From b3d133833d3b8aa700708c9464f650872dfbd5fa Mon Sep 17 00:00:00 2001 From: Paul Abel <128620221+pdabelf5@users.noreply.github.com> Date: Tue, 4 Jun 2024 13:28:52 +0100 Subject: [PATCH] make helm-publish workflow re-usable (#5682) --- .github/workflows/ci.yml | 63 ++++-------------------------- .github/workflows/publish-helm.yml | 58 ++++++++++++++++----------- 2 files changed, 42 insertions(+), 79 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 17917c5c1b..a8b4de4cb2 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -760,67 +760,18 @@ jobs: publish-helm: name: Package and Publish Helm Chart - runs-on: ubuntu-22.04 needs: [checks, helm-tests] if: ${{ github.event_name == 'push' && ! startsWith(github.ref, 'refs/heads/release-') }} permissions: contents: write # for pushing to Helm Charts repository packages: write # for helm to push to GHCR - steps: - - name: Checkout Repository - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - with: - path: kic - - - name: Login to GitHub Container Registry - uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: DockerHub Login - uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - - name: Package - id: package - run: | - helm_versions="" - if [ ${{ github.ref_type }} != "tag" ]; then - helm_versions="--app-version edge --version 0.0.0-edge" - else - helm_versions="--app-version ${{ needs.checks.outputs.ic_version }} --version ${{ needs.checks.outputs.chart_version }}" - fi - output=$(helm package ${helm_versions} kic/charts/nginx-ingress) - echo "path=$(basename -- $(echo $output | cut -d: -f2))" >> $GITHUB_OUTPUT - - - name: Push to OCI registries - run: | - helm push ${{ steps.package.outputs.path }} oci://ghcr.io/nginxinc/charts - helm push ${{ steps.package.outputs.path }} oci://registry-1.docker.io/nginxcharts - - - name: Checkout Repository - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - with: - repository: nginxinc/helm-charts - fetch-depth: 1 - token: ${{ secrets.NGINX_PAT }} - path: helm-charts - if: github.ref_type == 'tag' - - - name: Push Helm Chart to Helm Charts Repository - run: | - mv ${{ steps.package.outputs.path }} ${{ github.workspace }}/helm-charts/stable/ - cd ${{ github.workspace }}/helm-charts - helm repo index stable --url https://helm.nginx.com/stable - git add -A - git -c user.name='NGINX Kubernetes Team' -c user.email='kubernetes@nginx.com' \ - commit -m "NGINX Ingress Controller - Release ${{ needs.checks.outputs.chart_version }}" - git push -u origin master - if: github.ref_type == 'tag' + uses: ./.github/workflows/publish-helm.yml + with: + branch: ${{ github.ref_name }} + ic_version: ${{ github.ref_type == 'tag' && needs.checks.outputs.ic_version || '0.0.0-edge' }} + chart_version: ${{ github.ref_type == 'tag' && needs.checks.outputs.chart_version || 'edge' }} + nginx_helm_repo: ${{ github.ref_type == 'tag' }} + secrets: inherit operator: name: Trigger PR for Operator diff --git a/.github/workflows/publish-helm.yml b/.github/workflows/publish-helm.yml index 5d3c08904e..1f745e0d93 100644 --- a/.github/workflows/publish-helm.yml +++ b/.github/workflows/publish-helm.yml @@ -6,6 +6,37 @@ on: branch: description: "Release Helm chart from branch" required: true + type: string + ic_version: + description: "Ingress Controller version" + required: true + type: string + chart_version: + description: "Helm Chart version" + required: true + type: string + nginx_helm_repo: + description: "Publish to the NGINX Helm repo" + required: true + type: boolean + workflow_call: + inputs: + branch: + description: "Release Helm chart from branch" + required: true + type: string + ic_version: + description: "Ingress Controller version" + required: true + type: string + chart_version: + description: "Helm Chart version" + required: true + type: string + nginx_helm_repo: + description: "Publish to the NGINX Helm repo" + required: true + type: boolean defaults: run: @@ -19,30 +50,9 @@ permissions: contents: read jobs: - checks: - name: Checks and variables - runs-on: ubuntu-22.04 - outputs: - chart_version: ${{ steps.vars.outputs.chart_version }} - ic_version: ${{ steps.vars.outputs.ic_version }} - steps: - - name: Checkout Repository - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - with: - ref: refs/heads/${{ inputs.branch }} - - - name: Output Variables - id: vars - run: | - source .github/data/version.txt - echo "ic_version=${IC_VERSION}" >> $GITHUB_OUTPUT - echo "chart_version=${HELM_CHART_VERSION}" >> $GITHUB_OUTPUT - cat $GITHUB_OUTPUT - publish-helm: name: Package and Publish Helm Chart runs-on: ubuntu-22.04 - needs: [checks] permissions: contents: write # for pushing to Helm Charts repository packages: write # for helm to push to GHCR @@ -69,7 +79,7 @@ jobs: - name: Package id: package run: | - helm_versions="--app-version ${{ needs.checks.outputs.ic_version }} --version ${{ needs.checks.outputs.chart_version }}" + helm_versions="--app-version ${{ inputs.ic_version }} --version ${{ inputs.chart_version }}" output=$(helm package ${helm_versions} kic/charts/nginx-ingress) echo "path=$(basename -- $(echo $output | cut -d: -f2))" >> $GITHUB_OUTPUT @@ -85,6 +95,7 @@ jobs: fetch-depth: 1 token: ${{ secrets.NGINX_PAT }} path: helm-charts + if: ${{ inputs.nginx_helm_repo == 'true' }} - name: Push Helm Chart to Helm Charts Repository run: | @@ -93,5 +104,6 @@ jobs: helm repo index stable --url https://helm.nginx.com/stable git add -A git -c user.name='NGINX Kubernetes Team' -c user.email='kubernetes@nginx.com' \ - commit -m "NGINX Ingress Controller - Release ${{ needs.checks.outputs.chart_version }}" + commit -m "NGINX Ingress Controller - Release ${{ inputs.chart_version }}" git push -u origin master + if: ${{ inputs.nginx_helm_repo == 'true' }}