save #9

	name: Helm Chart Release

	on:
	workflow_dispatch:
	pull_request:
	push:

	permissions:
	contents: read

	defaults:
	run:
	shell: bash

	jobs:
	chart:
	name: Publish charts
	runs-on: mirror-node-linux-medium
	permissions:
	contents: write
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
	with:
	egress-policy: audit

	- name: Checkout Code
	uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

	- name: PWD
	run: pwd

	- name: List directory
	run: ls -ltr

	- name: list chart directory
	run: ls -ltr chart

	- name: Setup Kind
	uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0
	with:
	install_only: true
	node_image: kindest/node:v1.27.3@sha256:3966ac761ae0136263ffdb6cfd4db23ef8a83cba8a463690e98317add2c9ba72
	version: v0.21.0
	kubectl_version: v1.28.6
	verbosity: 3
	wait: 120s

	- name: Login to GitHub Container Registry
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Helm package
	run: \|
	helm repo add stable https://charts.helm.sh/stable
	helm repo update
	helm package chart

	# show tgz file content without uncompress
	tar -tvf chart*.tgz


	- name: list tgz files
	run: ls -ltr *.tgz

	- name: Helm publish
	run: \|
	export CHART_VERSION=$(grep 'version:' ./chart/Chart.yaml \| tail -n1 \| awk '{ print $2}')

	owner="${GITHUB_REPOSITORY_OWNER,,}"
	# push to ghcr.io
	helm push chart*-${CHART_VERSION}.tgz oci://ghcr.io/$owner

Provide feedback