Show HN: Chart Preview – Chart Preview:在每次 PR 上预览 Helm Chart 的环境

3作者: chartpreview6 个月前
我是一名软件工程师,意外地成了团队里的 Kubernetes 专家——最终也成了每个 Helm chart PR 的瓶颈。<p>我开发了 Chart Preview,这样审阅者就可以在无需等待我的情况下,看到 Helm chart 的变更运行情况。<p>几年前,我的团队需要为现有产品实现 HA(高可用性),这意味着要在 Kubernetes 和 OpenShift 上进行部署。我花了几个月的时间学习 Kubernetes、Helm 以及相关的生态系统。在那之后,Kubernetes 基本上就成了团队里的“我的专长”。<p>后来,我们为该产品发布了公开的 Helm chart,客户开始提交 PR(Pull Request)。这些 PR 经常会被搁置数月——并不是因为变更不好,而是因为测试它们意味着手动启动一个 Kubernetes 集群,使用提议的变更部署 chart,运行测试场景,并与产品和 QA 协调验证。由于只有我才能可靠地设置这些环境,所以一切都得等我。<p>我一直在想:如果 PR 本身就能展示变更后的效果会怎样?如果审阅者只需点击一个链接就能看到它被部署会怎样?<p>这个想法变成了 Chart Preview。<p>Chart Preview 在你打开 PR 时,将你的 Helm chart 部署到一个真实的 Kubernetes 集群,为该 PR 提供一个唯一的预览 URL,并在 PR 关闭时自动清理所有内容。<p>我最初解决的是我个人遇到的问题,而不是事先调查整个市场。在构建更多功能的过程中,我研究了现有的预览工具,并注意到虽然有用于预览基于容器的应用程序的可靠解决方案,但 Helm 特有的工作流程带来了不同的挑战——chart 依赖关系、分层 values 文件和有主见的 chart 结构。这促使我专注于让 Chart Preview 首先成为 Helm 原生的工具,而不是将容器预览工作流程适配到 Helm。<p>在底层,它使用 Helm v3 SDK 用 Go 语言构建。架构是一个 API 服务器,其 worker 从 PostgreSQL 队列中提取任务——没有 Kubernetes operator,只有服务直接与 Kubernetes API 对话。每个预览都在其自己的命名空间中运行,并带有 deny-all NetworkPolicies、ResourceQuotas 和 LimitRanges。GitHub 集成通过 GitHub App 完成,用于 check runs 和 webhooks,通过 REST API 支持 GitLab。<p>在此过程中,遇到了一些有趣的挑战。将预览主机名注入 Ingress 资源而不破坏清单文件,这经历了多次迭代。Helm 卸载并不总是能清理所有内容,所以删除整个命名空间被证明是最安全的备选方案。处理对同一 PR 的快速推送需要构建编号,以便最新的推送始终获胜。虽然 Helm SDK 功能强大,但文档不足——我花了很多时间阅读 Helm 的源代码。<p>我一直在使用 Grafana、podinfo 和 WordPress 等真实 chart 构建和测试这个工具几个月,以验证工作流程。它还处于早期阶段,但它有效,现在我正试图了解其他团队是否也面临着我遇到的相同痛点。<p>你可以在这里安装 GitHub App 来试用: <a href="https:&#x2F;&#x2F;github.com&#x2F;apps&#x2F;chart-preview" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;apps&#x2F;chart-preview</a><p>我很乐意收到关于以下几点的反馈:<p>这是否解决了你团队的实际问题,还是共享的 staging 环境“足够好”?<p>缺少什么功能会让你真正使用它?<p>是否有 Chart Preview 无法使用的 Helm chart?(有意阻止了集群范围的资源。)<p>很乐意回答关于实现的问题。
查看原文
I’m a software engineer who accidentally became my team’s Kubernetes person — and eventually the bottleneck for every Helm chart PR.<p>I built Chart Preview so reviewers could see Helm chart changes running without waiting on me.<p>A few years ago, my team needed to implement HA for an existing product, which meant deploying on Kubernetes and OpenShift. I spent months learning Kubernetes, Helm, and the surrounding ecosystem. After that, Kubernetes largely became “my thing” on the team.<p>We later published public Helm charts for the product, and customers started submitting PRs. Those PRs would often sit for months — not because the changes were bad, but because testing them meant manually spinning up a Kubernetes cluster, deploying the chart with the proposed changes, running through test scenarios, and coordinating verification with product and QA. Since I was the only one who could reliably set up those environments, everything waited on me.<p>I kept thinking: what if the PR itself showed the changes working? What if reviewers could just click a link and see it deployed?<p>That idea became Chart Preview.<p>Chart Preview deploys your Helm chart to a real Kubernetes cluster when you open a PR, provides a unique preview URL for that PR, and cleans everything up automatically when the PR closes.<p>I started by solving a problem I was personally hitting, rather than surveying the whole market upfront. As I built more of it, I looked at existing preview tools and noticed that while there are solid solutions for previewing container-based applications, Helm-specific workflows introduce different challenges — chart dependencies, layered values files, and opinionated chart structures. That pushed me to focus Chart Preview on being Helm-native first, rather than adapting a container preview workflow to fit Helm.<p>Under the hood, it’s built in Go using the Helm v3 SDK. The architecture is an API server with workers pulling jobs from a PostgreSQL queue — no Kubernetes operator, just services talking directly to the Kubernetes API. Each preview runs in its own namespace with deny-all NetworkPolicies, ResourceQuotas, and LimitRanges. GitHub integration is done via a GitHub App for check runs and webhooks, with GitLab supported via the REST API.<p>There were a few interesting challenges along the way. Injecting preview hostnames into Ingress resources without corrupting manifests took several iterations. Helm uninstall doesn’t always clean everything up, so deleting the entire namespace turned out to be the safest fallback. Handling rapid pushes to the same PR required build numbering so the latest push always wins. And while the Helm SDK is powerful, it’s under-documented — I spent a lot of time reading Helm’s source code.<p>I’ve been building and testing this for a few months using real charts like Grafana, podinfo, and WordPress to validate the workflow. It’s early, but it works, and now I’m trying to understand whether other teams have the same pain point I did.<p>You can try it by installing the GitHub App here: <a href="https:&#x2F;&#x2F;github.com&#x2F;apps&#x2F;chart-preview" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;apps&#x2F;chart-preview</a><p>I’d love feedback on a few things:<p>Does this solve a real problem for your team, or is shared staging “good enough”?<p>What’s missing that would make you actually use it?<p>Are there Helm charts this wouldn’t work for? (Cluster-scoped resources are intentionally blocked.)<p>Happy to answer questions about the implementation.