Publish helm chart to OCI registry for PR patches

Author: viveksinghggits

.evergreen-functions.yml

@@ -223,6 +223,15 @@ functions:
         working_dir: src/github.com/mongodb/mongodb-kubernetes
         binary: scripts/evergreen/setup_docker_sbom.sh
 
+  helm_registry_login:
+    command: subprocess.exec
+    type: setup
+    params:
+      working_dir: src/github.com/mongodb/mongodb-kubernetes
+      add_to_path:
+        - ${workdir}/bin
+      binary: scripts/dev/helm_registry_login.sh
+
   # Logs into all used registries
   configure_docker_auth: &configure_docker_auth
     command: subprocess.exec
@@ -497,6 +506,15 @@ functions:
           - rh_pyxis
         binary: scripts/dev/run_python.sh scripts/preflight_images.py --image ${image_name} --submit "${preflight_submit}"
 
+  # publish_helm_chart packages and publishes the MCK helm chart to the OCI container registry
+  publish_helm_chart:
+    - command: subprocess.exec
+      params:
+        working_dir: src/github.com/mongodb/mongodb-kubernetes
+        include_expansions_in_env:
+          - version_id
+        binary: scripts/dev/run_python.sh scripts/publish_helm_chart.py
+
   build_multi_cluster_binary:
     - command: subprocess.exec
       type: setup

.evergreen.yml

@@ -448,6 +448,16 @@ tasks:
         vars:
           image_name: upgrade-hook
 
+  - name: publish_helm_chart
+    commands:
+      - func: clone
+      - func: setup_kubectl
+      - func: setup_aws
+      - func: prepare_aws
+      - func: helm_registry_login
+      - func: python_venv
+      - func: publish_helm_chart
+
   - name: prepare_aws
     priority: 59
     commands:
@@ -1675,6 +1685,7 @@ buildvariants:
       - name: build_readiness_probe_image
       - name: build_upgrade_hook_image
       - name: prepare_aws
+      - name: publish_helm_chart
 
   - name: init_test_run_ibm_power
     display_name: init_test_run_ibm_power

scripts/dev/helm_registry_login.sh

@@ -0,0 +1,39 @@
+#!/usr/bin/env bash
+
+ECR_REGISTRY="268558157000.dkr.ecr.us-east-1.amazonaws.com"
+AWS_REGION="us-east-1"
+
+source scripts/dev/set_env_context.sh
+
+export PATH=${PROJECT_DIR}/bin:$PATH
+
+echo "Checking if helm CLI is installed..."
+if ! command -v helm &> /dev/null
+then
+    echo "Error: helm CLI could not be found."
+    echo "Please ensure helm is installed and in your system's PATH."
+    exit 1
+fi
+
+echo "Checking if aws CLI is installed..."
+if ! command -v aws &> /dev/null
+then
+    echo "Error: aws CLI could not be found."
+    echo "Please ensure aws CLI is installed and configured."
+    exit 1
+fi
+
+echo "Logging into OCI Registry: ${ECR_REGISTRY} in region ${AWS_REGION}..."
+
+if aws ecr get-login-password --region "$AWS_REGION" | helm registry login \
+    --username AWS \
+    --password-stdin \
+    "$ECR_REGISTRY"
+then
+    echo "Helm successfully logged into the OCI registry."
+    exit 0
+else
+    echo "ERROR: Helm login to ECR registry failed."
+    echo "Please ensure your AWS credentials have permission to access ECR in the specified region."
+    exit 1
+fi

scripts/publish_helm_chart.py

@@ -0,0 +1,78 @@
+import subprocess
+import os
+import yaml
+
+from lib.base_logger import logger
+
+CHART_DIR = "helm_chart"
+
+OCI_REGISTRY = "oci://268558157000.dkr.ecr.us-east-1.amazonaws.com/dev/helm-charts"
+
+def run_command(command: list[str], description: str):
+    try:
+        subprocess.run(command, check=True, text=True, capture_output=False)
+        logger.info(f"Command {' '.join(command)} executed successfully.")
+    except subprocess.CalledProcessError as e:
+        logger.error(f"Error executing command: {' '.join(command)}")
+        raise RuntimeError(f"{description} failed.") from e
+    except FileNotFoundError:
+        raise FileNotFoundError("Error: 'helm' command not found. Ensure Helm CLI is installed and in your PATH.")
+
+def update_chart_and_get_metadata(chart_dir: str) -> tuple[str, str]:
+    chart_path = os.path.join(chart_dir, "Chart.yaml")
+    version_id = os.environ.get('version_id')
+    if not version_id:
+        raise ValueError("Error: Environment variable 'version_id' must be set to determine the chart version to publish.")
+        
+    new_version = f"0.0.0+{version_id}"
+
+    logger.info(f"New helm chart version will be: {new_version}")
+
+    if not os.path.exists(chart_path):
+        raise FileNotFoundError(
+            f"Error: Chart.yaml not found in directory '{chart_dir}'. "
+            "Please ensure the directory exists and contains a valid Chart.yaml."
+        )
+
+    try:
+        with open(chart_path, 'r') as f:
+            data = yaml.safe_load(f)
+
+        chart_name = data.get('name')
+        if not chart_name:
+             raise ValueError("Chart.yaml is missing required 'name' field.")
+
+        data['version'] = new_version
+        
+        with open(chart_path, 'w') as f:
+            yaml.safe_dump(data, f, sort_keys=False) 
+
+        logger.info(f"Successfully updated version for chart '{chart_name}' to '{new_version}' before publishing it.")
+        return chart_name, new_version
+
+    except Exception as e:
+        raise RuntimeError(f"Failed to read or update Chart.yaml: {e}")
+
+def publish_helm_chart():
+    try:
+        chart_name, chart_version = update_chart_and_get_metadata(CHART_DIR)
+        
+        tgz_filename = f"{chart_name}-{chart_version}.tgz"
+        logger.info(f"Packaging chart: {chart_name} with Version: {chart_version}")
+
+        package_command = ["helm", "package", CHART_DIR]
+        run_command(package_command, f"Packaging chart '{CHART_DIR}'")
+
+        push_command = ["helm", "push", tgz_filename, OCI_REGISTRY]
+        run_command(push_command, f"Pushing '{tgz_filename}' to '{OCI_REGISTRY}'")
+
+        if os.path.exists(tgz_filename):
+            logger.info(f"\nCleaning up local file: {tgz_filename}")
+            os.remove(tgz_filename)
+        
+        logger(f"Helm Chart {chart_name}:{chart_version} was published successfully!")
+    except (FileNotFoundError, RuntimeError, ValueError) as e:
+        logger.error(f"\Failed publishing the helm chart: {e}")
+
+if __name__ == "__main__":
+    publish_helm_chart()