ci(publishing): test & hotfix branches will publish helm chart to named OCI repository (#5536)
* allow chart name to be customised * Calculate the chart name in github workflow * publish of helm chart allows registry & repository to be configured (Helm chart currently publishes to ghcr)
This commit is contained in:
Iain Sproat
@@ -0,0 +1,33 @@
|
||||
name: Get-chart-name
|
||||
|
||||
on:
|
||||
workflow_call:
|
||||
outputs:
|
||||
CHART_NAME:
|
||||
description: 'The name of the chart to use for publishing Helm Charts to OCI registry'
|
||||
value: ${{ jobs.get-chart-name.outputs.CHART_NAME }}
|
||||
|
||||
jobs:
|
||||
get-chart-name:
|
||||
outputs:
|
||||
CHART_NAME: ${{ steps.export-step.outputs.CHART_NAME }}
|
||||
name: Get chart name
|
||||
runs-on: blacksmith-4vcpu-ubuntu-2404
|
||||
steps:
|
||||
- uses: actions/checkout@v4.2.2
|
||||
with:
|
||||
sparse-checkout: |
|
||||
.github/workflows/scripts/get_chart_name.sh
|
||||
.github/workflows/scripts/common.sh
|
||||
fetch-depth: 1
|
||||
fetch-tags: 1
|
||||
- run: git fetch origin 'refs/tags/*:refs/tags/*'
|
||||
- run: chmod +x ./get_chart_name.sh ./common.sh
|
||||
working-directory: ./.github/workflows/scripts
|
||||
- run: ./get_chart_name.sh >> result
|
||||
working-directory: ./.github/workflows/scripts
|
||||
- run: echo "CHART_NAME=$(cat result)"
|
||||
working-directory: ./.github/workflows/scripts
|
||||
- id: export-step
|
||||
run: echo "CHART_NAME=$(cat result)" >> "$GITHUB_OUTPUT"
|
||||
working-directory: ./.github/workflows/scripts
|
||||
@@ -7,15 +7,26 @@ on:
|
||||
CLOUDFLARE_ACCOUNT_ID:
|
||||
required: true
|
||||
type: string
|
||||
DOCKERHUB_USERNAME:
|
||||
OCI_REGISTRY_DOMAIN:
|
||||
required: false
|
||||
type: string
|
||||
default: registry-1.docker.io
|
||||
OCI_REGISTRY_USERNAME:
|
||||
required: true
|
||||
type: string
|
||||
OCI_REGISTRY_PATH:
|
||||
required: true
|
||||
type: string
|
||||
CHART_NAME:
|
||||
required: false
|
||||
type: string
|
||||
default: 'speckle-server-chart'
|
||||
secrets:
|
||||
DATADOG_API_KEY:
|
||||
required: true
|
||||
CLOUDFLARE_API_TOKEN:
|
||||
required: true
|
||||
DOCKERHUB_TOKEN:
|
||||
OCI_REGISTRY_PASSWORD:
|
||||
required: true
|
||||
GH_DEVOPS_PAT:
|
||||
required: true
|
||||
@@ -27,10 +38,11 @@ jobs:
|
||||
image: speckle/pre-commit-runner:latest
|
||||
env:
|
||||
IMAGE_VERSION_TAG: ${{ inputs.IMAGE_VERSION_TAG }}
|
||||
REGISTRY_USERNAME: ${{ inputs.DOCKERHUB_USERNAME }}
|
||||
REGISTRY_PASSWORD: ${{ secrets.DOCKERHUB_TOKEN }}
|
||||
HELM_REGISTRY_DOMAIN: registry-1.docker.io
|
||||
HELM_REPOSITORY_PATH: speckle
|
||||
REGISTRY_USERNAME: ${{ inputs.OCI_REGISTRY_USERNAME }}
|
||||
REGISTRY_PASSWORD: ${{ secrets.OCI_REGISTRY_PASSWORD }}
|
||||
HELM_REGISTRY_DOMAIN: ${{ inputs.OCI_REGISTRY_DOMAIN }}
|
||||
HELM_REPOSITORY_PATH: ${{ inputs.OCI_REGISTRY_PATH }}
|
||||
CHART_NAME: ${{ inputs.CHART_NAME }}
|
||||
steps:
|
||||
- uses: actions/checkout@v4.2.2
|
||||
with:
|
||||
|
||||
@@ -19,6 +19,10 @@ jobs:
|
||||
name: Get version
|
||||
uses: ./.github/workflows/get-version.yml
|
||||
|
||||
get-chart-name:
|
||||
name: Get Chart Name
|
||||
uses: ./.github/workflows/get-chart-name.yml
|
||||
|
||||
tests:
|
||||
needs: [get-version]
|
||||
uses: ./.github/workflows/tests.yml
|
||||
@@ -50,13 +54,21 @@ jobs:
|
||||
secrets: inherit
|
||||
|
||||
deploy:
|
||||
needs: [get-version, tests, builds, test-deployments]
|
||||
needs: [get-version, tests, builds, test-deployments, get-chart-name]
|
||||
uses: ./.github/workflows/publish.yml
|
||||
with:
|
||||
IMAGE_VERSION_TAG: ${{ needs.get-version.outputs.IMAGE_VERSION_TAG }}
|
||||
CLOUDFLARE_ACCOUNT_ID: ${{ vars.CLOUDFLARE_ACCOUNT_ID }}
|
||||
DOCKERHUB_USERNAME: 'speckledevops'
|
||||
secrets: inherit
|
||||
OCI_REGISTRY_DOMAIN: ghcr.io
|
||||
OCI_REGISTRY_PATH: specklesystems
|
||||
OCI_REGISTRY_USERNAME: ${{ github.actor }} # we are pushing helm chart to ghcr
|
||||
CHART_NAME: ${{ needs.get-chart-name.outputs.CHART_NAME }}
|
||||
secrets:
|
||||
# we do not inherit here as we wish to configure secrets depending on the target registry
|
||||
DATADOG_API_KEY: ${{ secrets.DATADOG_API_KEY }}
|
||||
CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
|
||||
OCI_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} # we are pushing helm chart to ghcr
|
||||
GH_DEVOPS_PAT: ${{ secrets.GH_DEVOPS_PAT }}
|
||||
|
||||
npm:
|
||||
needs: [get-version, tests, builds]
|
||||
|
||||
@@ -0,0 +1,25 @@
|
||||
#!/bin/bash
|
||||
set -eo pipefail
|
||||
|
||||
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
|
||||
# shellcheck disable=SC1090,SC1091
|
||||
source "${SCRIPT_DIR}/common.sh"
|
||||
|
||||
if [[ "${GITHUB_REF_NAME}" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
|
||||
echo "speckle-server-chart"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if [[ "${GITHUB_REF_NAME}" == "main" ]]; then
|
||||
echo "speckle-server-chart"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# if branch name truncated contains an underscore, we should exit
|
||||
if [[ "${BRANCH_NAME_TRUNCATED}" =~ "_" ]]; then
|
||||
echo "Branch name contains an underscore, exiting"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "speckle-server-chart-${BRANCH_NAME_TRUNCATED}"
|
||||
exit 0
|
||||
Reference in New Issue
Block a user