vRealize Code Stream Code Stream DevOps Kubernetes vRealize Automation

Deploying Helm Charts with vRealize Automation Code Stream

In this blog post I’m going to show how you can deploy a Helm chart using vRealize Automation Code Stream. Helm is a fantastic tool to package Kubernetes manifests as a bundle so that you can install entire applications with a single command. You can release specific versions, as well as customizing each release with variables to configure the deployment.

Code Stream has native integrations for both Kubernetes and Docker, so we can use these Endpoints and their related Tasks to leverage the power of Helm to deploy applications.

There are some pre-requisites for this – we need to have a Kubernetes Endpoint (a Kubernetes cluster that has been added to Code Stream) and a Docker Endpoint (a stand-alone Docker host that has been added to Code Stream) configured.

I’ve also configured some secret Variables to store my API credentials. These are referenced when I make API calls back to vRealize Automation.

  • vraFQDN
  • vraUsername
  • vraPassword

Deploy Helm Chart – Pipeline

The Pipeline’s Workspace configuration provides the context in which the Pipeline Tasks execute. In this case, all but one of the tasks is executed as a CI Task (a script which executes in a container running on the Docker host). The container image I’m using is sammcgeown/codestream-ci-k8s, which is publicly available on Docker Hub and GitHub and installs kubectl and helm on a CentOS container.

The Pipeline has six Inputs:

  • Helm_Chart – the name of the helm chart to deploy
  • Helm_Release – the release name of the deployment
  • Helm_Repository – the helm repository URL
  • Helm_Settings – any settings to use with the helm chart, as JSON formatted key/value pairs
  • Kubernetes_Endpoint – the Code Stream Kubernetes endpoint name
  • Kubernetes_Namespace – the namespace in which the helm chart should be deployed

The process of deploying a Helm chart using Code Stream is broken up into two Stages, each Stage consisting of a few Tasks.

Configure Stage

The Configure stage ensures that we have access to the Kubernetes cluster and the Helm repository.

Get Kubernetes Credentials Task

This task uses a nested Pipeline task to retrieve the credentials for a Kubernetes cluster by querying the Code Stream API. It returns the cluster’s URL, and authentication method (Certificates, Token or Basic Auth). The nested Pipelines use the REST task to query the API.

Configure kubectl

The first CI task uses kubectl config commands to create a kubectl cluster, credential and context, which are used to access the Kubernetes cluster

Add Helm repository

Finally the Helm repository is added to the Helm configuration, and the repository is updated.

helm repo add temp ${input.Helm_Repository} && helm repo update

Deploy Stage

The Deploy stage is where we actually execute the helm commands to deploy the application.

Create Namespace

If the namespace specified in the request does not exist it will be created, otherwise no change will be made

Deploy Helm Chart

This task does most of the work – firstly by converting the JSON Helm_Settings input into a --set key="value"flags for the Helm command, then installing the Chart using the setting, release name and namespace. The final step exports any Kubernetes services of type loadbalancer to be returned by the Pipeline.


Everyone loves a demo, right? Well here it is! There’s no audio, and the deployment sequences are shortened so you don’t get bored, but you can see the pipeline in action deploying Harbor in my lab.

Next Steps

If you want to give this pipeline a try, you can download the YAML from the Code Stream Helm Deployment folder in the vra-code-examples GitHub Repository.

If you don’t have access to Code Stream yet, or you just want to find out more about vRealize Automation please visit our website, or to learn more about our features, vRealize Automation Code Stream and explore vRealize Automation Cloud get started with a free 45-day trial!


Leave a Reply

Your email address will not be published.