-
Notifications
You must be signed in to change notification settings - Fork 8
104 lines (101 loc) · 4.21 KB
/
release.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
name: Release Charts
on:
push:
branches: ["main"]
jobs:
release:
# depending on default permission settings for your org (contents being read-only or read-write for workloads), you will have to add permissions
# see: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token
permissions:
contents: write
runs-on: ubuntu-latest
if: "!contains(github.event.head_commit.message, '[skip ci]')"
steps:
- name: Checkout
uses: actions/[email protected]
with:
fetch-depth: 0
- name: Set timezone
run: |
sudo timedatectl set-timezone Asia/Singapore #Lets index.yaml use Singapore Time to trigger ArtifactHub scanning.
- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "[email protected]"
- name: Install Helm
uses: azure/[email protected]
with:
version: v3.8.1
- name: Add repositories
run: |
helm dependency list charts/druid #shows the output of dependencies
helm dependency list charts/druid 2> /dev/null | tail +2 | head -n -1 | awk '{ print "helm repo add " $1 " " $3 }' | while read cmd; do $cmd; done
- name: Prepare GPG key # Prepares GPG fields to sign chart
run: |
gpg_dir=.cr-gpg
mkdir "$gpg_dir"
keyring="$gpg_dir/secring.gpg" #referring keyring to private key of gpg
base64 -d <<< "$GPG_KEYRING_BASE64" > "$keyring" #storing base64 GPG key into keyring
passphrase_file="$gpg_dir/passphrase"
echo "$GPG_PASSPHRASE" > "$passphrase_file" #storing passphrase data into a file
echo "CR_PASSPHRASE_FILE=$passphrase_file" >> "$GITHUB_ENV" #saving passphrase into github-environment
echo "CR_KEYRING=$keyring" >> "$GITHUB_ENV" #saving private key into github-environment
env:
GPG_KEYRING_BASE64: "${{ secrets.GPG_KEYRING_BASE64 }}"
GPG_PASSPHRASE: "${{ secrets.GPG_PASSPHRASE }}"
- name: Run chart-releaser # Generates new version of helm chart along with some file with extension .prov
uses: helm/[email protected]
with:
# To add in after chart-releaser-action allows this:
# skip_upload: true # Skips the index step.
skip_existing: true # If left false, having a .tgz file in main repository will throw error.
packages_with_index: true
charts_dir: charts
pages_branch: main
env:
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
CR_KEY: "${{ secrets.CR_KEY }}" # Key name used while creating key
CR_SIGN: true # Set to true to sign images
- name: Clean-up and shift files to releases directory
run: |
mkdir -p releases/
shopt -s nullglob
files=(.cr-release-packages/druid-*)
# Move files to releases directory
if [ ${#files[@]} -gt 0 ]; then
git restore index.yaml
git pull origin main # To remove after chart-releaser-action allows skip_upload
mv .cr-release-packages/druid-* releases/
git add releases/druid-*
else
echo "New packages not found in .cr-release-packages/"
fi
# Remove old druid-*.tgz files from the root directory if they exist
tgz_files=(druid-*.tgz)
if [ ${#tgz_files[@]} -gt 0 ]; then
git rm -f ./druid-*.tgz
else
echo "No .tgz file to remove"
fi
# Commit and push changes if any files were staged
if git diff --cached --quiet; then
echo "No changes to commit."
else
helm repo index .
git add index.yaml
git commit -m "Update releases directory"
git push origin main
fi
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
linter-artifacthub:
runs-on: ubuntu-latest
container:
image: artifacthub/ah
options: --user 1001
steps:
- name: Checkout code
uses: actions/checkout@master
- name: Run ah lint
working-directory: .
run: ah lint