Bump google-github-actions/auth from 2.1.6 to 2.1.7 in the actions gr… #1050
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Helm Chart | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| push: | |
| branches: | |
| - main | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| PYTHON_VERSION: "3.9" | |
| HELM_VERSION: v3.11.2 | |
| GHCR_REGISTRY: ghcr.io | |
| ARTIFACT_REGISTRY: europe-north1-docker.pkg.dev | |
| ARTIFACT_REPO: nais-io/nais/feature | |
| SERVICE_ACCOUNT: gh-unleasherator@nais-io.iam.gserviceaccount.com | |
| jobs: | |
| meta: | |
| name: Metadata Charts | |
| runs-on: ubuntu-latest | |
| outputs: | |
| version: ${{ steps.version.outputs.version }} | |
| name: ${{ steps.name.outputs.name }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - id: version | |
| run: echo "version=$(date +'%Y%m%d')-$(git rev-parse --short HEAD)" >> ${GITHUB_OUTPUT} | |
| - id: name | |
| run: echo "name=${{ github.event.repository.name }}" >> ${GITHUB_OUTPUT} | |
| - name: Update Chart.yaml | |
| run: | | |
| sed -i "s/^version:.*$/version: ${{ steps.version.outputs.version }}/g" ./charts/${{ steps.name.outputs.name }}/Chart.yaml | |
| sed -i "s/^version:.*$/version: ${{ steps.version.outputs.version }}/g" ./charts/${{ steps.name.outputs.name }}-crds/Chart.yaml | |
| sed -i "s/^appVersion:.*$/appVersion: ${{ steps.version.outputs.version }}/g" ./charts/${{ steps.name.outputs.name }}/Chart.yaml | |
| sed -i "s/^appVersion:.*$/appVersion: ${{ steps.version.outputs.version }}/g" ./charts/${{ steps.name.outputs.name }}-crds/Chart.yaml | |
| cat ./charts/${{ steps.name.outputs.name }}/Chart.yaml | |
| - name: Update values.yaml | |
| run: | | |
| sed -i "s/^ tag: main$/ tag: ${{ steps.version.outputs.version }}/g" ./charts/${{ steps.name.outputs.name }}/values.yaml | |
| cat ./charts/${{ steps.name.outputs.name }}/values.yaml | |
| - name: Save Chart Metadata | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: chart-metadata | |
| path: | | |
| ./charts/${{ steps.name.outputs.name }}/Chart.yaml | |
| - name: Save Chart Values | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: chart-values | |
| path: | | |
| ./charts/${{ steps.name.outputs.name }}/values.yaml | |
| - name: Save CRDs Chart Metadata | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: crds-chart-metadata | |
| path: | | |
| ./charts/${{ steps.name.outputs.name }}-crds/Chart.yaml | |
| lint-test: | |
| name: Lint and test Charts | |
| runs-on: ubuntu-latest-16-cores | |
| needs: meta | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Restore Chart Metadata | |
| uses: actions/download-artifact@v4.1.8 | |
| with: | |
| name: chart-metadata | |
| path: ./charts/${{ needs.meta.outputs.name }} | |
| - name: Restore CRDs Chart Metadata | |
| uses: actions/download-artifact@v4.1.8 | |
| with: | |
| name: crds-chart-metadata | |
| path: ./charts/${{ needs.meta.outputs.name }}-crds | |
| - name: Set up Helm | |
| uses: azure/setup-helm@v4 | |
| with: | |
| version: ${{ env.HELM_VERSION }} | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHON_VERSION }} | |
| check-latest: true | |
| - name: Set up chart-testing | |
| uses: helm/chart-testing-action@v2.6.1 | |
| - name: Run chart-testing (list-changed) | |
| id: list-changed | |
| run: | | |
| changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }}) | |
| if [[ -n "$changed" ]]; then | |
| echo "changed=true" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: Run chart-testing (lint) | |
| if: steps.list-changed.outputs.changed == 'true' | |
| run: ct lint --target-branch ${{github.event.repository.default_branch }} | |
| - name: Create kind cluster | |
| if: steps.list-changed.outputs.changed == 'true' | |
| uses: helm/kind-action@v1.10.0 | |
| - uses: docker/setup-buildx-action@v3 | |
| - uses: docker/metadata-action@v5 | |
| id: metadata | |
| with: | |
| images: | | |
| ${{ env.GHCR_REGISTRY }}/${{ github.repository }} | |
| tags: | | |
| type=raw,value=main | |
| - uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| tags: ${{ steps.metadata.outputs.tags }} | |
| labels: ${{ steps.metadata.outputs.labels }} | |
| load: true | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| platforms: linux/amd64 | |
| - name: Load image to kind | |
| run: | | |
| kind load docker-image ${{ env.GHCR_REGISTRY }}/${{ github.repository }}:main --name chart-testing | |
| # Hack imagePullPolicy to never to avoid pulling during test install | |
| sed -i "s/imagePullPolicy: Always/imagePullPolicy: Never/g" ./charts/${{ needs.meta.outputs.name }}/values.yaml | |
| - name: Run chart-testing (install) | |
| if: steps.list-changed.outputs.changed == 'true' | |
| run: | | |
| helm repo add prometheus-community https://prometheus-community.github.io/helm-charts | |
| helm repo update | |
| helm install prometheus-operator-crds prometheus-community/prometheus-operator-crds --wait | |
| helm install unleasherator-crds ./charts/unleasherator-crds --wait | |
| ct install --charts ./charts/unleasherator --target-branch ${{ github.event.repository.default_branch }} | |
| push: | |
| permissions: | |
| contents: read | |
| id-token: write | |
| name: Build and push Charts | |
| runs-on: ubuntu-latest | |
| needs: [meta, lint-test] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Restore Chart Metadata | |
| uses: actions/download-artifact@v4.1.8 | |
| with: | |
| name: chart-metadata | |
| path: ./charts/${{ needs.meta.outputs.name }} | |
| - name: Restore Chart Values | |
| uses: actions/download-artifact@v4.1.8 | |
| with: | |
| name: chart-values | |
| path: ./charts/${{ needs.meta.outputs.name }} | |
| - name: Restore CRDs Chart Metadata | |
| uses: actions/download-artifact@v4.1.8 | |
| with: | |
| name: crds-chart-metadata | |
| path: ./charts/${{ needs.meta.outputs.name }}-crds | |
| - id: auth | |
| if: github.actor != 'dependabot[bot]' | |
| name: Authenticate to Google Cloud | |
| uses: google-github-actions/auth@v2.1.7 | |
| with: | |
| workload_identity_provider: ${{ secrets.NAIS_IO_WORKLOAD_IDENTITY_PROVIDER }} | |
| service_account: ${{ env.SERVICE_ACCOUNT }} | |
| token_format: access_token | |
| - name: Set up Cloud SDK | |
| uses: google-github-actions/setup-gcloud@v2 | |
| - name: Log in to Google Artifact Registry | |
| if: github.actor != 'dependabot[bot]' | |
| run: | | |
| echo '${{ steps.auth.outputs.access_token }}' | docker login -u oauth2accesstoken --password-stdin https://${{ env.ARTIFACT_REGISTRY }} | |
| - uses: azure/setup-helm@v4 | |
| name: Setup Helm | |
| with: | |
| version: ${{ env.HELM_VERSION }} | |
| - name: Build Charts | |
| run: | | |
| helm package ./charts/${{ needs.meta.outputs.name }}-crds -d ./charts/${{ needs.meta.outputs.name }}-crds | |
| helm package ./charts/${{ needs.meta.outputs.name }} -d ./charts/${{ needs.meta.outputs.name }} | |
| - name: Push Charts | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/main' | |
| run: | | |
| helm push ./charts/${{ needs.meta.outputs.name }}-crds/*.tgz oci://${{ env.ARTIFACT_REGISTRY }}/${{ env.ARTIFACT_REPO }} | |
| helm push ./charts/${{ needs.meta.outputs.name }}/*.tgz oci://${{ env.ARTIFACT_REGISTRY }}/${{ env.ARTIFACT_REPO }} |