GitLab Pipelines provide the ability to define a build workflow, including the packaging and publishing of a Helm chart to the GitLab Package Registry.
This allows tools like Helm to refer to the public URL of the Gitlab Package Registry, add it as a remote Helm repository, and then use the packaged chart.
Pipeline job for publishing Helm chart
I will build on a previous article where I have a GitLab pipeline building a Docker (OCI) image, and add a pipeline job that publishes a Helm chart.
Add the job definition below to the .gitlab-ci.yml pipeline:
helm-package-publish-to-gitlab:
stage: build
rules:
- changes:
- "charts/${CHART}/*"
image:
name: alpine/helm:3.17.1 # latest in feb 2025
entrypoint: [""]
variables:
CHART: $CI_PROJECT_NAME
before_script: |
# add chartmuseum plugin to helm, makes publishing more convenient
apk add git
helm plugin install --version=v0.10.4 https://github.com/chartmuseum/helm-push.git
# add this project as helm repo, using standard variables exposed via pipeline
helm repo add ${CHART} ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/helm/stable \
--username ${CI_REGISTRY_USER} --password ${CI_REGISTRY_PASSWORD}
# show public URL where chart will be published
helm repo list
echo "REPO"$(helm repo list -o=yaml | grep url)
script: |
set -x
# pushes chart to GitLab container registry of project
helm cm-push charts/${CHART} ${CHART}
The job definition above is invoked if there are any changes in the ‘charts/’ subdirectory. If so, it installs the Helm ChartMuseum plugin, which has a convenient command for publishing to a container registry.
There are two key commands, highlighted below:
helm repo add ${CHART} ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/helm/stable \
--username ${CI_REGISTRY_USER} --password ${CI_REGISTRY_PASSWORD}
helm cm-push charts/${CHART} ${CHART}
“helm repo add” uses the standard GitLab CI/CD pre-defined variables for identifying the project id and container registry credentials, these variables are available in every pipeline.
And “helm cm-push” uses the ChartMuseum plugin to conveniently make the GitLab Container registry API calls needed to POST the packaged helm chart tgz.
Helm chart published to GitLab Package Registry
From the GitLab web UI, if you navigate to the project, then Deploy > Package Registry, you should now see the published charts.
The web UI interface unfortunately does not expose the public Helm chart repo URL, but it’s syntax is:
https://gitlab.com/api/v4/projects/${PROJECT_ID}/packages/helm/${CHANNEL}
You can get the exact URL from the output of the job pipeline run (Build > Pipelines).
If you click into the ‘helm-package-publish-to-gitlab’ job, and look at the output of the ‘helm repo list’ command, it will show you the remote Helm repository URL with resolved PROJECT_ID and CHANNEL as below.
https://gitlab.com/api/v4/projects/61514621/packages/helm/stable
Validate public Helm chart access
Using this public Helm repository URL, we can now use a Helm client to add the chart repository locally.
# add helm repo from public gitlab URL helm repo add google-hello-app-logging-multiarch https://gitlab.com/api/v4/projects/61514621/packages/helm/stable $ helm repo list NAME URL google-hello-app-logging-multiarch https://gitlab.com/api/v4/projects/61514621/packages/helm/stable # show charts available in repo $ helm search repo -l google-hello-app-logging-multiarch NAME CHART VERSION APP VERSION DESCRIPTION google-hello-app-logging-multiarch/google-hello... 0.7.0 1.0.10 A Helm chart for Kubernetes google-hello-app-logging-multiarch/google-hello... 0.6.0 1.0.10 A Helm chart for Kubernetes google-hello-app-logging-multiarch/google-hello... 0.5.0 1.0.10 A Helm chart for Kubernetes # test helm chart (no kubernetes connection required) $ helm template my-test google-hello-app-logging-multiarch/google-hello-app-logging-multiarch
REFERENCES
GitLab docs, publishing Helm charts to the package registry
GitLab blog, using CD workflows to publish helm chart
GitLab docs, container registry API
GitLab docs, gitlab container registry API docs
GitLab docs, using JOB-TOKEN header for authentication to REST api
Manish Sharma, Getting Started with GitLab tokens
example code repo for this article
gitlab container registry for this article
Syed Javad Hosseini, GitLab Helm Package Registry using curl POST to publish
medium.com, publish helm chart using github pages