cci-k8s-release-agent
CircleCI Kubernetes Release Agent Helm Chart
A Helm chart for installing CircleCI’s Kubernetes release agent.
Prerequisites
We generally support the two latest minor versions of Kubernetes, Helm, and Argo Rollouts (optional).
- Kubernetes:
- v1.29.0
- v1.28.0
- v1.27.0
- Helm:
- v3.12.0
- v3.11.0
Optional
- Argo Rollouts
- v1.6.0
- v1.5.0
Installing the Agent
Agent Image
Our Kubernetes Release Agent Images are available from CircleCI’s public Docker Hub registry, located here: https://hub.docker.com/r/circleci/k8s-release-agent/tags
The default image for this chart version is:
circleci/k8s-release-agent:1.3.1
Agent Integration Token
The required token can be obtained by navigating to the Releases view of the CircleCI web application, clicking on Configure Integrations in the top-right, and then Configure New Integration.
Ensure that the generated token is accessible for the installation process.
Installing via Helm Chart
- Add the Helm chart repository:
helm repo add release-agent https://circleci-public.github.io/cci-k8s-release-agent - Update your local Helm chart repository cache:
helm repo update - Install the Helm chart:
helm upgrade --install cci-release-agent release-agent/circleci-release-agent \ --set tokenSecret.token=[YOUR_CCI_INTEGRATION_TOKEN] --create-namespace \ --set "managedNamespaces={namespace1,namespace2}" \ --namespace circleci-release-agent-system
Important Update for Upgrading Users
We have made a small but significant change in the helm installation command that you need to be aware of.
The argument name manageNamespaces has been corrected to managedNamespaces. The corrected command is shown above.
Please make sure to use managedNamespaces instead of manageNamespaces when installing or upgrading to the newer versions of the software. If you have any scripts or automation that includes the previous command, they need to be updated to use managedNamespaces.
Updating the Agent
- Update your local Helm cache:
helm repo update - Upgrade to the new version:
helm upgrade --install cci-release-agent release-agent/circleci-release-agent \ --set tokenSecret.token=[YOUR_CCI_INTEGRATION_TOKEN] --create-namespace \ --set "managedNamespaces={namespace1,namespace2}" \ --namespace circleci-release-agent-system
Values
| Key | Type | Default | Description |
|---|---|---|---|
| agentAnnotations | object | {} |
Allows setting additional annotations for CircleCI Release Agent deployment |
| agentLabels | object | {} |
Allows setting additional labels for CircleCI Release Agent deployment |
| agentNamespace | string | "circleci-release-agent-system" |
Define the namespace to be used for the CircleCI Release Agent. if the namespace is defined while using helm upgrade or helm install commands then that value is used intead of this. |
| baseUrl | string | "https://internal.circleci.com/" |
The host of the CircleCI Releases API server |
| env | list | [] |
Define any environment variables to be passed to the agent |
| fullnameOverride | string | "" |
Override the fully qualified app name |
| helm.driver | string | "secret" |
Specifies the Helm storage backend Ref: https://helm.sh/docs/topics/advanced/#storage-backends |
| helm.timeout | string | "10m" |
Specifies the time to wait for Helm operations Ref: https://helm.sh/docs/intro/using_helm/#helpful-options-for-installupgraderollback |
| image.pullPolicy | string | "IfNotPresent" |
The pull policy for the CircleCI Release Agent image |
| image.pullSecrets | list | [] |
Optional list of references to image repository secrets in the same namespace (e.g. Docker registry credentials) |
| image.repository | string | "circleci/k8s-release-agent" |
Repository to use for CircleCI Release Agent image |
| image.tag | string | "1.3.1" |
Specify the CircleCI Release Agent version to use |
| logging.level | string | "error" |
|
| managedNamespaces | list | ["default"] |
Specifies the list of namespaces to be monitored by the CircleCI Release Agent |
| nameOverride | string | "" |
Override the name of the app |
| podAnnotations | object | {} |
Allows setting additional annotations for CircleCI Release Agent pods |
| podLabels | object | {} |
Allows setting additional labels for CircleCI Release Agent pods including command job pods spawned by the release agent |
| rbac | object | {"clusterRoles":true,"create":true,"extraPermissions":[],"includeArgoRolloutsPermissions":true} |
Specifies the RBAC configuration |
| rbac.clusterRoles | bool | true |
Specifies whether to create the RBAC cluster roles. When set to false, RBAC roles will be created for each of the specified namespaces in `` |
| rbac.create | bool | true |
Specifies whether to create the RBAC resources |
| rbac.extraPermissions | list | [] |
Extra permissions added to the RBAC configuration (Useful when a component is packaged along with custom resources and the rollback operation requires them to restored atomically, such as when using Helm.) |
| rbac.includeArgoRolloutsPermissions | bool | true |
Enable this if at least one of the components are managed by Argo Rollouts |
| replicas | int | 2 |
Number of instances of CircleCI Release Agent |
| resources | object | {} |
Custom container resources request and limit for the CircleCI Release Agent |
| serviceAccount.annotations | object | {} |
Allows setting additional annotations for the service account |
| serviceAccount.create | bool | true |
Specifies whether to create a service account |
| serviceAccount.name | string | "circleci-release-agent" |
The service account name to be used |
| tokenSecret.create | bool | true |
Specifies whether to create a CircleCI Release Agent token secret |
| tokenSecret.token | string | nil |
Your CircleCI Release Agent token |