From cd820f67ec0f70874a591290ba799adb0c680618 Mon Sep 17 00:00:00 2001
From: Richard Wu <richardwu1997@gmail.com>
Date: Fri, 6 May 2022 12:59:07 -0400
Subject: [PATCH] Initial commit.

---
 Dockerfile    | 21 +++++++++++++++++++++
 LICENSE       | 21 +++++++++++++++++++++
 README.md     | 47 +++++++++++++++++++++++++++++++++++++++++++++++
 action.yml    | 23 +++++++++++++++++++++++
 entrypoint.sh | 24 ++++++++++++++++++++++++
 5 files changed, 136 insertions(+)
 create mode 100644 Dockerfile
 create mode 100644 LICENSE
 create mode 100644 README.md
 create mode 100644 action.yml
 create mode 100755 entrypoint.sh

diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..3981f82
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,21 @@
+# Adapted from https://github.com/koslib/helm-eks-action to authenticate using eksctl.
+
+FROM alpine:3.13
+
+ARG KUBECTL_VERSION="1.21.2"
+
+RUN apk add py-pip curl wget ca-certificates git bash jq gcc alpine-sdk
+RUN pip install 'awscli==1.22.26'
+RUN curl -L -o /usr/bin/kubectl https://amazon-eks.s3.us-west-2.amazonaws.com/1.21.2/2021-07-05/bin/linux/amd64/kubectl
+RUN chmod +x /usr/bin/kubectl
+
+RUN curl -o /usr/bin/aws-iam-authenticator https://amazon-eks.s3.us-west-2.amazonaws.com/1.21.2/2021-07-05/bin/linux/amd64/aws-iam-authenticator
+RUN chmod +x /usr/bin/aws-iam-authenticator
+
+RUN wget https://get.helm.sh/helm-v3.8.0-linux-amd64.tar.gz -O - | tar -xzO linux-amd64/helm > /usr/local/bin/helm
+RUN chmod +x /usr/local/bin/helm
+
+RUN wget "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" -O - | tar -xz -C /usr/local/bin
+
+COPY entrypoint.sh /entrypoint.sh
+ENTRYPOINT ["/entrypoint.sh"]:
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..28c5495
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2022 Richard Wu
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..39ac9c6
--- /dev/null
+++ b/README.md
@@ -0,0 +1,47 @@
+# eksctl-helm-action
+
+Github Action to authenticate with eksctl and use helm/kubectl.
+
+Huge credits to [helm-eks-action](https://github.com/koslib/helm-eks-action) (this is basically a fork with a few additional lines)
+but authenticating using `eksctl` instead of passing through `KUBE_CONFIG_DATA`.
+
+## Example
+
+Secrets required: `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`
+
+Inputs:
+
+- `eks_cluster`: name of the EKS cluster (NAME in `eksctl get cluster`)
+- `plugins`: comma-separated list of helm plugins (their URLs)
+- `command`: the command(s) you want to run (which can be `kubectl`/`helm`)
+
+```yaml
+name: deploy
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: us-east-1
+
+      - name: helm deploy
+        uses: tensor-hq/eksctl-helm-action@master
+        with:
+          eks_cluster: my-prod-cluster
+          plugins: "https://github.com/jkroepke/helm-secrets" # optional
+          command: |-
+            helm upgrade <release name> --install --wait <chart> -f <path to values.yaml>
+            kubectl get pods
+```
diff --git a/action.yml b/action.yml
new file mode 100644
index 0000000..ee58e3f
--- /dev/null
+++ b/action.yml
@@ -0,0 +1,23 @@
+name: "Helm on EKS (with eksctl)"
+description: "Authenticates on EKS clusters using eksctl and executes Helm commands. Can also be used with kubectl commands."
+branding:
+  icon: 'anchor'
+  color: 'blue'
+inputs:
+  command:
+    description: "Your command (kubectl or helm)"
+    required: true
+  plugins:
+    description: "Comma-separated URLs for the Helm Plugins you need installed"
+    required: false
+  eks_cluster:
+    description: "Name of your EKS cluster (i.e., from `eksctl get cluster`)"
+    required: true
+outputs:
+  result:
+    description: "Output returned by your Helm or kubectl command"
+runs:
+  using: "docker"
+  image: "Dockerfile"
+  args:
+    - ${{ inputs.command }}
diff --git a/entrypoint.sh b/entrypoint.sh
new file mode 100755
index 0000000..7f14c7a
--- /dev/null
+++ b/entrypoint.sh
@@ -0,0 +1,24 @@
+#!/bin/sh
+
+set -e
+
+export KUBECONFIG="${PWD}/kubeconfig"
+eksctl utils write-kubeconfig --cluster $INPUT_EKS_CLUSTER --kubeconfig $KUBECONFIG
+chmod 600 $KUBECONFIG
+
+if [[ -n "${INPUT_PLUGINS// /}" ]]
+then
+    plugins=$(echo $INPUT_PLUGINS | tr ",")
+
+    for plugin in $plugins
+    do
+        echo "installing helm plugin: [$plugin]"
+        helm plugin install $plugin
+    done
+fi
+
+echo "running entrypoint command(s)"
+
+response=$(sh -c "$INPUT_COMMAND")
+
+echo "::set-output name=response::$response"