Skip to content

Commit

Permalink
Helm Chart release automation
Browse files Browse the repository at this point in the history
- add workflow to update helm chart and push to ghcr.io oc registry
- add chart update script to edit chart values for a specific release
- add chart push script to package and push helm chart
- add makefile targets to install pre-req and invoke scripts above

Signed-off-by: adrianc <[email protected]>
  • Loading branch information
adrianchiris committed Jun 4, 2024
1 parent 8d32f42 commit 95e3cb4
Show file tree
Hide file tree
Showing 4 changed files with 162 additions and 0 deletions.
34 changes: 34 additions & 0 deletions .github/workflows/chart-push-release.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
name: "Push helm chart on release"

env:
IMAGE_NAME: ghcr.io/${{ github.repository }}

on:
push:
tags:
- v*
jobs:
package-and-push-helm-chart:
runs-on: ubuntu-22.04
steps:
- name: install helm
uses: azure/[email protected]
with:
version: latest

- name: Check out the repo
uses: actions/checkout@v4

- name: update chart
env:
GITHUB_TAG: ${{ github.ref_name }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_REPO_OWNER: ${{ github.repository_owner }}
run: make chart-prepare-release

- name: push chart
env:
GITHUB_TAG: ${{ github.ref_name }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_REPO_OWNER: ${{ github.repository_owner }}
run: make chart-push-release
17 changes: 17 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -253,3 +253,20 @@ $(GOLANGCI_LINT): ; $(info installing golangci-lint...)
.PHONY: lint
lint: | $(GOLANGCI_LINT) ; $(info running golangci-lint...) @ ## Run golangci-lint
$(GOLANGCI_LINT) run --timeout=10m

$(BIN_DIR):
@ mkdir -p $(BIN_DIR)

YQ=$(BIN_DIR)/yq
YQ_VERSION=v4.44.1
$(YQ): | $(BIN_DIR); $(info installing yq)
@ wget https://github.com/mikefarah/yq/releases/download/$(YQ_VERSION)/yq_linux_amd64 -O $(YQ) && chmod +x $(YQ)

.PHONY: chart-prepare-release
chart-prepare-release: | $(YQ) ; ## prepare chart for release
@ GITHUB_TAG=$(GITHUB_TAG) GITHUB_TOKEN=$(GITHUB_TOKEN) GITHUB_REPO_OWNER=$(GITHUB_REPO_OWNER) hack/release/chart-update.sh

.PHONY: chart-push-release
chart-push-release: ## push release chart
@ GITHUB_TAG=$(GITHUB_TAG) GITHUB_TOKEN=$(GITHUB_TOKEN) GITHUB_REPO_OWNER=$(GITHUB_REPO_OWNER) hack/release/chart-push.sh

42 changes: 42 additions & 0 deletions hack/release/chart-push.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
#!/bin/bash
set -ex

# github repo owner: e.g k8snetworkplumbingwg
GITHUB_REPO_OWNER=${GITHUB_REPO_OWNER:-}
# github api token with package:write permissions
GITHUB_TOKEN=${GITHUB_TOKEN:-}
# github tag e.g v1.2.3
GITHUB_TAG=${GITHUB_TAG:-}

BASE=${PWD}
HELM_CHART=${BASE}/deployment/sriov-network-operator
HELM_CHART_VERSION=${GITHUB_TAG#"v"}
HELM_CHART_TARBALL="sriov-network-operator-${HELM_CHART_VERSION}.tgz"

# make sure helm is installed
set +e
which helm
if [ $? -ne 0 ]; then
echo "ERROR: helm must be installed"
exit 1
fi
set -e

if [ -z "$GITHUB_REPO_OWNER" ]; then
echo "ERROR: GITHUB_REPO_OWNER must be provided as env var"
exit 1
fi

if [ -z "$GITHUB_TOKEN" ]; then
echo "ERROR: GITHUB_TOKEN must be provided as env var"
exit 1
fi

if [ -z "$GITHUB_TAG" ]; then
echo "ERROR: GITHUB_TAG must be provided as env var"
exit 1
fi

helm package ${HELM_CHART}
helm registry login ghcr.io -u ${GITHUB_REPO_OWNER} -p ${GITHUB_TOKEN}
helm push ${HELM_CHART_TARBALL} oci://ghcr.io/${GITHUB_REPO_OWNER}
69 changes: 69 additions & 0 deletions hack/release/chart-update.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
#!/bin/bash
set -ex

# github tag e.g v1.2.3
GITHUB_TAG=${GITHUB_TAG:-}
# github api token (needed only for read access)
GITHUB_TOKEN=${GITHUB_TOKEN:-}
# github repo owner e.g k8snetworkplumbingwg
GITHUB_REPO_OWNER=${GITHUB_REPO_OWNER:-}

BASE=${PWD}
YQ_CMD="${BASE}/bin/yq"
HELM_VALUES=${BASE}/deployment/sriov-network-operator/values.yaml
HELM_CHART=${BASE}/deployment/sriov-network-operator/Chart.yaml


if [ -z "$GITHUB_TAG" ]; then
echo "ERROR: GITHUB_TAG must be provided as env var"
exit 1
fi

if [ -z "$GITHUB_TOKEN" ]; then
echo "ERROR: GITHUB_TOKEN must be provided as env var"
exit 1
fi

if [ -z "$GITHUB_REPO_OWNER" ]; then
echo "ERROR: GITHUB_REPO_OWNER must be provided as env var"
exit 1
fi

get_latest_github_tag() {
local owner="$1"
local repo="$2"
local latest_tag

# Fetch the latest tags using GitHub API and extract the latest tag name
latest_tag=$(curl -s "https://api.github.com/repos/$owner/$repo/tags" --header "Authorization: Bearer ${GITHUB_TOKEN}" | jq -r '.[0].name')

echo "$latest_tag"
}
# check strings not empty

# tag provided via env var
OPERATOR_TAG=${GITHUB_TAG}
IB_SRIOV_CNI_TAG=$(get_latest_github_tag k8snetworkplumbingwg ib-sriov-cni)
SRIOV_CNI_TAG=$(get_latest_github_tag k8snetworkplumbingwg sriov-cni)
OVS_CNI_TAG=$(get_latest_github_tag k8snetworkplumbingwg ovs-cni)
NETWORK_RESOURCE_INJECTOR_TAG=$(get_latest_github_tag k8snetworkplumbingwg network-resources-injector)
SRIOV_DEVICE_PLUGIN_TAG=$(get_latest_github_tag k8snetworkplumbingwg sriov-network-device-plugin)

# patch values.yaml in-place

# sriov-network-operator images:
OPERATOR_REPO=${GITHUB_REPO_OWNER} # this is used to allow to release sriov-network-operator from forks
$YQ_CMD -i ".images.operator = \"ghcr.io/${OPERATOR_REPO}/sriov-network-operator:${OPERATOR_TAG}\"" ${HELM_VALUES}
$YQ_CMD -i ".images.sriovConfigDaemon = \"ghcr.io/${OPERATOR_REPO}/sriov-network-operator-config-daemon:${OPERATOR_TAG}\"" ${HELM_VALUES}
$YQ_CMD -i ".images.webhook = \"ghcr.io/${OPERATOR_REPO}/sriov-network-operator-webhook:${OPERATOR_TAG}\"" ${HELM_VALUES}

# other images that sriov-network-operator uses:
$YQ_CMD -i ".images.sriovCni = \"ghcr.io/k8snetworkplumbingwg/sriov-cni:${SRIOV_CNI_TAG}\"" ${HELM_VALUES}
$YQ_CMD -i ".images.ibSriovCni = \"ghcr.io/k8snetworkplumbingwg/ib-sriov-cni:${IB_SRIOV_CNI_TAG}\"" ${HELM_VALUES}
$YQ_CMD -i ".images.ovsCni = \"ghcr.io/k8snetworkplumbingwg/ovs-cni:${OVS_CNI_TAG}\"" ${HELM_VALUES}
$YQ_CMD -i ".images.sriovDevicePlugin = \"ghcr.io/k8snetworkplumbingwg/sriov-network-device-plugin:${SRIOV_DEVICE_PLUGIN_TAG}\"" ${HELM_VALUES}
$YQ_CMD -i ".images.resourcesInjector = \"ghcr.io/k8snetworkplumbingwg/network-resources-injector:${NETWORK_RESOURCE_INJECTOR_TAG}\"" ${HELM_VALUES}

# patch Chart.yaml in-place
$YQ_CMD -i ".version = \"${OPERATOR_TAG#"v"}\"" ${HELM_CHART}
$YQ_CMD -i ".appVersion = \"${OPERATOR_TAG}\"" ${HELM_CHART}

0 comments on commit 95e3cb4

Please sign in to comment.