content URL: https://github.domain.com/api/v3/repos/<organization>/<repository>/contents/<path-inside-repository>. The branch will be specified at the next step. Example: https://github.domain.com/api/v3/repos/ovidiuf/smoke/contents/tmp/smoke-1.0.0.tgz

Commit/Branch: develop

Note that the GitHub repository must be configured for Spinnaker access.

The documentation seems to suggest that the chart can be stored in the GitHub repository in an exploded format, and the path to the Chart.yaml is sufficient, either the path to the file itself or the path to the directory containing Chart.yaml., but that is not actually the case. An attempt to use an exploded chart ended in:

Status: 500, URL: http://clouddriver.spinnaker:8000/artifacts/fetch/, Message: Cannot deserialize instance of  com.netflix.spinnaker.clouddriver.artifacts.github.GitHubArtifactCredentials$ContentMetadata out of START_ARRAY token at [Source: (String)"[{"name":"Chart.yaml","path":"src/main/helm/spinnaker-  smoke/Chart.yaml","sha":"2cf3c0f610396ed86b3da9f02391a3471c71003f","size":51,"url":"https://github.example.com/api/v3/repos/my-org/smoke/contents/src/main/helm/spinnaker-smoke/Chart.yaml?ref=spinnakerization","html_url":"https://github.example.com/my-org/smoke/blob/spinnakerization/src/main/helm/spinnaker-smoke/Chart.yaml","git_url":"https://github.example.com/api/v3/repos/my-org/smoke/git/blobs/2cf3c0f610396ed86"[truncated 3758 chars]; line: 1, column: 1]

Helm Repository

The Helm Repository must have been already "onboarded" and should be selected by name. Once selected, it should allow browsing the charts and their version from the dropdown box.

The chart can be also pulled from a straight HTTP repository, where the helm chart version is provided as a pipeline parameter.

Overrides

Expected Artifact

The files passed to --values parameter must be added as "Overrides/value artifact".

This is where a configuration file exposed in a configuration repository can be added. The configuration should be: Overrides → Add value artifact → Expected Artifact → Define a new artifact → Artifact from execution context

Account: github

Content URL: https://github.example.com/api/v3/repos/ovidiuf/configuration-repo/contents/environments/my-env/my-app/config.yaml

Commit/Branch: develop

Alternatively, the full override can be specified in-line as: Expected Artifact → Artifact from execution context → embedded-artifact. Name: "in-line overlay"

Overrides

Individually specified overrides can also be set in form of key/value pairs. Example of how to update the image tag based on tag read by the Docker trigger:

If expressions are evaluated when the manifest is rendered, make sure to turn Expression Evaluation Evaluate SpEL expressions in overrides at bake time on.

Raw Overrides

Use --set instead of --set-string when injecting override values. Values injected using --set will be converted to primitive types by Helm.

Not usually something that is selected.

Expression Evaluation

Evaluate SpEL expressions in overrides at bake time

Explicitly evaluate SpEL expressions in overrides just prior to manifest baking. Can be paired with the "Skip SpEL evaluation" option in the Deploy Manifest stage when baking a third-party manifest artifact with expressions not meant for Spinnaker to evaluate as SpEL.

Turn it on if the image tag is generated dynamically from ${trigger['tag']} or from ${myapp_image_tag}.

Execution Options

Notifications

Produces Artifact

By default, Spinnaker automatically creates an embedded/base64 artifact that is bound when the stage completes, representing the full manifest set to be deployed downstream.

⚠️ It is a good idea to change the name from automatically generated ("nervous-lionfish-4") to something more intuitive ("rendered_helm_chart"). The produced artifact is linked to the rendered Helm chart by the value of Helm Options → Name.

Comments

Example of Configured Stage

{
  "expectedArtifacts": [
    {
      "defaultArtifact": {
        "customKind": true,
        "id": "a3b15bdc-8f73-4265-ba38-9be06cd6b4f2"
      },
      "displayName": "rendered-helm-chart",
      "id": "c7202ead-c6f9-497a-9120-1957688ed2d8",
      "matchArtifact": {
        "artifactAccount": "embedded-artifact",
        "customKind": false,
        "id": "22a48f2b-2b62-46bd-9964-68b406a3c1c8",
        "type": "embedded/base64"
      },
      "useDefaultArtifact": false,
      "usePriorArtifact": false
    }
  ],
  "inputArtifacts": [
    {
      "account": "github",
      "artifact": {
        "artifactAccount": "github",
        "id": "75ebe7b2-b04a-4fcd-a712-c7eacb06c348",
        "name": "tmp/smoke-0.1.0.tgz",
        "reference": "https://github.example.com/api/v3/repos/ovidiuf/smoke/contents/tmp/smoke-0.1.0.tgz",
        "type": "github/file",
        "version": "develop"
      }
    }
  ],
  "name": "Render Helm",
  "namespace": "of",
  "outputName": "smoke",
  "overrides": {},
  "templateRenderer": "HELM3",
  "type": "bakeManifest"
}