diff --git a/.claude/skills/release/SKILL.md b/.claude/skills/release/SKILL.md new file mode 100644 index 0000000..b113f64 --- /dev/null +++ b/.claude/skills/release/SKILL.md @@ -0,0 +1,110 @@ +--- +name: release +description: Use when releasing a helm chart for step-certificates, autocert, or step-issuer. Run as /release . +--- + +# Helm Chart Release + +Releases a helm chart by syncing to the latest upstream version, bumping chart version correctly, opening a PR, and publishing to the helm repository. + +## Chart → Upstream Repo Mapping + +| Chart directory | Upstream repo | Branch shortname | +|---|---|---| +| `step-certificates` | `smallstep/certificates` | `certificates` | +| `autocert` | `smallstep/autocert` | `autocert` | +| `step-issuer` | `smallstep/step-issuer` | `step-issuer` | + +## Steps + +### 1. Assess what needs to change + +**Check latest upstream release:** + +```sh +gh release list --repo --exclude-pre-releases --limit 5 +``` + +Pick the latest non-prerelease version. Strip any leading `v` — this becomes the new `appVersion` (e.g., `v0.30.1` → `0.30.1`). + +**Check for chart file changes since the last chart release:** + +```sh +# Find the commit that last bumped the chart version +LAST=$(git log --oneline -1 -- /Chart.yaml | cut -d' ' -f1) + +# List chart files changed since then, excluding Chart.yaml itself +git diff $LAST HEAD -- '/' -- ':(exclude)/Chart.yaml' +``` + +**Decision:** + +- No upstream version change **and** no chart file changes → nothing to release. Inform the user and stop. +- Otherwise, continue. + +### 2. Determine the new `version` + +`version` always tracks `appVersion` with the major component incremented by 1 (e.g., `appVersion: 0.30.2` → base `1.30.2`). + +**If `appVersion` changed:** +- `version` = `(appVersion.major + 1).appVersion.minor.appVersion.patch` +- Any prior suffix is dropped. +- Examples: `0.30.2` → `1.30.2`, `1.0.0` → `2.0.0` + +**If `appVersion` did not change (chart files only):** +- Take the current `version` base (strip any existing `-N` suffix) and increment the suffix. +- `x.y.z` → `x.y.z-1` +- `x.y.z-N` → `x.y.z-(N+1)` +- Examples: `1.30.2` → `1.30.2-1`, `1.30.2-3` → `1.30.2-4` + +### 3. Update Chart.yaml + +Edit `/Chart.yaml`: +- `appVersion`: new upstream version (if changed) +- `version`: bumped per the rule above + +### 4. Create branch, commit, open PR + +```sh +USERNAME=$(whoami) +git checkout -b $USERNAME/- +git add /Chart.yaml +``` + +Commit message depends on what changed: +- appVersion updated, no chart file changes: `"Update to "` +- appVersion updated and chart files changed: `"Update to and bump chart version"` +- Chart files only (no appVersion change): `"Bump chart version to "` + +```sh +git push -u origin $USERNAME/- +gh pr create --title "" --body "" +``` + + +### 5. Publish to the helm repository + +Run `deploy-skill.sh`, which builds the helm package, checks out `gh-pages`, stages the `.tgz` and updated `index.yaml`, and prints the diff: + +```sh +./deploy-skill.sh +``` + +Capture the diff output and print it **in full** to the user as a fenced `diff` code block in your response — do not truncate, summarize, or use ellipsis. Then use `AskUserQuestion` to ask whether to proceed. + +If the user confirms, run (note: `deploy-skill.sh` leaves you on `gh-pages` where `Chart.yaml` doesn't exist, so hardcode the version from the earlier Chart.yaml edit): + +```sh +git commit -m "Add -.tgz" +git push origin gh-pages +git checkout master +``` + +If the user declines, run `git checkout master` to abort and leave `gh-pages` clean. + +Once the publish is complete, output the PR URL from step 4. + +## Notes + +- `deploy-skill.sh` requires `yq`, `git`, and `helm` +- For `autocert`, also check whether its pinned `step-certificates` dependency version in `Chart.yaml` needs updating diff --git a/README.md b/README.md index ec68fdc..498547a 100644 --- a/README.md +++ b/README.md @@ -18,12 +18,24 @@ These charts are released at https://smallstep.github.io/helm-charts/. ## Distribution +### Using Claude Code + +With [Claude Code](https://claude.ai/code) installed, release a chart using the built-in `/release` skill: + +``` +/release step-certificates +``` + +The skill handles everything: checking for upstream releases, bumping the chart version, opening a PR, and publishing to the helm repository. + +### Manual + 1. Update `version` in _packageName/Chart.yaml_. 2. Update `appVersion` to the image tag in _packageName/Chart.yaml_. -3. Commit these changes to a branch and push the branch to the origin. -Open a PR for merging to master. +3. Commit these changes to a branch and push the branch to the origin. + Open a PR for merging to master. 4. Create helm package (using `step-certificates` as an example): diff --git a/deploy-skill.sh b/deploy-skill.sh new file mode 100755 index 0000000..4785ce0 --- /dev/null +++ b/deploy-skill.sh @@ -0,0 +1,42 @@ +#!/bin/sh + +set -e + +if [ $# -ne 1 ]; then + echo "Usage: $0 " + echo " $0 step-certificates" + exit 1 +fi + +function require() { + for cmd in $@; + do + if ! command -v $cmd &> /dev/null + then + echo "$cmd is required" + exit 1 + fi + done +} + +require yq git helm + +# Grab version from chart +version=$(yq .version ./$1/Chart.yaml) + +# Build package +helm package ./$1 + +# Push it to gh-pages branch rebuilding the index +git checkout gh-pages +git pull origin gh-pages +git add "$1-$version.tgz" +mkdir new-charts +cp "$1-$version.tgz" new-charts/ +helm repo index --merge index.yaml --url https://smallstep.github.io/helm-charts/ new-charts +cp new-charts/index.yaml . +rm -rf new-charts + +# Stage index.yaml and print diff for skill confirmation +git add index.yaml +git diff --cached