[CI] Publish inframold charts #577
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Generate Inframold Charts Artifacts Manifest | |
on: | |
pull_request: | |
branches: | |
- 'main' | |
paths: | |
- '.github/workflows/update-artifacts.yml' | |
- 'charts/tfy-k8s-aws-eks-inframold/**' | |
- 'charts/tfy-k8s-azure-aks-inframold/**' | |
- 'charts/tfy-k8s-civo-talos-inframold/**' | |
- 'charts/tfy-k8s-gcp-gke-standard-inframold/**' | |
- 'charts/tfy-k8s-generic-inframold/**' | |
- 'scripts/generate-artifacts-manifest/**' | |
- 'scripts/upload-artifacts/**' | |
jobs: | |
update-artifacts: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write | |
id-token: write | |
env: | |
ARTIFACTORY_USERNAME: ${{ secrets.TRUEFOUNDRY_ARTIFACTORY_PUBLIC_USERNAME }} | |
ARTIFACTORY_PASSWORD: ${{ secrets.TRUEFOUNDRY_ARTIFACTORY_PUBLIC_PASSWORD }} | |
ARTIFACTORY_REPOSITORY_URL: ${{ vars.TRUEFOUNDRY_ARTIFACTORY_PUBLIC_REPOSITORY }} | |
ARTIFACTORY_HELM_REGISTRY_URL: ${{ vars.TRUEFOUNDRY_ARTIFACTORY_PUBLIC_HELM_REGISTRY }} | |
steps: | |
- name: Checkout Code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
ref: ${{ github.head_ref }} | |
- name: Setup Kubectl | |
id: install-kubectl | |
uses: azure/setup-kubectl@v3 | |
with: | |
version: 'v1.28.0' | |
- name: Setup Helm | |
uses: azure/[email protected] | |
with: | |
version: v3.15.1 | |
- name: Setup Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.10' | |
- name: Log in to JFrog Artifactory | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.TRUEFOUNDRY_ARTIFACTORY_PRIVATE_READONLY_USERNAME }} | |
password: ${{ secrets.TRUEFOUNDRY_ARTIFACTORY_PRIVATE_READONLY_PASSWORD }} | |
registry: ${{ vars.TRUEFOUNDRY_ARTIFACTORY_REGISTRY_URL }} | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
role-to-assume: ${{ secrets.PUBLIC_ECR_IAM_ROLE_ARN }} | |
aws-region: us-east-1 | |
- name: Login to Amazon ECR | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v2 | |
with: | |
registry-type: public | |
- name: Install python dependencies | |
run: | | |
pip install -r scripts/upload-artifacts/requirements.txt | |
pip install -r scripts/generate-artifacts-manifest/requirements.txt | |
# Generate artifacts manifest for inframold charts | |
- name: Generate Artifacts Manifest for Each Chart | |
run: | | |
charts_list=("tfy-k8s-aws-eks-inframold" "tfy-k8s-azure-aks-inframold" "tfy-k8s-gcp-gke-standard-inframold" "tfy-k8s-generic-inframold") | |
for chart in "${charts_list[@]}"; | |
do | |
version=$(cat charts/$chart/Chart.yaml | grep version | awk '{print $2}') | |
python scripts/generate-artifacts-manifest/artifacts_template_generator.py $chart https://truefoundry.github.io/infra-charts/ \ | |
$version charts/$chart/values-artifact-manifest.yaml charts/$chart/artifacts-manifest.json scripts/generate-artifacts-manifest/extra.json | |
done | |
env: | |
MODE: 'local' | |
# Check if truefoundry chart images support amd64 and arm64 using AWS chart | |
- name: Check if Truefoundry Chart Images Support Multiple Architectures | |
run: | | |
python scripts/generate-artifacts-manifest/check_chart_images_support_multiple_architectures.py \ | |
charts/tfy-k8s-aws-eks-inframold/artifacts-manifest.json \ | |
scripts/generate-artifacts-manifest/multi-arch-image-whitelist.json | |
# Update the inframold artifacts manifest | |
- name: Update Artifacts Manifest | |
run: | | |
git config user.name "$GITHUB_ACTOR" | |
git config user.email "[email protected]" | |
git add . | |
if git diff --cached --quiet; then | |
echo "Nothing to commit for now" | |
else | |
git commit -am "[CI] Update charts artifacts manifest files" --signoff | |
git pull origin --rebase | |
git push | |
fi |