feat(deployment): support list of imagePullSecrets #major (#350) #357
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Push | |
concurrency: | |
group: push_on_master | |
cancel-in-progress: false | |
on: | |
push: | |
branches: | |
- master | |
paths-ignore: | |
- 'README.md' | |
- 'LICENSE' | |
env: | |
CHART_NAME: "application" | |
jobs: | |
helm-dry-run: | |
name: helm-dry-run | |
if: "! contains(toJSON(github.event.commits.*.message), '[skip-ci]')" | |
runs-on: stakater-nonprod | |
steps: | |
- name: Check out code | |
uses: actions/checkout@v4 | |
with: | |
persist-credentials: false # otherwise, the token used is the GITHUB_TOKEN, instead of your personal token | |
fetch-depth: 0 # otherwise, you will fail to push refs to dest repo | |
# Set Up Helm | |
- name: Set up Helm | |
uses: azure/setup-helm@v4 | |
with: | |
version: v3.8.2 | |
# Lint | |
- name: Helm Lint | |
run: | | |
helm lint ${CHART_NAME} | |
helm lint ${CHART_NAME} -f ${CHART_NAME}/values-test.yaml | |
- name: Install kubectl | |
uses: azure/setup-kubectl@v4 | |
with: | |
version: v1.26.0 | |
- name: Install OpenShift CLI | |
uses: redhat-actions/oc-installer@v1 | |
with: | |
oc_version: "https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/ocp/stable-4.7/openshift-client-linux.tar.gz" | |
# This is used to setup kubeconfig, required by Tilt | |
- name: Login to cluster | |
run: oc login --token=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token) --server=https://kubernetes.default.svc --insecure-skip-tls-verify=true | |
# This is required for adding ghcr helm registry | |
- name: Login to Container Registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io/stakater | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
# Dry run to ensure that manifests are generated successfully | |
- name: Dry Run Chart | |
run: | | |
helm install ${CHART_NAME} ${CHART_NAME} -f ${CHART_NAME}/values-test.yaml -n stakater-chart-pipeline-test --dry-run --debug | |
- name: Notify Slack | |
uses: 8398a7/action-slack@v3 | |
if: failure() # Pick up events only if the job fails | |
with: | |
status: ${{ job.status }} | |
fields: repo,author,action,eventName,ref,workflow | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.STAKATER_DELIVERY_SLACK_WEBHOOK }} | |
push-changes: | |
runs-on: ubuntu-latest | |
needs: | |
- helm-dry-run | |
steps: | |
- name: Check out code | |
uses: actions/checkout@v4 | |
with: | |
persist-credentials: false # otherwise, the token used is the GITHUB_TOKEN, instead of your personal token | |
fetch-depth: 0 # otherwise, you will fail to push refs to dest repo | |
# Generate tag for chart without "v" prefix | |
- name: Generate Tag | |
id: generate_tag | |
uses: anothrNick/[email protected] | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
WITH_V: false | |
DEFAULT_BUMP: patch | |
DRY_RUN: true | |
# Update chart tag to the latest semver tag | |
- name: Update Chart Version | |
env: | |
VERSION: ${{ steps.generate_tag.outputs.new_tag }} | |
run: | | |
make bump-chart | |
# Set Up Helm | |
- name: Set up Helm | |
uses: azure/setup-helm@v4 | |
with: | |
version: v3.8.2 | |
# Publish helm chart | |
- name: Publish Helm chart | |
uses: stefanprodan/helm-gh-pages@master | |
with: | |
branch: master | |
repository: stakater-charts | |
target_dir: docs | |
token: ${{ secrets.PUBLISH_TOKEN }} | |
charts_dir: . | |
charts_url: https://stakater.github.io/stakater-charts | |
owner: stakater | |
linting: off | |
commit_username: stakater-user | |
commit_email: [email protected] | |
# Commit back changes | |
- name: Commit files | |
run: | | |
git config --local user.email "[email protected]" | |
git config --local user.name "stakater-user" | |
git status | |
git add application/Chart.yaml | |
git commit -m "[skip-ci] Update artifacts" | |
# Push Chart.yaml with Updated Version | |
- name: Push changes | |
uses: ad-m/github-push-action@master | |
with: | |
github_token: ${{ secrets.PUBLISH_TOKEN }} | |
branch: ${{ inputs.RELEASE_BRANCH }} | |
- name: Push Latest Tag | |
uses: anothrNick/[email protected] | |
env: | |
GITHUB_TOKEN: ${{ secrets.PUBLISH_TOKEN }} | |
WITH_V: true | |
DEFAULT_BUMP: patch | |
- name: Notify Slack | |
uses: 8398a7/action-slack@v3 | |
if: always() # Pick up events even if the job fails or is canceled. | |
with: | |
status: ${{ job.status }} | |
fields: repo,author,action,eventName,ref,workflow | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.STAKATER_DELIVERY_SLACK_WEBHOOK }} |