{"id":18800610,"url":"https://github.com/bitovi/github-actions-deploy-eks-helm","last_synced_at":"2025-07-15T19:45:13.847Z","repository":{"id":37678718,"uuid":"480971506","full_name":"bitovi/github-actions-deploy-eks-helm","owner":"bitovi","description":"Easily deploys helm charts to an EKS Cluster.","archived":false,"fork":false,"pushed_at":"2024-10-30T18:59:52.000Z","size":117,"stargazers_count":29,"open_issues_count":2,"forks_count":33,"subscribers_count":11,"default_branch":"main","last_synced_at":"2025-06-22T02:52:50.403Z","etag":null,"topics":["chart","deployment","gitops","helm","helm-charts","kubernetes","kubernetes-cluster","kubernetes-deployment"],"latest_commit_sha":null,"homepage":"https://www.bitovi.com/platform-engineering-consulting","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/bitovi.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-04-12T21:00:18.000Z","updated_at":"2025-05-28T11:55:59.000Z","dependencies_parsed_at":"2023-12-01T12:17:24.009Z","dependency_job_id":"8fc1c301-080b-4801-bbd9-e06105a83cc9","html_url":"https://github.com/bitovi/github-actions-deploy-eks-helm","commit_stats":{"total_commits":62,"total_committers":12,"mean_commits":5.166666666666667,"dds":0.3870967741935484,"last_synced_commit":"b5bcfbd78aaa0a3b48d85ec8139736974d44180b"},"previous_names":[],"tags_count":21,"template":false,"template_full_name":null,"purl":"pkg:github/bitovi/github-actions-deploy-eks-helm","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bitovi%2Fgithub-actions-deploy-eks-helm","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bitovi%2Fgithub-actions-deploy-eks-helm/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bitovi%2Fgithub-actions-deploy-eks-helm/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bitovi%2Fgithub-actions-deploy-eks-helm/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/bitovi","download_url":"https://codeload.github.com/bitovi/github-actions-deploy-eks-helm/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bitovi%2Fgithub-actions-deploy-eks-helm/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":265456003,"owners_count":23768667,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["chart","deployment","gitops","helm","helm-charts","kubernetes","kubernetes-cluster","kubernetes-deployment"],"created_at":"2024-11-07T22:19:22.715Z","updated_at":"2025-07-15T19:45:13.813Z","avatar_url":"https://github.com/bitovi.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Deploy Helm charts to AWS EKS cluster\n\n`bitovi/github-actions-deploy-eks-helm` deploys helm charts to an EKS Cluster.\n![alt](https://bitovi-gha-pixel-tracker-deployment-main.bitovi-sandbox.com/pixel/LW06qgz37wS0e62G4UHYS)\n## Action Summary\nThis action deploys Helm charts to an EKS cluster, allowing ECR/OCI as sources, and handling plugin installation, using [this awesome Docker image](https://github.com/alpine-docker/k8s) as base.\n\n\u003e **Note:** If your EKS cluster administrative access is in a private network, you will need to use a self hosted runner in that network to use this action.\n\nIf you would like to deploy a backend app/service, check out our other actions:\n| Action | Purpose |\n| ------ | ------- |\n| [Deploy Docker to EC2](https://github.com/marketplace/actions/deploy-docker-to-aws-ec2) | Deploys a repo with a Dockerized application to a virtual machine (EC2) on AWS |\n| [Deploy React to GitHub Pages](https://github.com/marketplace/actions/deploy-react-to-github-pages) | Builds and deploys a React application to GitHub Pages. |\n| [Deploy static site to AWS (S3/CDN/R53)](https://github.com/marketplace/actions/deploy-static-site-to-aws-s3-cdn-r53) | Hosts a static site in AWS S3 with CloudFront |\n\u003cbr/\u003e\n\n**And more!** Check our [list of actions in the GitHub marketplace](https://github.com/marketplace?category=\u0026type=actions\u0026verification=\u0026query=bitovi).\n\n# Need help or have questions?\nThis project is supported by [Bitovi, A DevOps consultancy](https://www.bitovi.com/services/devops-consulting).\n\nYou can **get help or ask questions** on our [Discord Community](https://discord.gg/zAHn4JBVcX).\n\n\n## Customizing\n\n\u003e **Note:** Although Helm repositories are different than [OCI registries](https://helm.sh/docs/topics/registries/), the `chart-repository` variable supports both options.\n\nSee [example below](https://github.com/bitovi/github-actions-deploy-eks-helm#example-3) for reference, but the process should be similar to using a repo.\n\n### Note on charts list command\n\nYou can use the name as a way to filter results, or just leave it blank to get all the charts available. \n\n### Inputs\n\nThe following inputs are available as `step.with` keys:\n\n| Name | Type | Description |\n| -------------------------- | ------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------- |\n| `aws-secret-access-key` | String | AWS secret access key part of the aws credentials. This is used to login to EKS. |\n| `aws-access-key-id` | String | AWS access key id part of the aws credentials. This is used to login to EKS. |\n| `aws-region` | String | AWS region to use. This must match the region your desired cluster is in. |\n| `cluster-name` | String | The name of the desired cluster. |\n| `cluster-role-arn` | String | If you wish to assume an admin role, provide the role arn here to log in as. |\n| `action` | String | Determines if we `install`/`uninstall` the chart, or `list`. (Optional, Defaults to `install`) |\n| `dry-run` | Boolean | Toggles `dry-run` option for `install`/`uninstall` action. (Defaults to `false`) |\n| `config-files` | String | Comma separated list of helm values files. |\n| `namespace` | String | Kubernetes namespace to use. To create the namespace if it doesn't exist, also set `create-namespace` to `true`. |\n| `create-namespace` | Boolean | Adds `--create-namespace` when set to `true`. Requires cluster API permissions. (Default: `true`) |\n| `values` | String | Comma separated list of value set for helms. e.x: `key1=value1, key2=value2` |\n| `name` | String | The name of the helm release. |\n| `chart-path` | String | The path to the chart. (defaults to `helm/`) |\n| `chart-repository` | String | The URL of the chart-repository (Optional) Note: If oci based registry, set url to oci:// |\n| `version` | String | The version of the chart (Optional) |\n| `plugins` | String | Comma separated list of plugins to install. e.x:` https://github.com/hypnoglow/helm-s3.git, https://github.com/someuser/helm-plugin.git` (defaults to none) |\n| `timeout` | String | The value of the timeout for the helm release. |\n| `update-deps` | Boolean | Update chart dependencies |\n| `helm-wait` | String | Add the helm --wait flag to the helm Release (Optional) |\n| `atomic` | String | Add the helm --atomic flag if set (Optional) |\n| `ca-file` | String | Verify certificates of HTTPS-enabled servers using this CA bundle. |\n| `cert-file` | String | Identify HTTPS client using this SSL certificate file. |\n| `key-file` | String | Identify HTTPS client using this SSL key file. |\n| `insecure-skip-tls-verify` | String | Skip tls certificate checks for the chart download. |\n| `pass-credentials` | String | Pass credentials to all domains. set (Optional) |\n| `username` | String | Chart repository username where to locate the requested chart. |\n| `password` | String | Chart repository password where to locate the requested chart. |\n| `use-secrets-vals` | Boolean | Use secrets plugin using vals to evaluate the secrets |\n| `helm-extra-args` | String | Append any string containing any extra option that might escape the ones present in this action. \n\n## Example 1 - local repo chart\n\n```yaml\n - name: Deploy Helm\n uses: bitovi/github-actions-deploy-eks-helm@v1.2.12\n with:\n aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}\n aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}\n aws-region: us-west-2\n cluster-name: mycluster\n config-files: .github/values/dev.yaml\n chart-path: chart/\n namespace: dev\n values: key1=value1,key2=value2\n name: release_name\n```\n\n## Example 2 - Custom Chart Repo\n```yaml\n - name: Deploy Helm\n uses: bitovi/github-actions-deploy-eks-helm@v1.2.12\n with:\n aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}\n aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}\n aws-region: us-west-2\n cluster-name: mycluster\n cluster-role-arn: ${{ secrets.AWS_ROLE_ARN }}\n config-files: fluent-bit/prod/values.yaml\n chart-path: fluent/fluent-bit\n namespace: logging\n create-namespace: true\n name: fluent-bit\n chart-repository: https://fluent.github.io/helm-charts\n version: 0.20.6\n atomic: true\n```\n\n## Example 3 - OCI Chart Repo\n```yaml\n - name: Deploy Helm\n uses: bitovi/github-actions-deploy-eks-helm@v1.2.12\n with:\n aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}\n aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}\n aws-region: us-west-2\n cluster-name: mycluster\n cluster-role-arn: ${{ secrets.AWS_ROLE_ARN }}\n chart-repository: oci://registry.io/\n chart-path: organization/chart\n namespace: org\n name: some-name\n version: 0.1.0\n```\n\n## Example 4 - Separate AWS login\n```yaml\n - name: Configure AWS credentials\n uses: aws-actions/configure-aws-credentials@v2\n with:\n role-to-assume: arn:aws:iam::${{ env.aws-account-id }}:role/${{ env.aws-assume-role }}\n aws-region: ${{ env.aws-region }}\n\n - name: Install Helm Chart\n uses: bitovi/github-actions-deploy-eks-helm@v1.2.12\n with:\n aws-region: ${{ env.aws-region }}\n cluster-name: eks-cluster-${{ env.environment }}\n ... (put your other arguments here)\n```\n\n## Example 5 - Use secrets with vals backend\n```yaml\n - name: Deploy Helm\n uses: bitovi/github-actions-deploy-eks-helm@v1.2.12\n with:\n aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}\n aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}\n aws-region: us-west-2\n cluster-name: mycluster\n config-files: .github/values/dev.yaml\n chart-path: chart/\n namespace: dev\n values: key1=value1,key2=value2\n name: release_name\n use-secrets-vals: true\n plugins: https://github.com/jkroepke/helm-secrets\n```\n\n## Example 6 - Define multiple values\n\n```yaml\n - name: Install Karpenter\n uses: bitovi/github-actions-deploy-eks-helm@v1.2.12\n with:\n aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}\n aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}\n aws-region: ${{ vars.AWS_REGION }}\n cluster-name: ${{ vars.CLUSTER_NAME }}\n cluster-role-arn: ${{ secrets.AWS_ROLE_ARN }}\n chart-repository: oci://public.ecr.aws\n chart-path: karpenter/karpenter\n helm-wait: true\n namespace: karpenter\n name: karpenter\n values: |\n settings.clusterName=${{ vars.CLUSTER_NAME }},\n settings.interruptionQueue=${{ vars.CLUSTER_NAME }}-karpenter,\n controller.resources.requests.cpu=1,\n controller.resources.requests.memory=1Gi,\n controller.resources.limits.cpu=1,\n controller.resources.limits.memory=1Gi\n version: 1.0.6\n```\n\n## Example 7 - Use with S3 as repo\n```yaml\n - name: Deploy S3 Helm chart\n uses: bitovi/github-actions-deploy-eks-helm@v1.2.12\n with:\n aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}\n aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}\n aws-region: us-west-2\n chart-repository: s3://my-s3-bucket/\n chart-path: my-service/my-service\n version: 0.1.0\n cluster-name: mycluster\n namespace: dev\n name: my_service_name\n plugins: https://github.com/hypnoglow/helm-s3.git\n```\n* See the [official AWS Guide](https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/set-up-a-helm-v3-chart-repository-in-amazon-s3.html) on how to set this up.\n\n## Example 8 - Use a different role in the Action than the role the cluster was built with\n\n**action.yaml**\n```yaml\n - name: Configure AWS credentials\n uses: aws-actions/configure-aws-credentials@v2\n with:\n role-to-assume: arn:aws:iam::${{ env.aws-account-id }}:role/${{ env.aws-assume-role }}\n aws-region: ${{ env.aws-region }}\n - name: Install Helm Chart\n uses: bitovi/github-actions-deploy-eks-helm@v1.2.12\n with:\n aws-region: ${{ env.aws-region }}\n cluster-name: eks-cluster-${{ env.environment }}\n ... (put your other arguments here)\n```\n\n**terraform.tf**\n```yaml\n ... (surrounding code)\n\n module \"eks\" {\n source = \"terraform-aws-modules/eks/aws\"\n version = \"~\u003e 20.11.1\"\n\n ... (surrounding code)\n\n access_entries = {\n kubernetes_groups = []\n principal_arn = var.aws-assume-role.role_arn\n \n policy_associations = {\n access_entry_policy = {\n policy_arn = var.aws-assume-role.aws_policy_arn\n access_scope = {\n type = \"cluster\"\n }\n }\n }\n }\n }\n\n ... (surrounding code)\n```\n\n\u003e NOTE: If you see an error like `Not Authorized` or `Kubernetes cluster unreachable: the server has asked for the client to provide credentials`, it could be due to this Action using a different role than the EKS cluster was built with. The previous fix was to add an entry to the `aws-auth` ConfigMap in the `kube-system` namespace; however, AWS is now using [Access Entries](https://docs.aws.amazon.com/eks/latest/userguide/access-entries.html) which might need to be adjusted to give the Action Role access to the EKS cluster. \n\u003e You may be able to use to an [AssumedRole](https://github.com/aws-actions/configure-aws-credentials?tab=readme-ov-file#assumerole-with-role-previously-assumed-by-action-in-same-workflow) method where you chain the roles together in the AWS authentication instead.\n\n## Example Uninstall\n\n```yaml\n - name: Deploy Helm\n uses: bitovi/github-actions-deploy-eks-helm@v1.2.12\n with:\n aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}\n aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}\n aws-region: us-west-2\n action: uninstall\n cluster-name: mycluster\n namespace: dev\n name: release_name\n```\n\n## Example List\n\n```yaml\n - name: Deploy Helm\n uses: bitovi/github-actions-deploy-eks-helm@v1.2.12\n with:\n aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}\n aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}\n aws-region: us-west-2\n action: list\n namespace: dev\n name: release_name\n```\n\n## Contributing\nWe would love for you to contribute to [`bitovi/github-actions-deploy-eks-helm`](https://github.com/bitovi/github-actions-deploy-eks-helm). [Issues](https://github.com/bitovi/github-actions-deploy-eks-helm/issues) and [Pull Requests](https://github.com/bitovi/github-actions-deploy-eks-helm/pulls) are welcome!\n\n## License\nThe scripts and documentation in this project are released under the [MIT License](https://github.com/bitovi/github-actions-deploy-eks-helm/blob/main/LICENSE).\n\n## Provided by Bitovi\n[Bitovi](https://www.bitovi.com/) is a proud supporter of Open Source software.\n\n## Need help or have questions?\nYou can **get help or ask questions** on [Discord channel](https://discord.gg/zAHn4JBVcX)! Come hang out with us!\n\nOr, you can hire us for training, consulting, or development. [Set up a free consultation](https://www.bitovi.com/devops-consulting).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbitovi%2Fgithub-actions-deploy-eks-helm","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbitovi%2Fgithub-actions-deploy-eks-helm","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbitovi%2Fgithub-actions-deploy-eks-helm/lists"}