publish-chart #102
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
# This is a manually triggered workflow to package and upload the Helm chart from the | |
# main branch to Aqua Security repository at https://github.com/aquasecurity/helm-charts. | |
name: Publish Helm chart | |
on: | |
repository_dispatch: | |
types: [publish-chart] | |
paths: | |
- deploy/helm/Chart.yaml | |
env: | |
HELM_REP: helm-charts | |
GH_OWNER: aquasecurity | |
CHART_DIR: deploy/helm | |
KIND_VERSION: v0.17.0 | |
KIND_IMAGE: kindest/node:v1.21.1@sha256:69860bda5563ac81e3c0057d654b5253219618a22ec3a346306239bba8cfa1a6 | |
jobs: | |
release: | |
# this job will only run if the PR has been merged | |
if: github.event.client_payload.action == 'chart-release' || github.event.client_payload.action == 'chart-and-app-release' | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Install Helm | |
uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v1.1 | |
with: | |
version: v3.5.0 | |
- name: Set up python | |
uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 | |
with: | |
python-version: 3.7 | |
- name: Setup Chart Linting | |
id: lint | |
uses: helm/[email protected] | |
- name: Setup Kubernetes cluster (KIND) | |
uses: helm/[email protected] # v1.5.0 | |
with: | |
version: ${{ env.KIND_VERSION }} | |
image: ${{ env.KIND_IMAGE }} | |
- name: Run chart-testing | |
run: ct lint-and-install --validate-maintainers=false --charts deploy/helm | |
- name: Install chart-releaser | |
run: | | |
wget https://github.com/helm/chart-releaser/releases/download/v1.3.0/chart-releaser_1.3.0_linux_amd64.tar.gz | |
echo "baed2315a9bb799efb71d512c5198a2a3b8dcd139d7f22f878777cffcd649a37 chart-releaser_1.3.0_linux_amd64.tar.gz" | sha256sum -c - | |
tar xzvf chart-releaser_1.3.0_linux_amd64.tar.gz cr | |
- name: Package helm chart | |
run: | | |
./cr package ${{ env.CHART_DIR }} | |
- name: Upload helm chart | |
# Failed with upload the same version: https://github.com/helm/chart-releaser/issues/101 | |
continue-on-error: true | |
run: | | |
./cr upload -o ${{ env.GH_OWNER }} -r ${{ env.HELM_REP }} --token ${{ secrets.ORG_REPO_TOKEN }} -p .cr-release-packages | |
- name: Index helm chart | |
run: | | |
./cr index -o ${{ env.GH_OWNER }} -r ${{ env.HELM_REP }} -c https://${{ env.GH_OWNER }}.github.io/${{ env.HELM_REP }}/ -i index.yaml | |
- name: Push index file | |
uses: dmnemec/copy_file_to_another_repo_action@c93037aa10fa8893de271f19978c980d0c1a9b37 # v1.1.1 | |
env: | |
API_TOKEN_GITHUB: ${{ secrets.ORG_REPO_TOKEN }} | |
with: | |
source_file: "index.yaml" | |
destination_repo: "${{ env.GH_OWNER }}/${{ env.HELM_REP }}" | |
destination_folder: "." | |
destination_branch: "gh-pages" | |
user_email: [email protected] | |
user_name: "aqua-bot" | |
- name: Get latest tag | |
id: latest_tag | |
run: | | |
latest_tag=$(git describe --tags --abbrev=0) | |
echo "::set-output name=tag::$latest_tag" | |
- name: Repository Dispatch Publish docs | |
if: github.event.client_payload.action == 'chart-and-app-release' && !contains(steps.latest_tag.outputs.tag, 'rc') | |
uses: peter-evans/repository-dispatch@v2 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
event-type: publish-docs | |
client-payload: '{"action": "docs-release", "tag": "${{ steps.latest_tag.outputs.tag }}"}' |