-
Notifications
You must be signed in to change notification settings - Fork 20
87 lines (78 loc) · 2.67 KB
/
push.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
name: Push
on:
push:
branches:
- master
tags:
- '*'
paths:
- 'storm/Chart.yaml'
# When this workflow is invoked by another repo
workflow_dispatch:
inputs:
owner:
description: "The owner of the repo who initialized this workflow"
required: true
type: string
repo:
description: "The repository name which wants to publish the chart"
required: true
type: string
ref:
description: "Branch name or tag which will be used for chart version"
required: true
type: string
jobs:
push:
runs-on: ubuntu-latest
environment: push
steps:
- name: Checkout self
uses: actions/checkout@v3
with:
path: self
- name: Validate chart
uses: actions/github-script@v6
env:
APP_ID: ${{ secrets.APP_ID }}
APP_PRIVATE_KEY: ${{ secrets.GH_APP_PEM }}
with:
script: |
const config = require('./self/.github/workflows/scripts/validateChart.js')
return await config({ core, context })
- name: Checkout gh-pages
uses: actions/checkout@v3
with:
ref: gh-pages
path: gh-pages
- name: Checkout ${{ env.OWNER }}/${{ env.REPO }}
uses: actions/checkout@v3
with:
repository: ${{ env.OWNER }}/${{ env.REPO }}
ref: ${{ env.REF }}
path: source
- name: Package charts
uses: actions/github-script@v6
with:
script: |
const helm = require('./self/.github/workflows/scripts/packageChart.js')
return await helm({ core, glob, exec })
- name: Install packages
run: npm i octokit fs @octokit/core
- name: Update index and push files
uses: actions/github-script@v6
env:
APP_ID: ${{ secrets.APP_ID }}
APP_PRIVATE_KEY: ${{ secrets.GH_APP_PEM }}
with:
script: |
const generateToken = require('./self/.github/workflows/scripts/token.js')
const push = require('./self/.github/workflows/scripts/push.js')
const tokenPermissions = { contents: "write" } // required to push files
try {
const token = await generateToken({ core, fetch }, 'G-Research', 'charts', tokenPermissions )
return await push({ core, exec, context, fetch }, token )
} catch (error) {
core.notice(`Permission: ${JSON.stringify(tokenPermissions)}`)
return core.setFailed(`Unable to push ${context.payload.repository.owner.login}/${context.payload.repository.name}, please check token permissions.\n${error}`)
}