feat: Automatically build helm chart on PR merge #90
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # This is a manually triggered workflow to package and upload the Helm chart from the | |
| # main branch to Aqua Security repository at https://github.com/aquasecurity/helm-charts. | |
| name: Publish Helm chart | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| ref: | |
| description: The branch, tag or SHA to publish, e.g. v0.0.1 | |
| required: true | |
| pull_request_target: | |
| types: | |
| - closed | |
| paths: | |
| - deploy/helm/Chart.yaml | |
| env: | |
| HELM_REP: helm-charts | |
| GH_OWNER: aquasecurity | |
| CHART_DIR: deploy/helm | |
| KIND_VERSION: v0.17.0 | |
| KIND_IMAGE: kindest/node:v1.21.1@sha256:69860bda5563ac81e3c0057d654b5253219618a22ec3a346306239bba8cfa1a6 | |
| jobs: | |
| release: | |
| if: (github.event.pull_request.merged == true && !contains(github.event.pull_request.labels.*.name, 'app-version-changed') || github.event.inputs.ref != '') | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| if: github.event.inputs.ref != '' | |
| with: | |
| ref: ${{ github.event.inputs.ref }} | |
| fetch-depth: 0 | |
| - name: Checkout | |
| if: github.event.inputs.ref == '' | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Install Helm | |
| uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v1.1 | |
| with: | |
| version: v3.5.0 | |
| - name: Set up python | |
| uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 | |
| with: | |
| python-version: 3.7 | |
| - name: Setup Chart Linting | |
| id: lint | |
| uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.1.0 | |
| - name: Setup Kubernetes cluster (KIND) | |
| uses: helm/[email protected] # v1.5.0 | |
| with: | |
| version: ${{ env.KIND_VERSION }} | |
| image: ${{ env.KIND_IMAGE }} | |
| - name: Run chart-testing | |
| run: ct lint-and-install --validate-maintainers=false --charts deploy/helm | |
| - name: Install chart-releaser | |
| run: | | |
| wget https://github.com/helm/chart-releaser/releases/download/v1.3.0/chart-releaser_1.3.0_linux_amd64.tar.gz | |
| echo "baed2315a9bb799efb71d512c5198a2a3b8dcd139d7f22f878777cffcd649a37 chart-releaser_1.3.0_linux_amd64.tar.gz" | sha256sum -c - | |
| tar xzvf chart-releaser_1.3.0_linux_amd64.tar.gz cr | |
| - name: Package helm chart | |
| run: | | |
| ./cr package ${{ env.CHART_DIR }} | |
| - name: Upload helm chart | |
| # Failed with upload the same version: https://github.com/helm/chart-releaser/issues/101 | |
| continue-on-error: true | |
| run: | | |
| ./cr upload -o ${{ env.GH_OWNER }} -r ${{ env.HELM_REP }} --token ${{ secrets.ORG_REPO_TOKEN }} -p .cr-release-packages | |
| - name: Index helm chart | |
| run: | | |
| ./cr index -o ${{ env.GH_OWNER }} -r ${{ env.HELM_REP }} -c https://${{ env.GH_OWNER }}.github.io/${{ env.HELM_REP }}/ -i index.yaml | |
| - name: Push index file | |
| uses: dmnemec/copy_file_to_another_repo_action@c93037aa10fa8893de271f19978c980d0c1a9b37 # v1.1.1 | |
| env: | |
| API_TOKEN_GITHUB: ${{ secrets.ORG_REPO_TOKEN }} | |
| with: | |
| source_file: "index.yaml" | |
| destination_repo: "${{ env.GH_OWNER }}/${{ env.HELM_REP }}" | |
| destination_folder: "." | |
| destination_branch: "gh-pages" | |
| user_email: [email protected] | |
| user_name: "aqua-bot" |