-
Notifications
You must be signed in to change notification settings - Fork 13
80 lines (70 loc) · 2.96 KB
/
chart-releaser.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
name: Chart Release
on:
workflow_dispatch:
env:
CR_CONFIGFILE: "${{ github.workspace }}/cr.yaml"
CR_TOOL_PATH: "${{ github.workspace }}/.cr-tool"
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
TARGET_BRANCH: "${{ github.ref_name }}"
CHART_NAME_CE: "plane-ce"
CHART_NAME_ENTERPRISE: "plane-enterprise"
jobs:
setup:
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "[email protected]"
- name: Install Helm
uses: azure/setup-helm@v4
- name: Prepare GPG key #this step is for using exported keys and make your github runner
run: |
gpg_dir=.cr-gpg
mkdir "$gpg_dir"
keyring="$gpg_dir/secring.gpg" #referring keyring to private key of gpg
base64 -d <<< "$GPG_KEYRING_BASE64" > "$keyring" #storing base64 GPG key into keyring
passphrase_file="$gpg_dir/passphrase"
echo "$GPG_PASSPHRASE" > "$passphrase_file" #storing passphrase data into a file
echo "CR_PASSPHRASE_FILE=$passphrase_file" >> "$GITHUB_ENV" #saving passphrase into github-environment
echo "CR_KEYRING=$keyring" >> "$GITHUB_ENV" #saving private key into github-environemnt
env:
GPG_KEYRING_BASE64: "${{ secrets.GPG_KEYRING_BASE64 }}" #Referring secrets of github above
GPG_PASSPHRASE: "${{ secrets.GPG_PASSPHRASE }}"
- name: Rename Chart
if: github.ref_name != 'master'
run: |
flatBranchName=$(echo "${{ env.TARGET_BRANCH }}" | sed 's/\//\-/g')
sed -i "s/name: \(.*\)/name: \1-${flatBranchName}/" charts/${{ env.CHART_NAME_CE }}/Chart.yaml
sed -i "s/name: \(.*\)/name: \1-${flatBranchName}/" charts/${{ env.CHART_NAME_ENTERPRISE }}/Chart.yaml
- name: Release Charts
uses: helm/[email protected]
with:
charts_dir: charts
config: cr.yaml
packages_with_index: false
skip_existing: true
env:
CR_TOKEN: ${{ env.CR_TOKEN }}
CR_KEY: "Plane"
CR_KEYRING: ${{ env.CR_KEYRING }}
CR_PASSPHRASE_FILE: ${{ env.CR_PASSPHRASE_FILE }}
CR_SIGN: true
- id: publish-plane-enterprise
if: github.ref_name == 'master'
name: Publish Plane-Enterprise
env:
CHART_REPO: ${{ env.CHART_NAME_ENTERPRISE }}
HELM_REPO: plane
run: |
mkdir -p tmp
helm registry login -u ${{ secrets.HARBOR_USERNAME }} -p ${{ secrets.HARBOR_TOKEN }} ${{ vars.HARBOR_REGISTRY }}
helm package --sign --key "Plane" --keyring $CR_KEYRING --passphrase-file "$CR_PASSPHRASE_FILE" charts/$CHART_REPO -u -d tmp
helm push tmp/${{ env.CHART_REPO }}-*.tgz oci://${{ vars.HARBOR_REGISTRY }}/${{env.HELM_REPO}}
rm -rf tmp