forked from cloudnative-pg/charts
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Updated release CI Signed-off-by: Itay Grudev <[email protected]>
- Loading branch information
1 parent
c03c05c
commit 946699d
Showing
5 changed files
with
198 additions
and
128 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,31 +1,31 @@ | ||
# Create a PR for a release when a commit is pushed on a release/v* branch | ||
|
||
## | ||
# Create a PR for a release when a commit is pushed on a release/*-v* branch to support the releases of both the | ||
# operator and cluster charts | ||
name: release-pr | ||
|
||
on: | ||
push: | ||
branches: | ||
- release/*-v* | ||
- release/*-v* | ||
|
||
permissions: | ||
pull-requests: write | ||
|
||
jobs: | ||
pull-request: | ||
runs-on: ubuntu-22.04 | ||
create-pull-request: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- | ||
name: Checkout | ||
- name: Checkout | ||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
- | ||
name: Get tag | ||
- name: Create Pull Request | ||
id: create-pr | ||
env: | ||
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
run: | | ||
echo "TAG=${GITHUB_REF##*/}" >> $GITHUB_ENV | ||
- | ||
name: Pull Request | ||
id: open-pr | ||
uses: repo-sync/pull-request@7e79a9f5dc3ad0ce53138f01df2fad14a04831c5 # v2.12.1 | ||
with: | ||
destination_branch: "main" | ||
github_token: ${{ secrets.GITHUB_TOKEN }} | ||
pr_body: "Automated PR. Will trigger the ${{ env.TAG }} release when approved." | ||
pr_label: release | ||
pr_title: "Release ${{ env.TAG }}" | ||
|
||
TAG="${GITHUB_REF##*/}" | ||
TITLE="Release ${TAG}" | ||
BODY="Automated PR. Will trigger the ${TAG} release when approved." | ||
LABEL=release | ||
ASSIGNEE=${{ github.actor }} | ||
gh pr create --title "${TITLE}" --body "${BODY}" --label "${LABEL}" --assignee "@${ASSIGNEE}" || | ||
gh pr edit --title "${TITLE}" --body "${BODY}" --add-label "${LABEL}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -2,21 +2,67 @@ name: release-publish | |
|
||
on: | ||
push: | ||
tags: | ||
- '*-v*' | ||
branches: | ||
- main | ||
|
||
permissions: | ||
contents: write # Required for pushing the Helm charts to the gh-pages branch | ||
packages: write # Required for GHCR access | ||
id-token: write # Required for signing | ||
|
||
jobs: | ||
release: | ||
runs-on: ubuntu-22.04 | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
with: | ||
fetch-depth: 0 | ||
fetch-depth: 0 # important for fetching all history to run comparison against | ||
|
||
- name: Fetch history | ||
run: git fetch --prune | ||
|
||
- name: Publish Helm charts | ||
uses: stefanprodan/helm-gh-pages@0ad2bb377311d61ac04ad9eb6f252fb68e207260 # v1.7.0 | ||
- name: Configure Git | ||
run: | | ||
git config user.name "$GITHUB_ACTOR" | ||
git config user.email "[email protected]" | ||
- name: Set up Helm | ||
uses: azure/setup-helm@29960d0f5f19214b88e1d9ba750a9914ab0f1a2f # v4.0.0 | ||
with: | ||
helm_version: 3.4.0 | ||
token: "${{ secrets.REPO_GHA_PAT }}" | ||
version: v3.14.1 | ||
|
||
- name: Run chart-releaser | ||
uses: helm/chart-releaser-action@a917fd15b20e8b64b94d9158ad54cd6345335584 # v1.6.0 | ||
env: | ||
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | ||
CR_GENERATE_RELEASE_NOTES: true | ||
|
||
- name: Login to GitHub Container Registry | ||
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 | ||
with: | ||
registry: ghcr.io | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0 | ||
|
||
- name: Push charts to GHCR | ||
env: | ||
COSIGN_EXPERIMENTAL: 1 | ||
# when filling gaps with previously released charts, cr would create | ||
# nothing in .cr-release-packages/, and the original globbing character | ||
# would be preserved, causing a non-zero exit. Set nullglob to fix this | ||
run: | | ||
shopt -s nullglob | ||
for pkg in .cr-release-packages/*; do | ||
if [ -z "${pkg:-}" ]; then | ||
break | ||
fi | ||
helm push "${pkg}" oci://ghcr.io/"${GITHUB_REPOSITORY_OWNER}"/charts | ||
file=${pkg##*/} | ||
name=${file%-*} | ||
version=${file%.*} | ||
version=${version#*-} | ||
cosign sign ghcr.io/"${GITHUB_REPOSITORY_OWNER}"/charts/"${name}":"${version}" | ||
done |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Binary file not shown.