-
Notifications
You must be signed in to change notification settings - Fork 332
84 lines (82 loc) · 3.21 KB
/
helm-release.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
name: "Helm Charts"
# This workflow provides ability to release helm charts manually
# Should be removed when v2.5 is out of support
on:
workflow_dispatch:
inputs:
release:
description: Release charts
required: false
default: false
type: boolean
permissions:
contents: read
env:
GH_USER: "github-actions[bot]"
GH_EMAIL: "<41898282+github-actions[bot]@users.noreply.github.com>"
GH_OWNER: ${{ github.repository_owner }}
GH_REPO: "charts"
HELM_DEV: ${{ contains(fromJSON('["pull_request", "push"]'), github.event_name) }}
GITHUB_APP: "true"
KUMA_DIR: "."
CI_TOOLS_DIR: /home/runner/work/kuma/kuma/.ci_tools
jobs:
package:
name: Package
runs-on: ubuntu-latest
outputs:
filename: ${{ steps.package.outputs.filename }}
steps:
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
fetch-depth: 0
ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: go.mod
- uses: actions/cache@3624ceb22c1c5a301c8db4169662070a689d9ea8 # v4.1.1
with:
path: |
${{ env.CI_TOOLS_DIR }}
key: ${{ runner.os }}-${{ runner.arch }}-devtools-${{ hashFiles('mk/dependencies/deps.lock') }}
restore-keys: |
${{ runner.os }}-${{ runner.arch }}-devtools
- name: Install dependencies
run: |
make dev/tools
- name: package-helm-chart
id: package
run: |
make helm/update-version
git config user.name "${GH_USER}"
git config user.email "${GH_EMAIL}"
git add -u deployments/charts
# This commit never ends up in the repo
git commit --allow-empty -m "ci(helm): update versions"
# To get an idea of what's in the commit to debug
git show
make helm/package
PKG_FILENAME=$(find .cr-release-packages -type f -printf "%f\n")
echo "filename=${PKG_FILENAME}" >> $GITHUB_OUTPUT
- name: Upload packaged chart
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: ${{ steps.package.outputs.filename }}
path: .cr-release-packages/${{ steps.package.outputs.filename }}
retention-days: ${{ github.event_name == 'pull_request' && 1 || 30 }}
# Everything from here is only running on releases.
# Ideally we'd finish the workflow early but this isn't possible: https://github.com/actions/runner/issues/662
- name: Generate GitHub app token
id: github-app-token
if: github.event.inputs.release == 'true'
uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0
with:
app-id: ${{ secrets.APP_ID }}
private-key: ${{ secrets.APP_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
repositories: ${{ env.GH_REPO }}
- name: Release chart
if: github.event.inputs.release == 'true'
env:
GH_TOKEN: ${{ steps.github-app-token.outputs.token }}
run: make helm/release