-
Notifications
You must be signed in to change notification settings - Fork 3
136 lines (119 loc) · 4.46 KB
/
publish-chart.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
# This is a GitHub workflow defining a set of jobs with a set of steps.
# ref: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions
#
name: Publish chart
# Trigger the workflow on pushed tags or commits to main branch.
on:
pull_request:
paths-ignore:
- "docs/**"
- "**.md"
- ".github/workflows/*"
- "!.github/workflows/publish-chart.yaml"
push:
paths-ignore:
- "docs/**"
- "**.md"
- ".github/workflows/*"
- "!.github/workflows/publish-chart.yaml"
branches:
- "main"
tags:
- "**"
jobs:
# Packages the Helm chart, and pushes it to 2i2c-org/frx-challenges@gh-pages.
#
publish:
runs-on: ubuntu-22.04
# Explicitly request permissions to push to this git repository's gh-pages
# branch via the the GITHUB_TOKEN we can have access to.
permissions:
contents: write
steps:
- uses: actions/checkout@v4
with:
# chartpress needs git history
fetch-depth: 0
- uses: actions/setup-python@v5
with:
python-version: "3.11"
- name: Decide to publish or not
id: publishing
shell: python
run: |
import os
repo = "${{ github.repository }}"
event = "${{ github.event_name }}"
ref = "${{ github.event.ref }}"
publishing = ""
if (
repo == "2i2c-org/frx-challenges"
and event == "push"
and (
ref.startswith("refs/tags/")
or ref == "refs/heads/main"
)
):
publishing = "true"
print("Publishing chart")
with open(os.environ["GITHUB_OUTPUT"], "a") as f:
f.write(f"publishing={publishing}\n")
- name: Set up QEMU (for docker buildx)
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx (for chartpress multi-arch builds)
uses: docker/setup-buildx-action@v3
- name: Setup push rights to Quay.io
if: steps.publishing.outputs.publishing
run: |
docker login -u "${{ secrets.QUAY_USERNAME }}" -p "${{ secrets.QUAY_PASSWORD }}" quay.io
- name: Set up push rights to frx-challenges-helm-chart
# This was setup by...
# 1. Generating a private/public key pair:
# ssh-keygen -t rsa -b 4096 -C "frx-challenges-helm-chart" -f gh-pages -N ""
# 2. Registering the private key (gh-pages) as a secret for this
# repo:
# https://github.com/2i2c-org/frx-challenges/settings/secrets/actions
# 3. Registering the public key (gh-pages.pub) as a deploy key
# with push rights for the 2i2c-org/frx-challenges-helm-chart repo:
# https://github.com/2i2c-org/frx-challenges-helm-chart/settings/keys
if: steps.publishing.outputs.publishing
run: |
mkdir -p ~/.ssh
ssh-keyscan github.com >> ~/.ssh/known_hosts
echo "${{ secrets.ACTIONS_DEPLOY_KEY }}" > ~/.ssh/id_ed25519
chmod 600 ~/.ssh/id_ed25519
- name: Install dependencies
run: |
pip install -r dev-requirements.txt
pip list
helm version
- name: Configure a git user
run: |
git config --global user.email "[email protected]"
git config --global user.name "github-actions"
- name: Build image, push if necessary
env:
PUBLISHING: ${{ steps.publishing.outputs.publishing }}
run: |
CHARTPRESS_ARGS=""
if [[ "${PUBLISHING}" == "true" ]]; then
CHARTPRESS_ARGS="--push"
fi
chartpress \
--builder docker-buildx \
--platform linux/amd64 --platform linux/arm64 \
${CHARTPRESS_ARGS}
- name: Publish chart with chartpress
if: steps.publishing.outputs.publishing
run: |
set -eux
PUBLISH_ARGS="--publish-chart --push"
if [[ $GITHUB_REF != refs/tags/* ]]; then
PR_OR_HASH=$(git log -1 --pretty=%h-%B | head -n1 | sed 's/^.*\(#[0-9]*\).*/\1/' | sed 's/^\([0-9a-f]*\)-.*/@\1/')
LATEST_COMMIT_TITLE=$(git log -1 --pretty=%B | head -n1)
EXTRA_MESSAGE="${{ github.repository }}${PR_OR_HASH} ${LATEST_COMMIT_TITLE}"
chartpress $PUBLISH_ARGS --extra-message "${EXTRA_MESSAGE}"
else
chartpress $PUBLISH_ARGS --tag "${GITHUB_REF:10}"
fi
git --no-pager diff --color