-
Notifications
You must be signed in to change notification settings - Fork 36
141 lines (114 loc) · 4.23 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
name: Release Charts
on:
push:
branches: [ main ]
paths:
- 'charts/**'
- '.github/workflows/release.yml'
pull_request:
branches: [ main ]
paths:
- 'charts/**'
- '.github/workflows/release.yml'
jobs:
lint-test:
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Helm
uses: azure/setup-helm@v4
with:
version: v3.16.3
- uses: actions/setup-python@v5
with:
python-version: 3.11
- name: Set up chart-testing
uses: helm/chart-testing-action@v2.7.0
- name: Add dependency chart repos
run: |
helm repo add jetstack https://charts.jetstack.io
helm repo add community-charts https://community-charts.github.io/helm-charts
- name: Run chart-testing (list-changed)
id: list-changed
run: |
## If executed with debug this won't work anymore.
changed=$(ct --config ./.github/configs/ct-lint.yaml list-changed)
charts=$(echo "$changed" | tr '\n' ' ' | xargs)
if [[ -n "$changed" ]]; then
echo "changed=true" >> $GITHUB_OUTPUT
echo "changed_charts=$charts" >> $GITHUB_OUTPUT
fi
- name: Run Artifact Hub lint
run: |
curl -s https://api.github.com/repos/artifacthub/hub/releases/latest \
| grep -E 'browser_download_url' \
| grep linux_amd64 \
| grep -Eo 'https://[^\"]*' \
| xargs wget -q -O - \
| tar -xz
for CHART in charts/*; do
if [ -d "$CHART" ]; then
echo "Linting $CHART"
./ah lint -p "$CHART" || exit 1
fi
done
echo "All charts linted successfully."
rm -f ./ah
- name: install helm unittest plugin
if: steps.list-changed.outputs.changed == 'true'
run: |
helm env
helm plugin install https://github.com/helm-unittest/helm-unittest --version v0.7.0
- name: Run chart-testing (lint)
run: ct lint --debug --config ./.github/configs/ct-lint.yaml --lint-conf ./.github/configs/lintconf.yaml
- name: Create kind cluster
uses: helm/kind-action@v1.12.0
if: steps.list-changed.outputs.changed == 'true'
- name: Run chart-testing (install)
run: ct install --config ./.github/configs/ct-lint.yaml
if: steps.list-changed.outputs.changed == 'true'
release:
needs: lint-test
runs-on: ubuntu-latest
if: ${{ github.event_name != 'pull_request' }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
- name: Install Helm
uses: azure/setup-helm@v4
with:
version: v3.16.3
- name: Prepare GPG environment for Helm
id: import-gpg
run: |
GNUPG_DIR="$(mktemp --directory --tmpdir=${{ runner.temp }})"
# Import GPG passphrase
echo '${{ secrets.GPG_PASSPHRASE }}' > "${GNUPG_DIR}/passphrase"
echo "passphrase-file=${GNUPG_DIR}/passphrase" >> "${GITHUB_OUTPUT}"
# Import GPG signing key
echo '${{ secrets.GPG_KEYRING_BASE64 }}' | base64 -d | gpg --dearmor > "${GNUPG_DIR}/secring.gpg"
echo "keyring=${GNUPG_DIR}/secring.gpg" >> "${GITHUB_OUTPUT}"
- name: Add dependency chart repos
run: |
helm repo add jetstack https://charts.jetstack.io
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo add community-charts https://community-charts.github.io/helm-charts
helm repo add minio https://charts.min.io
- name: Run chart-releaser
uses: helm/chart-releaser-action@v1.7.0
env:
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
CR_KEY: "${{ secrets.CR_KEY }}"
CR_KEYRING: ${{ steps.import-gpg.outputs.keyring }}
CR_PASSPHRASE_FILE: ${{ steps.import-gpg.outputs.passphrase-file }}
CR_SIGN: "true"
CR_SKIP_EXISTING: "true"