π Release #14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: π Release | |
on: | |
workflow_dispatch: | |
inputs: | |
tagVersion: | |
description: "Tag Version (semver - x.x.x)" | |
required: true | |
jobs: | |
check-branches: | |
name: Check branches | |
runs-on: self-hosted | |
steps: | |
- name: Check branch | |
run: | | |
if [[ "${{ github.ref_name }}" != "${{ github.event.repository.default_branch }}" ]]; then | |
echo "This action can only be run on the ${{ github.event.repository.default_branch }} branch" | |
exit 1 | |
fi | |
ci: | |
needs: check-branches | |
name: Continuous Integration | |
uses: ./.github/workflows/__shared-ci.yml | |
skaffold-build: | |
name: π·ββοΈ Run skaffold build | |
needs: ci | |
runs-on: self-hosted | |
steps: | |
# Login to docker hub | |
- name: π Login to hub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKERHUB_REGISTRY_USER }} | |
password: ${{ secrets.DOCKERHUB_REGISTRY_PASSWORD }} | |
registry: docker.io | |
# Get a local copy of the code | |
- uses: actions/checkout@v4 | |
# Prepare cache storage | |
- name: β»οΈ Cache skaffold dirs | |
uses: actions/cache@v4 | |
env: | |
cache-name: cache-skaffold | |
with: | |
path: /home/runner/.skaffold | |
key: skaffold-${{ github.sha }} | |
restore-keys: | | |
skaffold- | |
# Install tools with asdf | |
- name: π¦ Install tools with asdf | |
uses: asdf-vm/actions/install@v3 | |
# Run a skaffold build | |
- name: π Run skaffold build | |
uses: hiberbee/[email protected] | |
with: | |
skaffold-version: 2.8.0 | |
command: build | |
repository: ${{ vars.SKAFFOLD_DEFAULT_REPO }} | |
tag: ${{ github.event.inputs.tagVersion }} | |
helm-push: | |
name: π·ββοΈ Run helm push | |
needs: ci | |
runs-on: self-hosted | |
steps: | |
# Get a local copy of the code | |
- uses: actions/checkout@v4 | |
# install tools with asdf | |
- name: π¦ Install tools with asdf | |
uses: asdf-vm/actions/install@v3 | |
# login to harbor repo | |
- name: π Login to harbor repo | |
run: | | |
echo "+ login to harbor OCI registry" | |
helm registry login ${HARBOR_REGISTRY} -u "${HARBOR_REGISTRY_USER}" -p "${HARBOR_REGISTRY_PASSWORD}" | |
env: | |
HARBOR_REGISTRY_USER: ${{ secrets.HARBOR_REGISTRY_USER }} | |
HARBOR_REGISTRY_PASSWORD: ${{ secrets.HARBOR_REGISTRY_PASSWORD }} | |
HARBOR_REGISTRY: harbor.hoverkraft.cloud | |
# Push the chart | |
- name: β Push Helm Chart to Harbor registry | |
uses: hoverkraft-tech/[email protected] | |
with: | |
useOCIRegistry: true | |
username: ${{ secrets.HARBOR_REGISTRY_USER }} | |
# NOTE: access-token is the password for OCI registry | |
# cf https://github.com/bsord/helm-push/blob/5ec3320fb5720a0a5aa210d871999f2b836f2d97/entrypoint.sh#L37 | |
access-token: ${{ secrets.HARBOR_REGISTRY_PASSWORD }} | |
registry-url: oci://harbor.hoverkraft.cloud/public/charts | |
chart-folder: helm/chart | |
force: true | |
update-dependencies: true | |
version: ${{ github.event.inputs.tagVersion }} | |
appVersion: ${{ github.event.inputs.tagVersion }} | |
release: | |
name: π¦ Release | |
needs: | |
- skaffold-build | |
- helm-push | |
runs-on: self-hosted | |
steps: | |
- uses: tibdex/github-app-token@v2 | |
id: generate-token | |
with: | |
app_id: ${{ vars.CI_BOT_APP_ID }} | |
private_key: ${{ secrets.CI_BOT_APP_PRIVATE_KEY }} | |
# checkout code | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Generate changelog | |
id: changelog | |
uses: metcalfc/[email protected] | |
with: | |
myToken: ${{ steps.generate-token.outputs.token }} | |
- name: Create a GitHub release | |
uses: actions/create-release@v1 | |
env: | |
GITHUB_TOKEN: ${{ steps.generate-token.outputs.token }} | |
with: | |
tag_name: ${{ github.event.inputs.tagVersion }} | |
release_name: Release ${{ github.event.inputs.tagVersion }} | |
body: ${{ steps.changelog.outputs.changelog }} |