-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathaction.yml
119 lines (113 loc) · 4.13 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
name: 'Helm CI'
description: GitHub Action for hanlde CI of helm charts, Sysdig way'
inputs:
chart_dir:
description: "path to chart directory. Example: k8s/redis"
required: true
dry_run:
description: "whether to actually create git tag and push the chart"
required: false
default: "false"
push_to_artifactory:
description: "whether or not to push chart to Artifactory"
required: false
default: "true"
artifactory_url:
description: "Artifactory repo URL"
required: false
default: "https://artifactory.internal.sysdig.com:443/artifactory/helm-local/"
artifactory_pull_url:
description: "Artifactory repo pull URL"
required: false
default: "https://artifactory.internal.sysdig.com:443/artifactory/helm/"
artifactory_push_url:
description: "Artifactory repo push URL"
required: false
default: "https://artifactory.internal.sysdig.com:443/artifactory/helm-local/"
artifactory_username:
description: "username to use for artifactory"
required: false
artifactory_password:
description: "password to use for artifactory"
required: false
github_token:
description: GITHUB_TOKEN secret
required: true
push_to_gar:
description: "whether or not to push chart to GAR"
required: false
default: "false"
gar_username:
description: "username to use to access GAR, possibile values are _json_key, _json_key_base64."
required: false
gar_json_key:
description: "json or json_b64 payload used as password to access GAR."
required: false
gar_url:
description: "url domain used by google cloud for GAR."
required: false
default: "us-docker.pkg.dev"
gar_chart_prefix:
description: "prefix to use in front of chart name."
required: false
default: ""
gcloud_project:
description: "name of the gcloud project id, which the artifact registry is part of."
required: false
fetch_all_tags:
description: "Boolean to fetch all tags for a repo (if false, only the last 100 will be fetched)."
required: false
default: "false"
outputs:
helm_chart_new_version:
description: "Version of the bumped Helm chart"
value: ${{ steps.bump_version.outputs.new_version }}
runs:
using: "composite"
steps:
- name: get chart name
id: chart_name
uses: mikefarah/[email protected]
with:
cmd: "yq eval '.name' ${{ inputs.chart_dir }}/Chart.yaml"
- name: show chart name
shell: bash
run: |
echo "found chart name in Chart.yaml: ${{ steps.chart_name.outputs.result }}"
- name: bump version
id: bump_version
uses: mathieudutour/[email protected]
with:
github_token: ${{ inputs.github_token }}
tag_prefix: helm/${{ steps.chart_name.outputs.result }}-
dry_run: ${{ inputs.dry_run }}
fetch_all_tags: ${{ inputs.fetch_all_tags }}
- name: "publish helm chart to Artifactory"
uses: draios/[email protected]
if: ${{ inputs.push_to_artifactory == 'true' }}
env:
DEST_REGISTRY: "ARTIFACTORY"
ARTIFACTORY_URL: "${{ inputs.artifactory_pull_url }}"
ARTIFACTORY_PULL_URL: "${{ inputs.artifactory_pull_url }}"
ARTIFACTORY_PUSH_URL: "${{ inputs.artifactory_push_url }}"
ARTIFACTORY_USERNAME: ${{ inputs.artifactory_username }}
ARTIFACTORY_PASSWORD: ${{ inputs.artifactory_password }}
CHART_DIR: ${{ inputs.chart_dir }}
CHART_PREFIX: ${{ inputs.gar_chart_prefix }}
CHART_VERSION: ${{ steps.bump_version.outputs.new_version }}
DEBUG: "TRUE"
DRYRUN: ${{ inputs.dry_run }}
- name: "publish helm chart to GAR"
uses: draios/[email protected]
if: ${{ inputs.push_to_gar == 'true' }}
env:
DEST_REGISTRY: "GAR"
GAR_USERNAME: ${{ inputs.gar_username }}
GAR_JSON_KEY: ${{ inputs.gar_json_key }}
GAR_URL: ${{ inputs.gar_url }}
GCLOUD_PROJECT: ${{ inputs.gcloud_project }}
CHART_DIR: ${{ inputs.chart_dir }}
CHART_PREFIX: ${{ inputs.gar_chart_prefix }}
CHART_VERSION: ${{ steps.bump_version.outputs.new_version }}
DEBUG: "TRUE"
DRYRUN: ${{ inputs.dry_run }}