eks-charts to ECR Public migration

.github/workflows/release.yaml

@@ -66,8 +66,19 @@ jobs:
     - name: Check out code into the Go module directory
       uses: actions/checkout@v2
 
-    - name: Create eks-charts PR
-      run: make ekscharts-sync-release
+    - name: Sync Helm Chart Catalog information
+      run: make sync-catalog-information-for-helm-chart
+      env:
+        AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+        AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+        AWS_SESSION_TOKEN: ${{ secrets.AWS_SESSION_TOKEN }}
+
+    - name: Sync Helm Chart to ECR Public
+      run: make push-helm-charts
+      env:
+        AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+        AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+        AWS_SESSION_TOKEN: ${{ secrets.AWS_SESSION_TOKEN }}
 
     - name: Sync Readme to ECR Public
       run: make sync-readme-to-ecr-public

Makefile

@@ -1,9 +1,12 @@
 VERSION = $(shell git describe --tags --always --dirty)
 LATEST_RELEASE_TAG=$(shell git describe --tags --abbrev=0)
+LATEST_COMMIT_HASH=$(shell git rev-parse HEAD)
+LATEST_COMMIT_CHART_VERSION=$(shell git --no-pager show ${LATEST_COMMIT_HASH}:config/helm/aws-node-termination-handler/Chart.yaml | grep 'version:' | xargs | cut -d' ' -f2 | tr -d '[:space:]')
 PREVIOUS_RELEASE_TAG=$(shell git describe --abbrev=0 --tags `git rev-list --tags --skip=1  --max-count=1`)
 REPO_FULL_NAME=aws/aws-node-termination-handler
 ECR_REGISTRY ?= public.ecr.aws/aws-ec2
 ECR_REPO ?= ${ECR_REGISTRY}/aws-node-termination-handler
+ECR_REPO_CHART ?= aws-node-termination-handler
 IMG ?= amazon/aws-node-termination-handler
 IMG_TAG ?= ${VERSION}
 IMG_W_TAG = ${IMG}:${IMG_TAG}
@@ -56,9 +59,15 @@ push-docker-images-windows:
 	@ECR_REGISTRY=${ECR_REGISTRY} ${MAKEFILE_PATH}/scripts/ecr-public-login
 	${MAKEFILE_PATH}/scripts/push-docker-images -p ${SUPPORTED_PLATFORMS_WINDOWS} -r ${ECR_REPO} -v ${VERSION} -m
 
+push-helm-charts:
+	${MAKEFILE_PATH}/scripts/push-helm-charts -r ${ECR_REPO_CHART} -v ${LATEST_COMMIT_CHART_VERSION} -h ${ECR_REGISTRY}
+
 version:
 	@echo ${VERSION}
 
+chart-version:
+	@echo ${LATEST_COMMIT_CHART_VERSION}
+
 latest-release-tag:
 	@echo ${LATEST_RELEASE_TAG}
 
@@ -98,16 +107,13 @@ license-test: $(GOLICENSES)
 go-linter:
 	golangci-lint run
 
-helm-sync-test:
-	${MAKEFILE_PATH}/test/helm-sync-test/run-helm-sync-test
-
 helm-version-sync-test:
 	${MAKEFILE_PATH}/test/helm-sync-test/run-helm-version-sync-test
 
 helm-lint:
 	${MAKEFILE_PATH}/test/helm/helm-lint
 
-helm-validate-eks-versions:
+helm-validate-chart-versions:
 	${MAKEFILE_PATH}/test/helm/validate-chart-versions
 
 build-binaries:
@@ -129,11 +135,9 @@ sync-readme-to-ecr-public:
 	@ECR_REGISTRY=${ECR_REGISTRY} ${MAKEFILE_PATH}/scripts/ecr-public-login
 	${MAKEFILE_PATH}/scripts/sync-readme-to-ecr-public
 
-ekscharts-sync:
-	${MAKEFILE_PATH}/scripts/sync-to-aws-eks-charts -b ${BINARY_NAME} -r ${REPO_FULL_NAME}
-
-ekscharts-sync-release:
-	${MAKEFILE_PATH}/scripts/sync-to-aws-eks-charts -b ${BINARY_NAME} -r ${REPO_FULL_NAME} -n
+sync-catalog-information-for-helm-chart:
+	@ECR_REGISTRY=${ECR_REGISTRY} ${MAKEFILE_PATH}/scripts/helm-login
+	${MAKEFILE_PATH}/scripts/sync-catalog-information-for-helm-chart
 
 unit-test:
 	go test -bench=. ${MAKEFILE_PATH}/... -v -coverprofile=coverage.txt -covermode=atomic -outputdir=${BUILD_DIR_PATH}
@@ -149,7 +153,7 @@ spellcheck:
 
 build: compile
 
-helm-tests: helm-version-sync-test helm-lint helm-validate-eks-versions
+helm-tests: helm-version-sync-test helm-lint helm-validate-chart-versions
 
 eks-cluster-test:
 	${MAKEFILE_PATH}/test/eks-cluster-test/run-test
@@ -158,7 +162,7 @@ release: build-binaries build-docker-images push-docker-images generate-k8s-yaml
 
 release-windows: build-binaries-windows build-docker-images-windows push-docker-images-windows upload-resources-to-github-windows
 
-test: spellcheck shellcheck unit-test e2e-test compatibility-test license-test go-linter helm-sync-test helm-version-sync-test helm-lint
+test: spellcheck shellcheck unit-test e2e-test compatibility-test license-test go-linter helm-version-sync-test helm-lint
 
 help:
 	@grep -E '^[a-zA-Z_-]+:.*$$' $(MAKEFILE_LIST) | sort
@@ -173,19 +177,19 @@ create-local-release-tag-minor:
 create-local-release-tag-patch:
 	${MAKEFILE_PATH}/scripts/create-local-tag-for-release -p
 
-create-release-prep-pr:
+create-release-pr:
 	${MAKEFILE_PATH}/scripts/prepare-for-release
 
-create-release-prep-pr-draft:
+create-release-pr-draft:
 	${MAKEFILE_PATH}/scripts/prepare-for-release -d
 
-release-prep-major: create-local-release-tag-major create-release-prep-pr
+release-major: create-local-release-tag-major create-release-pr
 
-release-prep-minor: create-local-release-tag-minor create-release-prep-pr
+release-minor: create-local-release-tag-minor create-release-pr
 
-release-prep-patch: create-local-release-tag-patch create-release-prep-pr
+release-patch: create-local-release-tag-patch create-release-pr
 
-release-prep-custom: # Run make NEW_VERSION=v1.2.3 release-prep-custom to prep for a custom release version
+release-custom: # Run make NEW_VERSION=v1.2.3 release-prep-custom to prep for a custom release version
 ifdef NEW_VERSION
 	$(shell echo "${MAKEFILE_PATH}/scripts/create-local-tag-for-release -v $(NEW_VERSION) && echo && make create-release-prep-pr")
 endif

README.md

@@ -123,22 +123,25 @@ For a full list of releases and associated artifacts see our [releases page](htt
 
 #### Helm
 
-The easiest way to configure the various options of the termination handler is via [helm](https://helm.sh/).  The chart for this project is hosted in the [eks-charts](https://github.com/aws/eks-charts) repository.
+The easiest way to configure the various options of the termination handler is via [helm](https://helm.sh/). The chart for this project is hosted in [helm/aws-node-termination-handler](https://gallery.ecr.aws/aws-ec2/helm/aws-node-termination-handler)
 
-To get started you need to add the eks-charts repo to helm
+To get started you need to authenticate your helm client
 
 ```
-helm repo add eks https://aws.github.io/eks-charts
+aws ecr-public get-login-password \
+  --region us-east-1 | helm registry login \
+  --username AWS \
+  --password-stdin public.ecr.aws
 ```
 
-Once that is complete you can install the termination handler. We've provided some sample setup options below.
+Once that is complete you can install the termination handler. We've provided some sample setup options below. Make sure to replace chart-version with the version you want to install.
 
 Zero Config:
 
 ```sh
 helm upgrade --install aws-node-termination-handler \
   --namespace kube-system \
-  eks/aws-node-termination-handler
+  oci://public.ecr.aws/aws-ec2/helm/aws-node-termination-handler --version chart-version
 ```
 
 Enabling Features:
@@ -149,7 +152,7 @@ helm upgrade --install aws-node-termination-handler \
   --set enableSpotInterruptionDraining="true" \
   --set enableRebalanceMonitoring="true" \
   --set enableScheduledEventDraining="false" \
-  eks/aws-node-termination-handler
+  oci://public.ecr.aws/aws-ec2/helm/aws-node-termination-handler --version chart-version
 ```
 
 The `enable*` configuration flags above enable or disable IMDS monitoring paths.
@@ -160,7 +163,7 @@ Running Only On Specific Nodes:
 helm upgrade --install aws-node-termination-handler \
   --namespace kube-system \
   --set nodeSelector.lifecycle=spot \
-  eks/aws-node-termination-handler
+  oci://public.ecr.aws/aws-ec2/helm/aws-node-termination-handler --version chart-version
 ```
 
 Webhook Configuration:
@@ -169,7 +172,7 @@ Webhook Configuration:
 helm upgrade --install aws-node-termination-handler \
   --namespace kube-system \
   --set webhookURL=https://hooks.slack.com/services/YOUR/SLACK/URL \
-  eks/aws-node-termination-handler
+  oci://public.ecr.aws/aws-ec2/helm/aws-node-termination-handler --version chart-version
 ```
 
 Alternatively, pass Webhook URL as a Secret:
@@ -183,10 +186,10 @@ kubectl create secret -n kube-system generic webhooksecret --from-literal=$WEBHO
 helm upgrade --install aws-node-termination-handler \
   --namespace kube-system \
   --set webhookURLSecretName=webhooksecret \
-  eks/aws-node-termination-handler
+  oci://public.ecr.aws/aws-ec2/helm/aws-node-termination-handler --version chart-version
 ```
 
-For a full list of configuration options see our [Helm readme](https://github.com/aws/eks-charts/tree/master/stable/aws-node-termination-handler).
+For a full list of configuration options see our [Helm readme](https://github.com/aws/aws-node-termination-handler/tree/main/config/helm/aws-node-termination-handler#readme).
 
 </details>
 
@@ -391,15 +394,18 @@ When using Kubernetes [Pod Security Admission](https://kubernetes.io/docs/concep
 
 #### Helm
 
-The easiest and most commonly used method to configure the termination handler is via [helm](https://helm.sh/).  The chart for this project is hosted in the [eks-charts](https://github.com/aws/eks-charts) repository.
+The easiest way to configure the various options of the termination handler is via [helm](https://helm.sh/). The chart for this project is hosted in [helm/aws-node-termination-handler](https://gallery.ecr.aws/aws-ec2/helm/aws-node-termination-handler)
 
-To get started you need to add the eks-charts repo to helm
+To get started you need to authenticate your helm client
 
 ```
-helm repo add eks https://aws.github.io/eks-charts
+aws ecr-public get-login-password \
+     --region us-east-1 | helm registry login \
+     --username AWS \
+     --password-stdin public.ecr.aws
 ```
 
-Once that is complete you can install the termination handler. We've provided some sample setup options below.
+Once that is complete you can install the termination handler. We've provided some sample setup options below. Make sure to replace chart-version with the version you want to install.
 
 Minimal Config:
 
@@ -408,7 +414,7 @@ helm upgrade --install aws-node-termination-handler \
   --namespace kube-system \
   --set enableSqsTerminationDraining=true \
   --set queueURL=https://sqs.us-east-1.amazonaws.com/0123456789/my-term-queue \
-  eks/aws-node-termination-handler
+  oci://public.ecr.aws/aws-ec2/helm/aws-node-termination-handler --version chart-version
 ```
 
 Webhook Configuration:
@@ -419,7 +425,7 @@ helm upgrade --install aws-node-termination-handler \
   --set enableSqsTerminationDraining=true \
   --set queueURL=https://sqs.us-east-1.amazonaws.com/0123456789/my-term-queue \
   --set webhookURL=https://hooks.slack.com/services/YOUR/SLACK/URL \
-  eks/aws-node-termination-handler
+  oci://public.ecr.aws/aws-ec2/helm/aws-node-termination-handler --version chart-version
 ```
 
 Alternatively, pass Webhook URL as a Secret:
@@ -435,7 +441,7 @@ helm upgrade --install aws-node-termination-handler \
   --set enableSqsTerminationDraining=true \
   --set queueURL=https://sqs.us-east-1.amazonaws.com/0123456789/my-term-queue \
   --set webhookURLSecretName=webhooksecret \
-  eks/aws-node-termination-handler
+  oci://public.ecr.aws/aws-ec2/helm/aws-node-termination-handler --version chart-version
 ```
 
 For a full list of configuration options see our [Helm readme](https://github.com/aws/eks-charts/tree/master/stable/aws-node-termination-handler).

config/helm/aws-node-termination-handler/Chart.yaml

@@ -11,11 +11,10 @@ keywords:
   - ec2
   - node-termination
   - spot
-home: https://github.com/aws/eks-charts
+home: https://github.com/aws/aws-node-termination-handler/
 icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png
 sources:
   - https://github.com/aws/aws-node-termination-handler/
-  - https://github.com/aws/eks-charts/
 maintainers:
   - name: Brandon Wagner
     url: https://github.com/bwagner5

config/helm/aws-node-termination-handler/README.md

@@ -8,22 +8,24 @@ AWS Node Termination Handler Helm chart for Kubernetes. For more information on
 
 ## Installing the Chart
 
-Before you can install the chart you will need to add the `aws` repo to [Helm](https://helm.sh/).
-
+Before you can install the chart you will need to authenticate your Helm client.
 ```shell
-helm repo add eks https://aws.github.io/eks-charts/
+aws ecr-public get-login-password \
+     --region us-east-1 | helm registry login \
+     --username AWS \
+     --password-stdin public.ecr.aws
 ```
 
-After you've installed the repo you can install the chart, the following command will install the chart with the release name `aws-node-termination-handler` and the default configuration to the `kube-system` namespace.
+Once the helm registry login succeeds, use the following command to install the chart with the release name `aws-node-termination-handler` and the default configuration to the `kube-system` namespace. In the below command, add the chart version that you want to install.
 
 ```shell
-helm upgrade --install --namespace kube-system aws-node-termination-handler eks/aws-node-termination-handler
+helm upgrade --install --namespace kube-system aws-node-termination-handler oci://public.ecr.aws/aws-ec2/helm/aws-node-termination-handler --version chart-version
 ```
 
 To install the chart on an EKS cluster where the AWS Node Termination Handler is already installed, you can run the following command.
 
 ```shell
-helm upgrade --install --namespace kube-system aws-node-termination-handler eks/aws-node-termination-handler --recreate-pods --force
+helm upgrade --install --namespace kube-system aws-node-termination-handler oci://public.ecr.aws/aws-ec2/helm/aws-node-termination-handler --version chart-version --recreate-pods --force
 ```
 
 If you receive an error similar to the one below simply rerun the above command.
@@ -33,7 +35,7 @@ If you receive an error similar to the one below simply rerun the above command.
 To uninstall the `aws-node-termination-handler` chart installation from the `kube-system` namespace run the following command.
 
 ```shell
-helm delete --namespace kube-system aws-node-termination-handler
+helm uninstall --namespace kube-system aws-node-termination-handler
 ```
 
 ## Configuration

scripts/ecr-template-for-helm-chart.json

@@ -0,0 +1,5 @@
+{
+    "description": "Helm Charts for AWS Node Termination Handler",
+    "aboutText": "# Helm Chart for Node Termination Handler\n\n AWS NTH gracefully handles EC2 instance shutdown within Kubernetes.\n\nThis repository contains helm-charts for Node Termination Handler.\n\nFor more information on this project, see the project repo at [AWS Node Termination Handler](https://github.com/aws/aws-node-termination-handler)",
+    "usageText": "# We can install AWS NTH using the helm chart from this repository.\n\nWe need to authenticate our helm client to ECR registry and install NTH chart using helm chart URI, detailed information on how to install helm chart can be found here [HelmChart ReadMe](https://github.com/aws/aws-node-termination-handler/tree/main/config/helm/aws-node-termination-handler#readme)"
+}

scripts/helm-login

@@ -0,0 +1,20 @@
+#!/bin/bash
+set -euo pipefail
+
+SCRIPTPATH="$( cd "$(dirname "$0")" ; pwd -P )"
+BUILD_DIR=$SCRIPTPATH/../build/
+export PATH="${BUILD_DIR}:${PATH}"
+
+if [[ -z "${ECR_REGISTRY}" ]]; then
+    echo "The env var ECR_REGISTRY must be set"
+    exit 1
+fi
+
+function exit_and_fail() {
+    echo "❌ Failed to login to ECR Public Repo!"
+}
+
+trap exit_and_fail INT TERM ERR
+
+export HELM_EXPERIMENTAL_OCI=1
+helm registry login --username AWS --password="$(aws ecr-public get-login-password --region us-east-1)" "${ECR_REGISTRY}"