[Index] Sync index.yaml with OCI releases #1219
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: '[Index] Sync index.yaml with OCI releases' | |
on: | |
schedule: | |
- cron: "*/30 * * * *" | |
# Remove all permissions by default. | |
permissions: {} | |
jobs: | |
find-new-releases: | |
runs-on: ubuntu-latest | |
name: Find new releases | |
outputs: | |
new-releases: ${{ steps.get-new-releases.outputs.new-releases }} | |
permissions: | |
contents: read | |
steps: | |
- id: checkout-repo | |
name: Checkout repo | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
with: | |
ref: index | |
path: index | |
- uses: oras-project/setup-oras@9c92598691bfef1424de2f8fae81941568f5889c | |
- id: get-oci-index | |
name: Get OCI index | |
run: | | |
oras pull registry-1.docker.io/bitnamicharts/charts-index:latest | |
cat charts-index.json | yq -P | yq eval '. | .entries[] |= .versions' > ./oci_index.yaml | |
- id: get-charts-index | |
name: Get Charts index | |
run: | | |
cp index/bitnami/index.yaml ./charts_index.yaml | |
- id: merge | |
name: Generate merged index | |
run: | | |
yq eval-all '. as $item ireduce ({}; . *+ $item )' charts_index.yaml oci_index.yaml > duplicates_index.yaml | |
yq eval '.entries[] |= unique_by(.name + .version)' duplicates_index.yaml > merged_index.yaml | |
- id: get-new-releases | |
name: Find new versions | |
run: | | |
yq eval '.entries[][] | .name + ":" + .version' charts_index.yaml |sort| uniq > charts_index_releases | |
yq eval '.entries[][] | .name + ":" + .version' merged_index.yaml | sort| uniq > merged_index_releases | |
new_releases="$(comm -13 charts_index_releases merged_index_releases | tr "\n" " " | sed 's/ $//')" | |
if [ -n "${new_releases}" ]; then | |
echo "Found new releases: ${new_releases}" | |
else | |
echo "No new releases detected" | |
fi | |
echo "new-releases=$new_releases" >> $GITHUB_OUTPUT | |
update-index: | |
runs-on: ubuntu-latest | |
needs: | |
- find-new-releases | |
name: Update index | |
if: ${{ needs.find-new-releases.outputs.new-releases != '' }} | |
steps: | |
- name: Install helm | |
run: | | |
HELM_TARBALL="helm-v3.8.1-linux-amd64.tar.gz" | |
curl -SsLfO "https://get.helm.sh/${HELM_TARBALL}" && sudo tar xf "$HELM_TARBALL" --strip-components 1 -C /usr/local/bin | |
# Install file plugin | |
helm plugin add https://github.com/zoobab/helm_file_repo | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
with: | |
ref: 'index' | |
path: index | |
# The token is persisted in the local git config and enables scripts to run authenticated git commands. | |
token: ${{ secrets.BITNAMI_BOT_TOKEN }} | |
- id: update-index | |
name: Pull charts and update index | |
env: | |
NEW_RELEASES: ${{ needs.find-new-releases.outputs.new-releases }} | |
run: | | |
cd index | |
# Configure git | |
git config user.name "Bitnami Containers" | |
git config user.email "[email protected]" | |
read -r -a new_releases_arr <<< $NEW_RELEASES | |
for release in "${new_releases_arr[@]}"; do | |
read -r -a release_arr <<< "$(tr ':' ' ' <<< "$release")" | |
chart_name="${release_arr[0]}" | |
chart_version="${release_arr[1]}" | |
## Update index | |
# Download published asset | |
mkdir ../download | |
helm pull "oci://registry-1.docker.io/bitnamicharts/${chart_name}" --version "${chart_version}" --destination ../download | |
# Rebuild index | |
helm repo index --url oci://registry-1.docker.io/bitnamicharts --merge bitnami/index.yaml ../download | |
# Replace .tgz in URL with OCI tag | |
sed -i "s|oci://registry-1.docker.io/bitnamicharts/$chart_name-$chart_version.tgz|oci://registry-1.docker.io/bitnamicharts/$chart_name:$chart_version|" ../download/index.yaml | |
# Check index integrity | |
if [[ $(stat -c%s bitnami/index.yaml) -gt $(stat -c%s ../download/index.yaml) ]]; then | |
echo "New index.yaml file is shorter than the current one" | |
exit 1 | |
fi | |
# Check repo can be loaded | |
if ! helm repo add cache file://../download/ ; then | |
echo "New index.yaml file can't be used as a file" | |
exit 1 | |
else | |
# Remove the repo | |
helm repo remove cache | |
fi | |
cp ../download/index.yaml bitnami/index.yaml | |
# Remove chart files | |
rm -rf ../download | |
done | |
# Avoid overriding index branch when remote commit does not match our checkout commit | |
current_commit_id=$(git rev-parse index) | |
# Push changes | |
git add bitnami/index.yaml && git commit --signoff --amend --no-edit | |
git push origin index --force-with-lease=index:${current_commit_id} |