Make chart-releaser release on main (#73) #6
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release Charts | |
on: | |
push: | |
branches: ["main"] | |
jobs: | |
release: | |
# depending on default permission settings for your org (contents being read-only or read-write for workloads), you will have to add permissions | |
# see: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token | |
permissions: | |
contents: write | |
runs-on: ubuntu-latest | |
if: "!contains(github.event.head_commit.message, '[skip ci]')" | |
steps: | |
- name: Checkout | |
uses: actions/[email protected] | |
with: | |
fetch-depth: 0 | |
- name: Configure Git | |
run: | | |
git config user.name "$GITHUB_ACTOR" | |
git config user.email "[email protected]" | |
- name: Install Helm | |
uses: azure/[email protected] | |
with: | |
version: v3.8.1 | |
- name: Add repositories | |
run: | | |
helm dependency list charts/druid #shows the output of dependencies | |
helm dependency list charts/druid 2> /dev/null | tail +2 | head -n -1 | awk '{ print "helm repo add " $1 " " $3 }' | while read cmd; do $cmd; done | |
- name: Prepare GPG key # Prepares GPG fields to sign chart | |
run: | | |
gpg_dir=.cr-gpg | |
mkdir "$gpg_dir" | |
keyring="$gpg_dir/secring.gpg" #referring keyring to private key of gpg | |
base64 -d <<< "$GPG_KEYRING_BASE64" > "$keyring" #storing base64 GPG key into keyring | |
passphrase_file="$gpg_dir/passphrase" | |
echo "$GPG_PASSPHRASE" > "$passphrase_file" #storing passphrase data into a file | |
echo "CR_PASSPHRASE_FILE=$passphrase_file" >> "$GITHUB_ENV" #saving passphrase into github-environment | |
echo "CR_KEYRING=$keyring" >> "$GITHUB_ENV" #saving private key into github-environment | |
env: | |
GPG_KEYRING_BASE64: "${{ secrets.GPG_KEYRING_BASE64 }}" | |
GPG_PASSPHRASE: "${{ secrets.GPG_PASSPHRASE }}" | |
- name: Run chart-releaser # Generates new version of helm chart along with some file with extension .prov | |
uses: helm/[email protected] | |
with: | |
charts_dir: charts | |
pages_branch: main | |
packages_with_index: true | |
env: | |
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | |
CR_KEY: "${{ secrets.CR_KEY }}" # Key name used while creating key | |
CR_SIGN: true # Set to true to sign images | |
CR_SKIP_EXISTING: true # If left false, having a .tgz file in main repository will throw error. | |
- name: Clean-up and shift files to releases directory | |
run: | | |
mkdir -p releases/ | |
shopt -s nullglob | |
files=(.cr-release-packages/druid-*) | |
if [ ${#files[@]} -gt 0 ]; then | |
mv .cr-release-packages/druid-* releases/ #Move files to releases | |
git add index.yaml releases/druid-* | |
else | |
echo "No files starting with 'druid-' found in .cr-release-packages/" | |
fi | |
# Remove old druid-*.tgz files from the root directory if they exist | |
tgz_files=(druid-*.tgz) | |
if [ ${#tgz_files[@]} -gt 0 ]; then | |
git rm -f ./druid-*.tgz | |
else | |
echo "No .tgz file to remove" | |
fi | |
# Commit and push changes if any files were staged | |
if git diff --cached --quiet; then | |
echo "No changes to commit." | |
else | |
git commit -m "Update releases directory" | |
git push origin main | |
fi | |
env: | |
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | |
- name: Print directory tree for debug | |
run: | | |
sudo apt-get update && sudo apt-get install tree -y | |
tree -a | |
linter-artifacthub: | |
runs-on: ubuntu-latest | |
container: | |
image: artifacthub/ah | |
options: --user 1001 | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@master | |
- name: Run ah lint | |
working-directory: . | |
run: ah lint |