Skip to content

Publish Helm chart

Publish Helm chart #31

---
# This is a manually triggered workflow to package and upload the Helm chart from the
# main branch to Aqua Security repository at https://github.com/aquasecurity/helm-charts.
name: Publish Helm chart
on:
workflow_dispatch:
inputs:
ref:
description: The branch, tag or SHA to publish, e.g. v0.0.1
required: true
env:
HELM_REP: helm-charts
GH_OWNER: aquasecurity
CHART_DIR: deploy/helm
KIND_VERSION: "v0.11.1"
KIND_IMAGE: "kindest/node:v1.21.1@sha256:69860bda5563ac81e3c0057d654b5253219618a22ec3a346306239bba8cfa1a6"
jobs:
release:
runs-on: ubuntu-20.04
steps:
- name: Checkout
uses: actions/checkout@v3
with:
ref: ${{ github.event.inputs.ref }}
fetch-depth: 0
- name: Install Helm
uses: azure/setup-helm@18bc76811624f360dbd7f18c2d4ecb32c7b87bab # v1.1
with:
version: v3.5.0
- name: Set up python
uses: actions/setup-python@98f2ad02fd48d057ee3b4d4f66525b231c3e52b6
with:
python-version: 3.7
- name: Setup Chart Linting
id: lint
uses: helm/chart-testing-action@dae259e86a35ff09145c0805e2d7dd3f7207064a # v2.1.0
- name: Setup Kubernetes cluster (KIND)
uses: helm/kind-action@94729529f85113b88f4f819c17ce61382e6d8478 # v1.2.0
with:
version: ${{ env.KIND_VERSION }}
image: ${{ env.KIND_IMAGE }}
- name: Run chart-testing
run: ct lint-and-install --validate-maintainers=false --charts deploy/helm
- name: Install chart-releaser
run: |
wget https://github.com/helm/chart-releaser/releases/download/v1.3.0/chart-releaser_1.3.0_linux_amd64.tar.gz
echo "baed2315a9bb799efb71d512c5198a2a3b8dcd139d7f22f878777cffcd649a37 chart-releaser_1.3.0_linux_amd64.tar.gz" | sha256sum -c -
tar xzvf chart-releaser_1.3.0_linux_amd64.tar.gz cr
- name: Package helm chart
run: |
./cr package ${{ env.CHART_DIR }}
- name: Upload helm chart
# Failed with upload the same version: https://github.com/helm/chart-releaser/issues/101
continue-on-error: true
run: |
./cr upload -o ${{ env.GH_OWNER }} -r ${{ env.HELM_REP }} --token ${{ secrets.ORG_REPO_TOKEN }} -p .cr-release-packages
- name: Index helm chart
run: |
./cr index -o ${{ env.GH_OWNER }} -r ${{ env.HELM_REP }} -c https://${{ env.GH_OWNER }}.github.io/${{ env.HELM_REP }}/ -i index.yaml
- name: Push index file
uses: dmnemec/copy_file_to_another_repo_action@c93037aa10fa8893de271f19978c980d0c1a9b37 # v1.1.1
env:
API_TOKEN_GITHUB: ${{ secrets.ORG_REPO_TOKEN }}
with:
source_file: 'index.yaml'
destination_repo: '${{ env.GH_OWNER }}/${{ env.HELM_REP }}'
destination_folder: '.'
destination_branch: 'gh-pages'
user_email: aqua-bot@users.noreply.github.com
user_name: 'aqua-bot'