-
Notifications
You must be signed in to change notification settings - Fork 0
136 lines (120 loc) Β· 4.13 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
name: π Release
on:
workflow_dispatch:
inputs:
tagVersion:
description: "Tag Version (semver - x.x.x)"
required: true
jobs:
check-branches:
name: Check branches
runs-on: self-hosted
steps:
- name: Check branch
run: |
if [[ "${{ github.ref_name }}" != "${{ github.event.repository.default_branch }}" ]]; then
echo "This action can only be run on the ${{ github.event.repository.default_branch }} branch"
exit 1
fi
ci:
needs: check-branches
name: Continuous Integration
uses: ./.github/workflows/__shared-ci.yml
skaffold-build:
name: π·ββοΈ Run skaffold build
needs: ci
runs-on: self-hosted
steps:
# Login to docker hub
- name: π Login to hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_REGISTRY_USER }}
password: ${{ secrets.DOCKERHUB_REGISTRY_PASSWORD }}
registry: docker.io
# Get a local copy of the code
- uses: actions/checkout@v4
# Prepare cache storage
- name: β»οΈ Cache skaffold dirs
uses: actions/cache@v4
env:
cache-name: cache-skaffold
with:
path: /home/runner/.skaffold
key: skaffold-${{ github.sha }}
restore-keys: |
skaffold-
# Install tools with asdf
- name: π¦ Install tools with asdf
uses: asdf-vm/actions/install@v3
# Run a skaffold build
- name: π Run skaffold build
uses: hiberbee/[email protected]
with:
skaffold-version: 2.8.0
command: build
repository: ${{ vars.SKAFFOLD_DEFAULT_REPO }}
tag: ${{ github.event.inputs.tagVersion }}
helm-push:
name: π·ββοΈ Run helm push
needs: ci
runs-on: self-hosted
steps:
# Get a local copy of the code
- uses: actions/checkout@v4
# install tools with asdf
- name: π¦ Install tools with asdf
uses: asdf-vm/actions/install@v3
# login to harbor repo
- name: π Login to harbor repo
run: |
echo "+ login to harbor OCI registry"
helm registry login ${HARBOR_REGISTRY} -u "${HARBOR_REGISTRY_USER}" -p "${HARBOR_REGISTRY_PASSWORD}"
env:
HARBOR_REGISTRY_USER: ${{ secrets.HARBOR_REGISTRY_USER }}
HARBOR_REGISTRY_PASSWORD: ${{ secrets.HARBOR_REGISTRY_PASSWORD }}
HARBOR_REGISTRY: harbor.hoverkraft.cloud
# Push the chart
- name: β Push Helm Chart to Harbor registry
uses: hoverkraft-tech/[email protected]
with:
useOCIRegistry: true
username: ${{ secrets.HARBOR_REGISTRY_USER }}
# NOTE: access-token is the password for OCI registry
# cf https://github.com/bsord/helm-push/blob/5ec3320fb5720a0a5aa210d871999f2b836f2d97/entrypoint.sh#L37
access-token: ${{ secrets.HARBOR_REGISTRY_PASSWORD }}
registry-url: oci://harbor.hoverkraft.cloud/public/charts
chart-folder: helm/chart
force: true
update-dependencies: true
version: ${{ github.event.inputs.tagVersion }}
appVersion: ${{ github.event.inputs.tagVersion }}
release:
name: π¦ Release
needs:
- skaffold-build
- helm-push
runs-on: self-hosted
steps:
- uses: tibdex/github-app-token@v2
id: generate-token
with:
app_id: ${{ vars.CI_BOT_APP_ID }}
private_key: ${{ secrets.CI_BOT_APP_PRIVATE_KEY }}
# checkout code
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Generate changelog
id: changelog
uses: metcalfc/[email protected]
with:
myToken: ${{ steps.generate-token.outputs.token }}
- name: Create a GitHub release
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ steps.generate-token.outputs.token }}
with:
tag_name: ${{ github.event.inputs.tagVersion }}
release_name: Release ${{ github.event.inputs.tagVersion }}
body: ${{ steps.changelog.outputs.changelog }}