Skip to content
release_chart

release_chart #49

Sign in to view logs

release_chart

release_chart #49

Workflow file for this run

.github/workflows/release_chart.yaml at 94c58fa
name: release_chart
on:
release:
types:
- published
- edited
workflow_dispatch:
inputs:
release_tag:
description: 'release tag'
required: true
jobs:
release_chart:
name: Release Chart
permissions:
contents: write
packages: write
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Install chart-releaser
run: |
HELM_CHART_RELEASER_VERSION=$(curl -fsSL https://github.com/helm/chart-releaser/releases/latest -H "Accept: application/json" | jq -r .tag_name)
wget -qO "chart-releaser_${HELM_CHART_RELEASER_VERSION#v}_linux_$(dpkg --print-architecture).tar.gz" "https://github.com/helm/chart-releaser/releases/download/${HELM_CHART_RELEASER_VERSION}/chart-releaser_${HELM_CHART_RELEASER_VERSION#v}_linux_$(dpkg --print-architecture).tar.gz"
tar -zxf "chart-releaser_${HELM_CHART_RELEASER_VERSION#v}_linux_$(dpkg --print-architecture).tar.gz"
sudo install cr /usr/local/bin/
rm -f cr chart-releaser_1.4.1_linux_amd64.tar.gz
- name: Install Helm
run: |
curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-4 | bash
- name: Login to GitHub Container Registry
run: echo "${{ secrets.GITHUB_TOKEN }}" | helm registry login ghcr.io -u ${{ github.actor }} --password-stdin
- name: Package Chart
run: cr package deploy/helm/clickhouse-operator
- name: Resolve release ID
run: |
RELEASE_ID="${{ github.event.release.id }}"
if [[ -z "${RELEASE_ID}" ]]; then
RELEASE_ID=$(curl -s -H "Accept: application/json" https://github.com/${{ github.repository }}/releases/${{ github.event.inputs.release_tag }} | jq .id)
fi
echo "RELEASE_ID=$RELEASE_ID" >> "$GITHUB_ENV"
- name: Get Release Assets
id: get_assets
run: |
CHART_PATH=$(ls .cr-release-packages/altinity-clickhouse-operator-*.tgz)
ASSET_NAME=$(basename ${CHART_PATH})
ASSET_ID=$(curl -s -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
"https://api.github.com/repos/${{ github.repository }}/releases/${RELEASE_ID}/assets" | \
jq -r ".[] | select(.name == \"$ASSET_NAME\") | .id")
echo "Asset ID is $ASSET_ID"
echo "asset_id=$ASSET_ID" >> $GITHUB_OUTPUT
- name: Delete Existing Release Artifacts
if: steps.get_assets.outputs.asset_id != ''
run: |
curl -X DELETE -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
"https://api.github.com/repos/${{ github.repository }}/releases/${RELEASE_ID}/assets/${{ steps.get_assets.outputs.asset_id }}"
- name: Upload Release Artifacts
run: |
CHART_PATH=$(ls .cr-release-packages/altinity-clickhouse-operator-*.tgz)
curl -X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
-H "Content-Type: application/gzip" \
-T "${CHART_PATH}" \
"https://uploads.github.com/repos/${GITHUB_REPOSITORY}/releases/${RELEASE_ID}/assets?name=$(basename ${CHART_PATH})"
- name: Validate Helm Repository Configuration
run: |
if [ -z "${{ secrets.HELM_GITHUB_TOKEN }}" ]; then
echo "ERROR: HELM_GITHUB_TOKEN secret is not set or is empty"
echo "Please add HELM_GITHUB_TOKEN to repository secrets with write access to the helm repository"
exit 1
fi
if [ -z "${{ vars.HELM_GITHUB_REPOSITORY }}" ]; then
echo "ERROR: HELM_GITHUB_REPOSITORY variable is not set or is empty"
echo "Please add HELM_GITHUB_REPOSITORY to repository variables (Settings -> Secrets and variables -> Actions -> Variables)"
exit 1
fi
echo "Configuration validated:"
echo " HELM_GITHUB_REPOSITORY: ${{ vars.HELM_GITHUB_REPOSITORY }}"
echo " HELM_GITHUB_TOKEN: [SET]"
- name: Push Helm Chart to OCI Registry
run: |
CHART_PATH=$(ls .cr-release-packages/altinity-clickhouse-operator-*.tgz)
helm push "${CHART_PATH}" oci://ghcr.io/altinity/clickhouse-operator-helm-chart
- name: Upload Release Artifacts to Helm Repo
run: |
cr upload \
--git-repo=${{ vars.HELM_GITHUB_REPOSITORY }} \
--owner=${GITHUB_REPOSITORY_OWNER} \
--release-name-template=${{ github.event.release.name }} \
--token=${{ secrets.HELM_GITHUB_TOKEN }} \
--package-path=.cr-release-packages \
--skip-existing
- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "[email protected]"
- name: Release Chart to Operator Repo
run: |
git remote add httpsorigin "https://github.com/${GITHUB_REPOSITORY}.git"
git fetch httpsorigin
cr index \
--git-repo=${GITHUB_REPOSITORY#*/} \
--owner=${GITHUB_REPOSITORY_OWNER} \
--release-name-template=${{ github.event.release.name }} \
--token=${{ secrets.GITHUB_TOKEN }} \
--index-path=index.yaml \
--remote=httpsorigin \
--push
- name: Release Chart to Helm Repo
run: |
# Validate configuration before attempting to push
if [ -z "${{ vars.HELM_GITHUB_REPOSITORY }}" ]; then
echo "ERROR: HELM_GITHUB_REPOSITORY variable is not set or is empty"
echo "This step requires HELM_GITHUB_REPOSITORY to be set in repository variables"
echo "Go to: Settings -> Secrets and variables -> Actions -> Variables"
exit 1
fi
if [ -z "${{ secrets.HELM_GITHUB_TOKEN }}" ]; then
echo "ERROR: HELM_GITHUB_TOKEN secret is not set or is empty"
echo "This step requires HELM_GITHUB_TOKEN with write access to: ${GITHUB_REPOSITORY_OWNER}/${{ vars.HELM_GITHUB_REPOSITORY }}"
echo "Go to: Settings -> Secrets and variables -> Actions -> Secrets"
exit 1
fi
echo "Attempting to push to helm repository: ${GITHUB_REPOSITORY_OWNER}/${{ vars.HELM_GITHUB_REPOSITORY }}"
# Test token authentication
echo "Testing token authentication..."
TOKEN_USER=$(curl -sS -H "Authorization: token ${{ secrets.HELM_GITHUB_TOKEN }}" https://api.github.com/user | jq -r '.login')
echo "Token authenticated as user: ${TOKEN_USER}"
# Save current directory
WORK_DIR=$(pwd)
# Create a temporary directory for helm repo operations
TEMP_DIR=$(mktemp -d)
cd "$TEMP_DIR"
# Clone the helm repository WITHOUT token in URL to avoid masking issues
echo "Cloning helm repository to temporary directory..."
git clone https://github.com/${GITHUB_REPOSITORY_OWNER}/${{ vars.HELM_GITHUB_REPOSITORY }}.git helm-repo || {
echo "ERROR: Failed to clone helm repository"
echo "Please verify:"
echo " 1. Repository exists: ${GITHUB_REPOSITORY_OWNER}/${{ vars.HELM_GITHUB_REPOSITORY }}"
exit 1
}
cd helm-repo
# Configure git credentials for push
git config user.email "[email protected]"
git config user.name "$GITHUB_ACTOR"
# Set up authentication using git credential helper
git config credential.helper "store --file=.git/credentials"
echo "https://x-access-token:${{ secrets.HELM_GITHUB_TOKEN }}@github.com" > .git/credentials
# Now use cr index from within the helm repo to avoid history conflicts
echo "Generating index.yaml within helm repository context..."
# Copy the package to a local directory within helm repo
mkdir -p .cr-release-packages
cp "$WORK_DIR"/.cr-release-packages/*.tgz .cr-release-packages/ || {
echo "ERROR: No chart packages found in .cr-release-packages"
exit 1
}
# Generate index with cr (this will handle the gh-pages branch automatically)
cr index \
--git-repo=${{ vars.HELM_GITHUB_REPOSITORY }} \
--owner=${GITHUB_REPOSITORY_OWNER} \
--release-name-template=${{ github.event.release.name }} \
--token=${{ secrets.HELM_GITHUB_TOKEN }} \
--package-path=.cr-release-packages \
--index-path=index.yaml \
--push || {
echo "ERROR: Failed to generate or push index to helm repository"
echo "Debug: Current directory is $(pwd)"
echo "Debug: Git remotes:"
git remote -v
echo "Debug: Git status:"
git status
exit 1
}
echo "Successfully updated helm repository index"
# Cleanup
cd /
rm -rf "$TEMP_DIR"