public/helm-charts
1
0
Fork 0
mirror of https://github.com/bjw-s-labs/helm-charts.git synced 2025-07-04 00:47:04 +02:00
Code Issues Projects Releases Packages Wiki Activity

ci: Rework publishing CI (#381)

Browse source
This commit is contained in:
Bernd Schorgers 2025-02-10 13:05:48 +01:00
parent b8c2eca310
commit c94a28baa3
No known key found for this signature in database
GPG key ID: BC5E2BD907F9A8EC
10 changed files with 512 additions and 274 deletions
Download patch file Download diff file Expand all files Collapse all files

77
.github/actions/charts-package/action.yaml vendored Normal file
View file

@ -0,0 +1,77 @@
---
name: "Package charts"
description: "Package charts for release"
inputs:
rootFolder:
description: "Root folder containing the charts to package"
required: true
chartFolder:
description: "Folder containing the chart to package relative to the base folder"
required: true
destinationFolder:
description: "Folder where the chart packages should be stored"
required: true
default: "out"
artifactPrefix:
description: "Prefix for the artifact name"
required: false
default: ""
retentionDays:
description: "Duration after which artifacts will expire in days."
required: true
default: "1"
helmVersion:
description: "Helm version to use for packaging"
required: true
default: 3.17.0
runs:
using: "composite"
steps:
- name: Install Kubernetes tools
uses: yokawasa/action-setup-kube-tools@v0.11.1
with:
setup-tools: |
helmv3
helm: "${{ inputs.helmVersion }}"
- name: Grab chart details
id: chart-details
shell: bash
env:
ROOT_DIR: "${{ inputs.rootFolder }}"
CHART_DIR: "${{ inputs.chartFolder }}"
run: |
PARENT_DIR=$(basename $(dirname "${ROOT_DIR}/${CHART_DIR}"))
echo "parentdir=${PARENT_DIR}" >> "$GITHUB_OUTPUT"
echo "name=$(yq '.name' ${ROOT_DIR}/${CHART_DIR}/Chart.yaml)" >> "$GITHUB_OUTPUT"
echo "version=$(yq '.version' ${ROOT_DIR}/${CHART_DIR}/Chart.yaml)" >> "$GITHUB_OUTPUT"
- name: Dereference JSON schema before packaging
uses: bjw-s/helm-charts-actions/dereference-json-schema@main
with:
schemaFile: "${{ inputs.rootFolder }}/${{ inputs.chartFolder }}/values.schema.json"
outputFile: "${{ inputs.rootFolder }}/${{ inputs.chartFolder }}/values.schema.json"
allowFileNotFound: true
- name: Package Helm Chart
shell: bash
env:
ROOT_DIR: "${{ inputs.rootFolder }}"
CHART_DIR: "${{ inputs.chartFolder }}"
PARENT_DIR: "${{ steps.chart-details.outputs.parentdir }}"
TARGET_DIR: "${{ inputs.destinationFolder }}"
run: |
helm package "${ROOT_DIR}/${CHART_DIR}" --dependency-update --destination "${TARGET_DIR}/${PARENT_DIR}"
- name: Upload artifact
uses: actions/upload-artifact@v4
env:
PARENT_DIR: "${{ steps.chart-details.outputs.parentdir }}"
CHART_NAME: "${{ steps.chart-details.outputs.name }}"
CHART_VERSION: "${{ steps.chart-details.outputs.version }}"
TARGET_DIR: "${{ inputs.destinationFolder }}"
with:
name: "${{ inputs.artifactPrefix }}${{ env.PARENT_DIR }}__${{ env.CHART_NAME }}__${{ env.CHART_VERSION }}"
path: "${{ env.TARGET_DIR }}/${{ env.PARENT_DIR }}/${{ env.CHART_NAME }}-${{ env.CHART_VERSION }}.tgz"
retention-days: ${{ inputs.retentionDays }}

70
.github/actions/charts-release-ghpages/action.yaml vendored Normal file
View file

@ -0,0 +1,70 @@
---
name: "Prepare chart artifacts for release"
description: "Prepare chart artifacts for release to GitHub Pages"
inputs:
artifactPattern:
description: "Pattern to match artifacts to release"
required: true
artifactPrefix:
description: "Prefix to strip from the artifact names"
required: false
default: ""
targetFolder:
description: "Folder where to move the chart artifacts"
required: true
default: gh-pages
targetBranch:
description: "Branch to push the chart artifacts"
required: true
default: gh-pages
runs:
using: "composite"
steps:
- name: Prepare artifacts folder
shell: bash
run: |
mkdir -p artifacts
- name: Download chart artifacts
uses: actions/download-artifact@v4
with:
path: artifacts
pattern: ${{ inputs.artifactPrefix }}${{ inputs.artifactPattern }}
- name: Copy artifacts to gh-pages structure
shell: bash
working-directory: artifacts
env:
ARTIFACT_PREFIX: ${{ inputs.artifactPrefix }}
TARGET_FOLDER: ${{ inputs.targetFolder }}
run: |
while IFS= read -d $'\0' -r ARTIFACT ; do
echo ${ARTIFACT}
prefix_removed_chart=${ARTIFACT/#$ARTIFACT_PREFIX}
DELIMITER='__'
s=${prefix_removed_chart}${DELIMITER}
ARTIFACT_PATH_PARTS=();
while [[ $s ]]; do
ARTIFACT_PATH_PARTS+=( "${s%%"${DELIMITER}"*}" );
s=${s#*"${DELIMITER}"};
done;
CHART_FOLDER=${ARTIFACT_PATH_PARTS[0]}
mkdir -p "${TARGET_FOLDER}/${CHART_FOLDER}"
cp ${ARTIFACT}/* ${TARGET_FOLDER}/${CHART_FOLDER}/
done < <(find . -mindepth 1 -maxdepth 1 -type d -print0)
- name: Update chart index
shell: bash
working-directory: ${{ inputs.targetFolder }}
run: |
helm repo index . --url https://bjw-s.github.io/helm-charts/
- name: Commit Changes
uses: stefanzweifel/git-auto-commit-action@v5
with:
repository: ${{ inputs.targetFolder }}
branch: ${{ inputs.targetBranch }}
file_pattern: "index.yaml **/*.tgz"
disable_globbing: true

59
.github/actions/charts-release-oci/action.yaml vendored Normal file
View file

@ -0,0 +1,59 @@
---
name: "Release charts to OCI registry"
description: "Release charts to OCI registry"
inputs:
chartName:
description: "Name of the chart to release"
required: true
chartVersion:
description: "Version of the chart to release"
required: true
workingDir:
description: "Working directory"
required: true
default: "."
ociRegistry:
description: >
Target OCI registry for Helm charts.
required: true
default: "ghcr.io"
helmVersion:
description: "Helm version to use for packaging"
required: true
default: 3.17.0
runs:
using: "composite"
steps:
- name: Install Cosign
uses: sigstore/cosign-installer@v3.6.0
- name: Install Kubernetes tools
uses: yokawasa/action-setup-kube-tools@v0.11.1
with:
setup-tools: |
helmv3
helm: ${{ inputs.helmVersion }}
- name: Login to OCI Registry
uses: docker/login-action@v3
with:
registry: ${{ inputs.ociRegistry }}
username: ${{ github.actor }}
password: ${{ github.token }}
- name: Push Helm charts to OCI registry
shell: bash
working-directory: ${{ inputs.workingDir }}
env:
CHART_NAME: ${{ inputs.chartName }}
CHART_VERSION: ${{ inputs.chartVersion }}
CHART_TAG_BASE: ${{ inputs.ociRegistry }}/${{ github.actor }}/helm
CHART_TAG: ${{ inputs.chartName }}:${{ inputs.chartVersion }}
run: |
helm push "${CHART_NAME}-${CHART_VERSION}.tgz" oci://${CHART_TAG_BASE} &> push-metadata.txt
CHART_DIGEST=$(awk '/Digest: /{print $2}' push-metadata.txt)
cosign sign --yes "${CHART_TAG_BASE}/${CHART_TAG}@${CHART_DIGEST}"
cosign verify "${CHART_TAG_BASE}/${CHART_TAG}@${CHART_DIGEST}" \
--certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
--certificate-identity "https://github.com/${{ github.repository }}/.github/workflows/charts-release-steps.yaml@${{ github.ref }}"

48
.github/actions/label-from-status/action.yaml vendored
View file

@ -1,48 +0,0 @@
name: "Set issue labels based on status"
description: "Sets / removes issue labels based on CI job status"
inputs:
token:
required: true
description: "The Github API token to use"
issue-number:
required: true
description: "The issue to label"
prefix:
required: true
description: "The label prefix (e.g. lint, install)"
job-status:
required: true
description: "The status of the CI job"
remove-on-skipped:
required: false
default: "false"
description: "Remove the label if the job was skipped"
runs:
using: "composite"
steps:
- name: Label success
uses: andymckay/labeler@1.0.4
if: ${{ inputs.job-status == 'success' }}
with:
repo-token: ${{ inputs.token }}
issue-number: ${{ inputs.issue-number }}
add-labels: "${{ inputs.prefix }}:ok"
remove-labels: "${{ inputs.prefix }}:failed"
- name: Label failure
uses: andymckay/labeler@1.0.4
if: ${{ inputs.job-status == 'failure' }}
with:
repo-token: ${{ inputs.token }}
issue-number: ${{ inputs.issue-number }}
add-labels: "${{ inputs.prefix }}:failed"
remove-labels: "${{ inputs.prefix }}:ok"
- name: Remove label
uses: andymckay/labeler@1.0.4
if: ${{ (inputs.job-status == 'skipped') && (inputs.remove-on-skipped == 'true') }}
with:
repo-token: ${{ inputs.token }}
issue-number: ${{ inputs.issue-number }}
remove-labels: "${{ inputs.prefix }}:ok, ${{ inputs.prefix }}:failed"

62
.github/actions/publish-folder-to-pages/action.yaml vendored Normal file
View file

@ -0,0 +1,62 @@
---
name: "Publish folder to GitHub Pages"
description: "Publish the contents of a folder to GitHub Pages"
inputs:
path:
description: "Path that contains the content to publish"
required: true
default: "gh-pages/"
artifactName:
description: "Filename of the artifact"
required: true
default: "github-pages"
retention-days:
description: "Duration after which artifact will expire in days."
required: true
default: "1"
deleteArtifactAfterPublish:
description: "Delete the artifact after deployment?"
required: true
default: "false"
runs:
using: "composite"
steps:
- name: Prepare gh-pages artifact
shell: sh
env:
INPUT_PATH: ${{ inputs.path }}
run: |
echo ::group::Archive artifact
tar \
--dereference --hard-dereference \
--directory "$INPUT_PATH" \
-cvf "$RUNNER_TEMP/artifact.tar" \
--exclude=.git \
--exclude=.github \
--exclude=".[^/]*" \
.
echo ::endgroup::
- name: Upload gh-pages artifact
id: upload-artifact
uses: actions/upload-artifact@v4
with:
name: ${{ inputs.artifactName }}
path: ${{ runner.temp }}/artifact.tar
retention-days: 1
if-no-files-found: error
- name: Deploy to GitHub Pages
id: deploy-gh-pages
uses: actions/deploy-pages@v4
with:
artifact_name: ${{ inputs.artifactName }}
- name: Clean up artifact
if: ${{ inputs.deleteArtifactAfterPublish == 'true' }}
uses: joernott/rm-artifact@v1
with:
name: ${{ inputs.artifactName }}
useGlob: false
failOnError: true

7
.github/workflows/charts-lint.yaml vendored
View file

@ -71,6 +71,13 @@ jobs:
chart: ${{ matrix.chart }}
overrides: ${{ inputs.overrideDeps }}
- name: Dereference JSON schema before packaging
uses: bjw-s/helm-charts-actions/dereference-json-schema@main
with:
schemaFile: "charts/${{ matrix.chart }}/values.schema.json"
outputFile: "charts/${{ matrix.chart }}/values.schema.json"
allowFileNotFound: true
- name: Run chart-testing (lint)
run: ct lint --config .ci/ct/ct.yaml --charts "charts/${{ matrix.chart }}"

96
.github/workflows/charts-release-ghpages.yaml vendored
View file

@ -1,96 +0,0 @@
name: "Charts: Release to GitHub pages"
on:
workflow_call:
inputs:
charts:
description: >
Json encoded list of Helm charts to release.
Defaults to releasing everything.
default: "[]"
required: false
type: string
secrets:
BJWS_APP_ID:
required: true
BJWS_APP_PRIVATE_KEY:
required: true
env:
HELM_VERSION: 3.11.2
jobs:
release-charts:
name: Release charts
runs-on: ubuntu-22.04
steps:
- name: "Generate Short Lived OAuth App Token (ghs_*)"
uses: actions/create-github-app-token@v1.10.4
id: app-token
with:
app-id: "${{ secrets.BJWS_APP_ID }}"
private-key: "${{ secrets.BJWS_APP_PRIVATE_KEY }}"
- name: Checkout charts branch
uses: actions/checkout@v4
with:
token: ${{ steps.app-token.outputs.token }}
path: "src"
fetch-depth: 0
- name: Checkout gh-pages branch
uses: actions/checkout@v4
with:
token: ${{ steps.app-token.outputs.token }}
path: "dest"
ref: "gh-pages"
fetch-depth: 0
- name: Install Kubernetes tools
uses: yokawasa/action-setup-kube-tools@v0.11.1
with:
setup-tools: |
helmv3
helm: "${{ env.HELM_VERSION }}"
- name: Package Helm Charts
shell: bash
env:
SRC_DIR: "src/charts"
DEST_DIR: "dest"
run: |
CHARTS=( $(yq --null-input e '${{ inputs.charts }}[]' ) )
for CHART in "${CHARTS[@]}" ; do
mapfile -t CHART_PATH_PARTS < <(echo "$CHART" | tr '/' '\n')
CHART_TYPE=${CHART_PATH_PARTS[0]}
helm package "${SRC_DIR}/${CHART}" --dependency-update --destination "${DEST_DIR}/${CHART_TYPE}"
done
- name: Update chart index
shell: bash
working-directory: dest
run: |
helm repo index . --url https://bjw-s.github.io/helm-charts/
- name: Commit changes
uses: stefanzweifel/git-auto-commit-action@v5
id: auto-commit
with:
repository: dest
branch: gh-pages
commit_user_name: "bjw-s-bot[bot]"
commit_user_email: 87358111+bjw-s-bot[bot]@users.noreply.github.com
commit_author: bjw-s-bot[bot] <87358111+bjw-s-bot[bot]@users.noreply.github.com>
file_pattern: "index.yaml **/*.tgz"
disable_globbing: true
- name: Wait for deploy
uses: fountainhead/action-wait-for-check@v1.2.0
if: ${{ steps.auto-commit.outputs.changes_detected }}
id: wait-for-deploy
with:
token: ${{ steps.app-token.outputs.token }}
ref: ${{ steps.auto-commit.outputs.commit_hash }}
checkName: deploy

69
.github/workflows/charts-release-oci.yaml vendored
View file

@ -1,69 +0,0 @@
name: "Charts: Release to GHCR OCI"
on:
workflow_call:
inputs:
charts:
description: >
Json encoded list of Helm charts to release.
Defaults to releasing everything.
default: "[]"
required: false
type: string
env:
HELM_VERSION: 3.11.2
CHARTS_SRC_DIR: "charts"
TARGET_REGISTRY: ghcr.io
jobs:
release-charts:
name: Release charts
runs-on: ubuntu-22.04
permissions:
contents: read
packages: write # needed for ghcr access
actions: read # for detecting the Github Actions environment.
id-token: write # for creating OIDC tokens for signing.
steps:
- name: Checkout chart sources
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Install Kubernetes tools
uses: yokawasa/action-setup-kube-tools@v0.11.1
with:
setup-tools: |
helmv3
helm: "${{ env.HELM_VERSION }}"
- name: Install Cosign
uses: sigstore/cosign-installer@v3.6.0
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.TARGET_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Package & Push Helm Charts
shell: bash
run: |
CHARTS=( $(yq --null-input e '${{ inputs.charts }}[]' ) )
for CHART in "${CHARTS[@]}" ; do
mapfile -t CHART_PATH_PARTS < <(echo "$CHART" | tr '/' '\n')
CHART_TYPE=${CHART_PATH_PARTS[0]}
CHART_NAME=${CHART_PATH_PARTS[1]}
CHART_VERSION=$(yq e '.version' ${{ env.CHARTS_SRC_DIR }}/${CHART}/Chart.yaml)
helm package "${{ env.CHARTS_SRC_DIR }}/${CHART_TYPE}/${CHART_NAME}" --dependency-update --destination "${{ env.CHARTS_SRC_DIR }}/${CHART_TYPE}" --version "${CHART_VERSION}"
helm push "${{ env.CHARTS_SRC_DIR }}/${CHART_TYPE}/${CHART_NAME}-${CHART_VERSION}.tgz" oci://${{ env.TARGET_REGISTRY }}/${{ github.actor }}/helm &> push-metadata.txt
CHART_DIGEST=$(awk '/Digest: /{print $2}' push-metadata.txt)
cosign sign --yes "${{ env.TARGET_REGISTRY }}/${{ github.actor }}/helm/${CHART_NAME}:${CHART_VERSION}@${CHART_DIGEST}"
cosign verify "${{ env.TARGET_REGISTRY }}/${{ github.actor }}/helm/${CHART_NAME}:${CHART_VERSION}@${CHART_DIGEST}" \
--certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
--certificate-identity "https://github.com/bjw-s/helm-charts/.github/workflows/charts-release-oci.yaml@refs/heads/main"
done

180
.github/workflows/charts-release-steps.yaml vendored Normal file
View file

@ -0,0 +1,180 @@
---
name: "Charts: Release"
on:
workflow_call:
inputs:
charts:
description: >
Json encoded list of Helm charts to release.
Defaults to releasing everything.
default: "[]"
required: false
type: string
excludedChartsRelease:
description: >
Json encoded list of Helm charts to exclude from release.
default: "[]"
required: false
type: string
publishToGhPages:
description: >
Should the charts be published to GitHub Pages.
default: true
required: false
type: boolean
ghPagesBranch:
description: >
Target branch for GitHub Pages.
default: "gh-pages"
required: false
type: string
publishToOciRegistry:
description: >
Should the charts be published to an OCI registry.
default: true
required: false
type: boolean
ociRegistry:
description: >
Target OCI registry for Helm charts.
default: "ghcr.io"
required: false
type: string
helmVersion:
description: >
Helm version to use.
default: "3.11.2"
required: false
type: string
jobs:
package-charts:
name: Package charts
runs-on: ubuntu-22.04
strategy:
matrix:
charts: ${{ fromJSON(inputs.charts) }}
fail-fast: false
steps:
- name: Checkout source branch
if: ${{ !contains(fromJSON(inputs.excludedChartsRelease), matrix.charts) }}
uses: actions/checkout@v4
with:
path: src
fetch-depth: 0
- name: Package Helm charts
uses: ./src/.github/actions/charts-package
if: ${{ !contains(fromJSON(inputs.excludedChartsRelease), matrix.charts) }}
with:
rootFolder: src/charts
chartFolder: ${{ matrix.charts }}
artifactPrefix: chart__
helmVersion: ${{ inputs.helmVersion }}
release-charts-to-github-pages:
name: Release charts to GitHub Pages
runs-on: ubuntu-22.04
if: ${{ inputs.publishToGhPages }}
needs:
- package-charts
steps:
- name: Checkout source branch
uses: actions/checkout@v4
with:
path: src
- name: Checkout gh-pages branch
uses: actions/checkout@v4
with:
token: ${{ github.token }}
path: gh-pages
ref: ${{ inputs.ghPagesBranch }}
fetch-depth: 0
- name: Prepare artifacts for release to GitHub Pages
uses: ./src/.github/actions/charts-release-ghpages
with:
artifactPattern: "*"
artifactPrefix: chart__
targetFolder: gh-pages
targetBranch: gh-pages
- name: Publish changes to GitHub Pages
uses: ./src/.github/actions/publish-folder-to-pages
with:
path: gh-pages/
prepare-release-charts-to-oci:
name: Prepare releasing charts to OCI registry
runs-on: ubuntu-22.04
if: ${{ inputs.publishToOciRegistry }}
needs:
- package-charts
outputs:
artifacts: ${{ steps.artifacts.outputs.artifacts }}
steps:
- name: List artifacts
id: list
uses: yakubique/list-artifacts@v1.1
with:
name: chart__*
- name: Rewrite artifacts output
id: artifacts
shell: bash
env:
JQ_COMMAND: |-
[.[] | {artifact_name: .name, chart_name: (.name | split("__")[-2]), chart_version: (.name | split("__")[-1]) }]
run: |
echo '${{ steps.list.outputs.result }}' | jq -c -r "$JQ_COMMAND" > artifacts
echo "artifacts=$(cat artifacts)" >> "$GITHUB_OUTPUT"
release-charts-to-oci:
name: Release charts to OCI registry
runs-on: ubuntu-22.04
if: ${{ inputs.publishToOciRegistry && needs.prepare-release-charts-to-oci.outputs.artifacts != '[]' }}
strategy:
matrix:
artifacts: ${{ fromJSON(needs.prepare-release-charts-to-oci.outputs.artifacts) }}
fail-fast: false
needs:
- package-charts
- prepare-release-charts-to-oci
env:
TARGET_REGISTRY: ghcr.io
steps:
- name: Download chart artifacts
uses: actions/download-artifact@v4
with:
path: artifacts
pattern: ${{ matrix.artifacts.artifact_name }}
- name: Checkout source branch
uses: actions/checkout@v4
with:
path: src
- name: Release chart to OCI registry
uses: ./src/.github/actions/charts-release-oci
with:
workingDir: artifacts/${{ matrix.artifacts.artifact_name }}
chartName: ${{ matrix.artifacts.chart_name }}
chartVersion: ${{ matrix.artifacts.chart_version }}
cleanup-charts-artifacts:
name: Clean up artifacts
runs-on: ubuntu-22.04
needs:
- package-charts
- release-charts-to-github-pages
- release-charts-to-oci
if: ${{ always() && !contains(needs.*.result, 'failure') && !contains(needs.*.result, 'cancelled') }}
steps:
- name: Clean up artifact
uses: joernott/rm-artifact@v1
with:
name: "*"
useGlob: true
failOnError: true

118
.github/workflows/charts-release.yaml vendored
View file

@ -1,92 +1,88 @@
---
name: "Charts: Release"
concurrency: helm-release
on:
workflow_dispatch:
inputs:
charts:
description: >
Charts to release. Comma-separated string.
Defaults to releasing everything.
default: ""
required: false
push:
branches:
- main
paths:
- "charts/**"
env:
HELM_VERSION: 3.11.2
jobs:
prepare:
prepare-release:
name: Prepare data required for release
runs-on: ubuntu-22.04
outputs:
libraryChartsToRelease: ${{ steps.collect-charts.outputs.chartsLibraryToRelease }}
applicationChartsToRelease: ${{ steps.collect-charts.outputs.chartsApplicationToRelease }}
repoConfiguration: ${{ steps.repo-config.outputs.config }}
libraryChartsToRelease: ${{ steps.changed-library-charts.outputs.all_changed_files }}
applicationChartsToRelease: ${{ steps.changed-charts.outputs.all_changed_files }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Collect charts to release
uses: bjw-s/helm-charts-actions/collect-charts@main
id: collect-charts
- name: Grab repository configuration
id: repo-config
shell: bash
run: |
echo "config=$(yq '.' '.ci/repo-config.yaml' -o json -I=0)" >> "$GITHUB_OUTPUT"
- name: Get changed library charts
id: changed-library-charts
uses: tj-actions/changed-files@v45
with:
repoConfigFile: ./.ci/repo-config.yaml
overrideCharts: "[${{ inputs.charts }}]"
requireHeadAheadOfBase: false
matrix: true
path: charts
dir_names: true
dir_names_max_depth: 2
files: |
library/**
- name: Get changed charts
id: changed-charts
uses: tj-actions/changed-files@v45
with:
matrix: true
path: charts
dir_names: true
dir_names_max_depth: 2
files_ignore: |
library/**
release-library-charts:
name: Release Library charts to GitHub pages
uses: ./.github/workflows/charts-release-ghpages.yaml
name: Release library charts
needs:
- prepare
- prepare-release
if: ${{ needs.prepare-release.outputs.libraryChartsToRelease != '[]' }}
uses: ./.github/workflows/charts-release-steps.yaml
permissions:
pages: write
id-token: write
contents: write
packages: write
with:
charts: "${{ needs.prepare.outputs.libraryChartsToRelease }}"
secrets: inherit
charts: ${{ needs.prepare-release.outputs.libraryChartsToRelease }}
excludedChartsRelease: ${{ toJSON(fromJSON(needs.prepare-release.outputs.repoConfiguration).excluded-charts-release) }}
ghPagesBranch: gh-pages
publishToOciRegistry: false
tag-library-charts:
name: Create git tags for library charts
uses: ./.github/workflows/tag-charts.yaml
release-other-charts:
name: Release other charts
needs:
- prepare
- prepare-release
- release-library-charts
if: ${{ needs.prepare-release.outputs.applicationChartsToRelease != '[]' }}
uses: ./.github/workflows/charts-release-steps.yaml
permissions:
pages: write
id-token: write
contents: write
packages: write
with:
charts: "${{ needs.prepare.outputs.libraryChartsToRelease }}"
secrets: inherit
release-application-charts:
name: Release Application charts to GitHub pages
uses: ./.github/workflows/charts-release-ghpages.yaml
needs:
- prepare
- release-library-charts
with:
charts: "${{ needs.prepare.outputs.applicationChartsToRelease }}"
secrets: inherit
tag-application-charts:
name: Create git tags for application charts
uses: ./.github/workflows/tag-charts.yaml
needs:
- prepare
- release-application-charts
with:
charts: "${{ needs.prepare.outputs.applicationChartsToRelease }}"
secrets: inherit
release-github-oci:
name: Release Application charts to GitHub Container Registry
uses: ./.github/workflows/charts-release-oci.yaml
needs:
- prepare
- release-library-charts
with:
charts: "${{ needs.prepare.outputs.applicationChartsToRelease }}"
secrets: inherit
charts: ${{ needs.prepare-release.outputs.applicationChartsToRelease }}
excludedChartsRelease: ${{ toJSON(fromJSON(needs.prepare-release.outputs.repoConfiguration).excluded-charts-release) }}
ghPagesBranch: gh-pages