Skip to content

Commit

Permalink
chore: improve workflows
Browse files Browse the repository at this point in the history
* Add OCI package
* Add semantic-release

Closes #6
  • Loading branch information
ialejandro committed Aug 9, 2024
1 parent 8bb9b01 commit 71133cb
Show file tree
Hide file tree
Showing 3 changed files with 149 additions and 3 deletions.
65 changes: 65 additions & 0 deletions .github/workflows/check-changes.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
name: Check Steampipe new releases

on:
workflow_dispatch:
schedule:
- cron: '0 0 * * *'

jobs:
check-and-release:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0

- name: Get latest release
id: latest_release
run: |
latest_release=$(curl -s https://api.github.com/repos/turbot/steampipe/releases | jq -r '.[0].name')
echo "latest_release=$latest_release" >> $GITHUB_OUTPUT
- name: Get current release
id: current_release
run: |
current_release=$(grep appVersion charts/Chart.yaml | awk '{ print $2 }')
echo "current_release=$current_release" >> $GITHUB_OUTPUT
- name: Check if release changed
id: check_changes
run: |
if [ ${{ steps.latest_release.outputs.latest_release }} != ${{ steps.current_release.outputs.current_release }} ]; then
echo "release_changed=true" >> $GITHUB_OUTPUT
fi
- name: Set new Chat.yaml appVersion
if: steps.check_changes.outputs.release_changed == 'true'
run: |
sed -i "s/appVersion: .*/appVersion: ${{ steps.latest_release.outputs.latest_release }}/g" charts/Chart.yaml
- name: Update README.md Helm Chart
if: steps.check_changes.outputs.release_changed == 'true'
uses: losisin/helm-docs-github-action@v1
with:
chart-search-root: charts

- name: Create PR with changes
if: steps.check_changes.outputs.release_changed == 'true'
uses: peter-evans/create-pull-request@v6
with:
token: ${{ secrets.PAT_GITHUB }}
commit-message: "fix: update Steampipe version to ${{ steps.latest_release.outputs.latest_release }}"
signoff: false
branch: fix/upgrade-steampipe-appversion-${{ steps.latest_release.outputs.latest_release }}
delete-branch: true
title: '[steampipe] new release: ${{ steps.latest_release.outputs.latest_release }}'
body: |
Steampipe version:
- :information_source: Current: `${{ steps.current_release.outputs.current_release }}`
- :up: Upgrade: `${{ steps.latest_release.outputs.latest_release }}`
Changelog: https://api.github.com/repos/turbot/steampipe/releases/tag/${{ steps.latest_release.outputs.latest_release }}
labels: |
auto-pr-bump-version
team-reviewers: devops-ia
72 changes: 69 additions & 3 deletions .github/workflows/release.yaml
Original file line number Diff line number Diff line change
@@ -1,11 +1,22 @@
name: Release charts

on:
workflow_dispatch:
push:
branches:
- main
paths:
- "charts/**"

jobs:
release:
runs-on: ubuntu-latest

permissions:
contents: write
packages: write
id-token: write

steps:
- name: Checkout Code
uses: actions/checkout@v4
Expand All @@ -17,16 +28,71 @@ jobs:
git config user.name "$GITHUB_ACTOR"
git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
- name: Set up Helm
uses: azure/setup-helm@v4
- name: Semantic Release
uses: cycjimmy/semantic-release-action@v4
id: semantic_release
with:
version: v3.13.0
dry_run: true
branch: main
tag_format: ${version}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: Update Chart verison
id: chart_version
if: steps.semantic_release.outputs.new_release_published == 'true'
run: |
sed -i 's/^version: .*/version: ${{ steps.semantic_release.outputs.new_release_git_tag }}/g' charts/Chart.yaml
echo "CHART_VERSION=${{ steps.semantic_release.outputs.new_release_git_tag }}" >> $GITHUB_OUTPUT
- name: Check if tag exists
id: tag_exists
if: steps.semantic_release.outputs.new_release_published == 'true'
run: |
TAG_EXISTS=true
if ! [ $(git tag -l "v${{ steps.chart_version.outputs.CHART_VERSION }}") ]; then
TAG_EXISTS=false
fi
echo TAG_EXISTS=$TAG_EXISTS >> $GITHUB_OUTPUT
- name: Run chart-releaser
if: steps.tag_exists.outputs.TAG_EXISTS == 'false'
uses: helm/chart-releaser-action@v1.6.0
with:
charts_dir: ./
config: cr.yaml
env:
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
CR_SKIP_EXISTING: true

- name: Login in to the Container registry
if: steps.tag_exists.outputs.TAG_EXISTS == 'false'
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Install Cosign
if: steps.tag_exists.outputs.TAG_EXISTS == 'false'
uses: sigstore/cosign-installer@v3

- name: Install Oras
if: steps.tag_exists.outputs.TAG_EXISTS == 'false'
uses: oras-project/setup-oras@v1

# ref: https://github.com/backstage/charts/blob/88240ce7a0726e3773ee0e4866fbe6325c15267b/.github/workflows/release.yml#L50
- name: Publish and Sign OCI Charts
if: steps.tag_exists.outputs.TAG_EXISTS == 'false'
run: |
for chart in `find .cr-release-packages -name '*.tgz' -print`; do
helm push ${chart} oci://ghcr.io/${GITHUB_REPOSITORY} |& tee helm-push-output.log
file_name=${chart##*/}
chart_name=${file_name%-*}
digest=$(awk -F "[, ]+" '/Digest/{print $NF}' < helm-push-output.log)
cosign sign -y "ghcr.io/${GITHUB_REPOSITORY}/${chart_name}@${digest}"
oras push "ghcr.io/${GITHUB_REPOSITORY}/${chart_name}:${{ steps.chart_version.outputs.CHART_VERSION }}"
done
env:
COSIGN_EXPERIMENTAL: 1
15 changes: 15 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
Charts are available in:

* [Chart Repository](https://helm.sh/docs/topics/chart_repository/)
* [OCI Artifacts](https://helm.sh/docs/topics/registries/)

### Chart Repository

Expand All @@ -26,3 +27,17 @@ helm install [RELEASE_NAME] steampipe/steampipe
This install all the Kubernetes components associated with the chart and creates the release.

_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._

### OCI Registry

Charts are also available in OCI format. The list of available charts can be found [here](https://github.com/devops-ia/helm-steampipe/pkgs/container/helm-steampipe%2Fsteampipe).

#### Install Helm chart

```console
helm install [RELEASE_NAME] oci://ghcr.io/devops-ia/helm-steampipe/steampipe --version=[version]
```

## Steampipe chart

Can be found in [steampipe chart](charts).

0 comments on commit 71133cb

Please sign in to comment.