Introduces a github action workflow to release the helm chart for the prefect-operator
#1
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: prefect-operator Helm Chart release | |
"on": | |
workflow_dispatch: | |
pull_request: | |
permissions: {} | |
jobs: | |
release: | |
permissions: | |
# GitHub considers creating releases and uploading assets as writing contents. | |
contents: write | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
# We set the chart release version here - the version schema | |
# is a SemVer adherent date-based versioning scheme that looks like: | |
# 2024.2.9125019 | |
# which equates to a release on 2/9/24 at 12:50:19 | |
- name: Get the version tags | |
id: get_version | |
run: | | |
# Enable pipefail so git command failures do not result in null versions downstream | |
set -x | |
echo "RELEASE_VERSION=$(date +'%Y.%-m.%-d%H%M%S')" >> $GITHUB_OUTPUT | |
echo "OPERATOR_VERSION=$(git describe --tags `git rev-list --tags --max-count=1`)" >> $GITHUB_OUTPUT | |
# - name: Copy Artifact Hub metadata | |
# run: | | |
# mkdir -p /tmp/chart | |
# cp artifacthub-repo.yml /tmp/chart | |
- name: Configure Git | |
run: | | |
git config user.name "$GITHUB_ACTOR" | |
git config user.email "[email protected]" | |
- name: Set up Helm | |
uses: azure/setup-helm@v4 | |
- name: Prepare GPG key for signing | |
run: | | |
gpg_dir=/tmp/.gpg | |
mkdir "$gpg_dir" | |
keyring="$gpg_dir/secring.gpg" | |
# store the secret keyring in a .gpg file | |
base64 -d <<< "$GPG_KEYRING_BASE64" > "$keyring" | |
passphrase_file="$gpg_dir/passphrase" | |
# store passphrase in a file | |
echo "$GPG_PASSPHRASE" > "$passphrase_file" | |
echo "SIGN_PASSPHRASE_FILE=$passphrase_file" >> "$GITHUB_ENV" | |
echo "SIGN_KEYRING=$keyring" >> "$GITHUB_ENV" | |
env: | |
GPG_KEYRING_BASE64: "${{ secrets.GPG_KEYRING_BASE64 }}" | |
GPG_PASSPHRASE: "${{ secrets.GPG_PASSPHRASE }}" | |
- name: Add dependency chart repos | |
run: | | |
helm repo add bitnami https://charts.bitnami.com/bitnami | |
- name: Package Operator helm chart | |
run: | | |
mkdir -p /tmp/chart | |
cd deploy/charts | |
# Update the operator version tag in values.yaml | |
sed -i "s/tag:.*$/tag: $OPERATOR_VERSION/g" prefect-operator/values.yaml | |
helm package prefect-operator \ | |
--destination /tmp/chart \ | |
--dependency-update \ | |
--version $RELEASE_VERSION \ | |
--app-version $OPERATOR_VERSION \ | |
--sign --key '[email protected]' \ | |
--keyring $SIGN_KEYRING \ | |
--passphrase-file $SIGN_PASSPHRASE_FILE | |
env: | |
RELEASE_VERSION: ${{ steps.get_version.outputs.RELEASE_VERSION }} | |
OPERATOR_VERSION: ${{ steps.get_version.outputs.OPERATOR_VERSION }} | |
SIGN_KEYRING: ${{ env.SIGN_KEYRING }} | |
SIGN_PASSPHRASE_FILE: ${{ env.SIGN_PASSPHRASE_FILE }} | |
- name: Update chart index | |
run: | | |
git stash # Stash changes to the values.yaml so checkout doesn't complain | |
git checkout gh-pages | |
helm repo index /tmp/chart --url https://prefecthq.github.io/prefect-operator/charts --merge ./index.yaml | |
- name: Commit and push | |
run: | | |
cp /tmp/chart/artifacthub-repo.yml . | |
cp /tmp/chart/index.yaml . | |
cp /tmp/chart/prefect-operator-$RELEASE_VERSION.* ./charts | |
git add ./artifacthub-repo.yml ./index.yaml ./charts/prefect-operator-$RELEASE_VERSION.* ./charts/ | |
git commit -m "Release $RELEASE_VERSION" | |
git push origin gh-pages | |
env: | |
RELEASE_VERSION: ${{ steps.get_version.outputs.RELEASE_VERSION }} | |
- name: Create Github Release + Tag | |
run: | | |
gh release create $RELEASE_VERSION \ | |
--generate-notes \ | |
--notes "Packaged with `prefect-operator` version \ | |
[$OPERATOR_VERSION](https://github.com/PrefectHQ/prefect-operator/releases/tag/$OPERATOR_VERSION)" | |
env: | |
GITHUB_TOKEN: ${{ github.token }} | |
RELEASE_VERSION: ${{ steps.get_version.outputs.RELEASE_VERSION }} | |
OPERATOR_VERSION: ${{ steps.get_version.outputs.OPERATOR_VERSION }} |