Merge pull request #213 from jnywong/add-settings-keys #416
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This is a GitHub workflow defining a set of jobs with a set of steps. | |
# ref: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions | |
# | |
name: Publish chart | |
# Trigger the workflow on pushed tags or commits to main branch. | |
on: | |
pull_request: | |
paths-ignore: | |
- "docs/**" | |
- "**.md" | |
- ".github/workflows/*" | |
- "!.github/workflows/publish-chart.yaml" | |
push: | |
paths-ignore: | |
- "docs/**" | |
- "**.md" | |
- ".github/workflows/*" | |
- "!.github/workflows/publish-chart.yaml" | |
branches: | |
- "main" | |
tags: | |
- "**" | |
jobs: | |
# Packages the Helm chart, and pushes it to 2i2c-org/frx-challenges@gh-pages. | |
# | |
publish: | |
runs-on: ubuntu-22.04 | |
# Explicitly request permissions to push to this git repository's gh-pages | |
# branch via the the GITHUB_TOKEN we can have access to. | |
permissions: | |
contents: write | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
# chartpress needs git history | |
fetch-depth: 0 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: "3.11" | |
- name: Decide to publish or not | |
id: publishing | |
shell: python | |
run: | | |
import os | |
repo = "${{ github.repository }}" | |
event = "${{ github.event_name }}" | |
ref = "${{ github.event.ref }}" | |
publishing = "" | |
if ( | |
repo == "2i2c-org/frx-challenges" | |
and event == "push" | |
and ( | |
ref.startswith("refs/tags/") | |
or ref == "refs/heads/main" | |
) | |
): | |
publishing = "true" | |
print("Publishing chart") | |
with open(os.environ["GITHUB_OUTPUT"], "a") as f: | |
f.write(f"publishing={publishing}\n") | |
- name: Set up QEMU (for docker buildx) | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx (for chartpress multi-arch builds) | |
uses: docker/setup-buildx-action@v3 | |
- name: Setup push rights to Quay.io | |
if: steps.publishing.outputs.publishing | |
run: | | |
docker login -u "${{ secrets.QUAY_USERNAME }}" -p "${{ secrets.QUAY_PASSWORD }}" quay.io | |
- name: Set up push rights to frx-challenges-helm-chart | |
# This was setup by... | |
# 1. Generating a private/public key pair: | |
# ssh-keygen -t rsa -b 4096 -C "frx-challenges-helm-chart" -f gh-pages -N "" | |
# 2. Registering the private key (gh-pages) as a secret for this | |
# repo: | |
# https://github.com/2i2c-org/frx-challenges/settings/secrets/actions | |
# 3. Registering the public key (gh-pages.pub) as a deploy key | |
# with push rights for the 2i2c-org/frx-challenges-helm-chart repo: | |
# https://github.com/2i2c-org/frx-challenges-helm-chart/settings/keys | |
if: steps.publishing.outputs.publishing | |
run: | | |
mkdir -p ~/.ssh | |
ssh-keyscan github.com >> ~/.ssh/known_hosts | |
echo "${{ secrets.ACTIONS_DEPLOY_KEY }}" > ~/.ssh/id_ed25519 | |
chmod 600 ~/.ssh/id_ed25519 | |
- name: Install dependencies | |
run: | | |
pip install -r dev-requirements.txt | |
pip list | |
helm version | |
- name: Configure a git user | |
run: | | |
git config --global user.email "[email protected]" | |
git config --global user.name "github-actions" | |
- name: Build image, push if necessary | |
env: | |
PUBLISHING: ${{ steps.publishing.outputs.publishing }} | |
run: | | |
CHARTPRESS_ARGS="" | |
if [[ "${PUBLISHING}" == "true" ]]; then | |
CHARTPRESS_ARGS="--push" | |
fi | |
chartpress \ | |
--builder docker-buildx \ | |
--platform linux/amd64 --platform linux/arm64 \ | |
${CHARTPRESS_ARGS} | |
- name: Publish chart with chartpress | |
if: steps.publishing.outputs.publishing | |
run: | | |
set -eux | |
PUBLISH_ARGS="--publish-chart --push" | |
if [[ $GITHUB_REF != refs/tags/* ]]; then | |
PR_OR_HASH=$(git log -1 --pretty=%h-%B | head -n1 | sed 's/^.*\(#[0-9]*\).*/\1/' | sed 's/^\([0-9a-f]*\)-.*/@\1/') | |
LATEST_COMMIT_TITLE=$(git log -1 --pretty=%B | head -n1) | |
EXTRA_MESSAGE="${{ github.repository }}${PR_OR_HASH} ${LATEST_COMMIT_TITLE}" | |
chartpress $PUBLISH_ARGS --extra-message "${EXTRA_MESSAGE}" | |
else | |
chartpress $PUBLISH_ARGS --tag "${GITHUB_REF:10}" | |
fi | |
git --no-pager diff --color |