Skip to content

Bump the k8s-dependencies group with 3 updates #587

Bump the k8s-dependencies group with 3 updates

Bump the k8s-dependencies group with 3 updates #587

Workflow file for this run

name: Helm Chart
on:
pull_request:
branches:
- main
push:
branches:
- main
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
PYTHON_VERSION: '3.9'
HELM_VERSION: v3.11.2
ARTIFACT_REGISTRY: europe-north1-docker.pkg.dev
ARTIFACT_REPO: nais-io/nais/feature
SERVICE_ACCOUNT: [email protected]
jobs:
meta:
name: Metadata
runs-on: ubuntu-latest
outputs:
version: ${{ steps.version.outputs.version }}
name: ${{ steps.name.outputs.name }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- id: version
run: echo "version=$(date +'%Y%m%d')-$(git rev-parse --short HEAD)" >> ${GITHUB_OUTPUT}
- id: name
run: echo "name=${{ github.event.repository.name }}" >> ${GITHUB_OUTPUT}
- name: Update Chart.yaml
run: |
sed -i "s/^version:.*$/version: ${{ steps.version.outputs.version }}/g" ./charts/${{ steps.name.outputs.name }}/Chart.yaml
sed -i "s/^appVersion:.*$/appVersion: ${{ steps.version.outputs.version }}/g" ./charts/${{ steps.name.outputs.name }}/Chart.yaml
cat ./charts/${{ steps.name.outputs.name }}/Chart.yaml
- name: Update values.yaml
run: |
sed -i "s/^ tag:.*$/ tag: ${{ steps.version.outputs.version }}/g" ./charts/${{ steps.name.outputs.name }}/values.yaml
cat ./charts/${{ steps.name.outputs.name }}/values.yaml
- name: Save Chart Metadata
uses: actions/upload-artifact@v4
with:
name: chart-metadata
path: |
./charts/${{ steps.name.outputs.name }}/Chart.yaml
./charts/${{ steps.name.outputs.name }}/values.yaml
lint-test:
name: Lint and test Chart
runs-on: ubuntu-latest-16-cores
needs: meta
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Restore Chart Metadata
uses: actions/download-artifact@v4
with:
name: chart-metadata
path: ./charts/${{ needs.meta.outputs.name }}
- name: Set up Helm
uses: azure/setup-helm@v4
with:
version: ${{ env.HELM_VERSION }}
- uses: actions/setup-python@v5
with:
python-version: ${{ env.PYTHON_VERSION }}
check-latest: true
- name: Set up chart-testing
uses: helm/chart-testing-action@v2
- name: Run chart-testing (list-changed)
id: list-changed
run: |
changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }})
if [[ -n "$changed" ]]; then
echo "changed=true" >> "$GITHUB_OUTPUT"
fi
- name: Run chart-testing (lint)
if: steps.list-changed.outputs.changed == 'true'
run: ct lint --target-branch ${{github.event.repository.default_branch }}
# - name: Create kind cluster
# if: steps.list-changed.outputs.changed == 'true'
# uses: helm/[email protected]
# - name: Run chart-testing (install)
# if: steps.list-changed.outputs.changed == 'true'
# run: |
# helm install bifrost ./charts/bifrost --wait
# ct install --charts ./charts/bifrost --target-branch ${{ github.event.repository.default_branch }}
push:
permissions:
contents: read
id-token: write
name: Build and push Chart
runs-on: ubuntu-latest
needs: [meta, lint-test]
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Restore Chart Metadata
uses: actions/download-artifact@v4
with:
name: chart-metadata
path: ./charts/${{ needs.meta.outputs.name }}
- id: auth
if: github.actor != 'dependabot[bot]'
name: Authenticate to Google Cloud
uses: google-github-actions/auth@v2
with:
workload_identity_provider: ${{ secrets.NAIS_IO_WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ env.SERVICE_ACCOUNT }}
token_format: access_token
- name: Set up Cloud SDK
uses: google-github-actions/setup-gcloud@v2
- name: Log in to Google Artifact Registry
if: github.actor != 'dependabot[bot]'
run: |
echo '${{ steps.auth.outputs.access_token }}' | docker login -u oauth2accesstoken --password-stdin https://${{ env.ARTIFACT_REGISTRY }}
- uses: azure/setup-helm@v4
name: Setup Helm
with:
version: ${{ env.HELM_VERSION }}
- name: Build Chart
run: |
helm package ./charts/${{ needs.meta.outputs.name }} -d ./charts
- name: Push Chart
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
run: |
helm push ./charts/*.tgz oci://${{ env.ARTIFACT_REGISTRY }}/${{ env.ARTIFACT_REPO }}