add nightly build for OCI format Helm chart

Signed-off-by: Jintao Zhang <[email protected]>

Author: tao12345666333

.github/workflows/charts-nightly.yaml

@@ -0,0 +1,107 @@
+name: charts nightly
+
+on:
+  schedule:
+    - cron: "30 4 * * *"
+  workflow_dispatch: {}
+
+permissions:
+  contents: read
+
+jobs:
+  publish-nightly-chart:
+    name: Publish nightly Helm chart
+    runs-on: ubuntu-latest
+    env:
+      HELM_EXPERIMENTAL_OCI: 1
+    steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
+        with:
+          egress-policy: audit
+
+      - name: Checkout
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+
+      - name: Setup Python
+        uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
+        with:
+          python-version: "3.13"
+
+      - name: Setup toolchain
+        uses: jdx/mise-action@146a28175021df8ca24f8ee1828cc2a60f980bd5 # v3.5.1
+        with:
+          install: true
+
+      - name: Install PyYAML
+        run: python -m pip install --upgrade "pyyaml>=6.0"
+
+      - name: Compute nightly chart metadata
+        id: metadata
+        run: |
+          DATE=$(date -u +%Y%m%d)
+          SHORT_SHA=$(git rev-parse --short "${GITHUB_SHA}")
+          CHART_VERSION="0.0.0-nightly.${DATE}.sha.${SHORT_SHA}"
+          APP_VERSION="$(cat VERSION)-nightly.${DATE}.${SHORT_SHA}"
+          echo "chart_version=${CHART_VERSION}" >> "${GITHUB_OUTPUT}"
+          echo "app_version=${APP_VERSION}" >> "${GITHUB_OUTPUT}"
+          echo "chart_name=nightly-kong-operator-chart" >> "${GITHUB_OUTPUT}"
+          echo "chart_dir=${RUNNER_TEMP}/nightly-kong-operator-chart" >> "${GITHUB_OUTPUT}"
+
+      - name: Prepare chart for publication
+        env:
+          CHART_DIR: ${{ steps.metadata.outputs.chart_dir }}
+          CHART_NAME: ${{ steps.metadata.outputs.chart_name }}
+          CHART_VERSION: ${{ steps.metadata.outputs.chart_version }}
+          APP_VERSION: ${{ steps.metadata.outputs.app_version }}
+        run: |
+          rsync -a charts/kong-operator/ "${CHART_DIR}/"
+          python - <<'PY'
+import os
+import pathlib
+import yaml
+
+chart_dir = pathlib.Path(os.environ["CHART_DIR"])
+chart_path = chart_dir / "Chart.yaml"
+chart = yaml.safe_load(chart_path.read_text())
+chart["name"] = os.environ["CHART_NAME"]
+chart["version"] = os.environ["CHART_VERSION"]
+chart["appVersion"] = os.environ["APP_VERSION"]
+chart_path.write_text(yaml.safe_dump(chart, sort_keys=False))
+
+values_path = chart_dir / "values.yaml"
+values = yaml.safe_load(values_path.read_text())
+values.setdefault("image", {})
+values["image"]["repository"] = "docker.io/kong/nightly-kong-operator"
+values["image"]["tag"] = "nightly"
+values_path.write_text(yaml.safe_dump(values, sort_keys=False))
+PY
+
+      - name: Package chart
+        id: package
+        env:
+          CHART_DIR: ${{ steps.metadata.outputs.chart_dir }}
+        run: |
+          PACKAGE_DIR="${RUNNER_TEMP}/chart-packages"
+          mkdir -p "${PACKAGE_DIR}"
+          helm package "${CHART_DIR}" --destination "${PACKAGE_DIR}"
+          PACKAGE_PATH=$(ls "${PACKAGE_DIR}"/*.tgz)
+          echo "package_path=${PACKAGE_PATH}" >> "${GITHUB_OUTPUT}"
+
+      - name: Log in to Docker Hub
+        env:
+          DOCKERHUB_USERNAME: ${{ vars.DOCKERHUB_PUSH_USERNAME_NIGHTLY }}
+          DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_PUSH_TOKEN_KO_NIGHTLY }}
+        run: |
+          if [ -z "${DOCKERHUB_USERNAME}" ] || [ -z "${DOCKERHUB_TOKEN}" ]; then
+            echo "Docker Hub credentials are missing."
+            exit 1
+          fi
+          echo "${DOCKERHUB_TOKEN}" | helm registry login registry-1.docker.io \
+            --username "${DOCKERHUB_USERNAME}" --password-stdin
+
+      - name: Push nightly chart
+        env:
+          PACKAGE: ${{ steps.package.outputs.package_path }}
+        run: |
+          helm push "${PACKAGE}" oci://registry-1.docker.io/kong