feat: Split ngrok-operators CRDs into their own chart (#732) #56
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Helm | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - 'helm/ngrok-crds/Chart.yaml' | |
| - 'helm/ngrok-operator/Chart.yaml' | |
| jobs: | |
| changes: | |
| name: Changes | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| outputs: | |
| ngrok-operator: ${{ steps.filter.outputs.ngrok-operator }} | |
| ngrok-crds: ${{ steps.filter.outputs.ngrok-crds }} | |
| permissions: | |
| contents: read | |
| pull-requests: read | |
| if: github.repository == 'ngrok/ngrok-operator' | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@v6 | |
| - name: Check for changes | |
| id: filter | |
| uses: dorny/[email protected] | |
| with: | |
| filters: | | |
| ngrok-operator: | |
| - 'helm/ngrok-operator/Chart.yaml' | |
| ngrok-crds: | |
| - 'helm/ngrok-crds/Chart.yaml' | |
| chart: | |
| name: Release Charts | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| permissions: | |
| contents: write # need to write releases | |
| needs: [changes] | |
| if: | | |
| (github.repository == 'ngrok/ngrok-operator') && | |
| ( | |
| (needs.changes.outputs.ngrok-operator == 'true') || | |
| (needs.changes.outputs.ngrok-crds == 'true') | |
| ) | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@v6 | |
| with: | |
| # Fetch entire history. Required for chart-releaser to work. | |
| fetch-depth: 0 | |
| - name: Configure Git | |
| run: | | |
| git config user.name "$GITHUB_ACTOR" | |
| git config user.email "[email protected]" | |
| - name: Import GPG Key | |
| run: | | |
| echo "${{ secrets.GPG_PRIVATE_KEY }}" | gpg --dearmor --output keyring.gpg | |
| echo "${{ secrets.GPG_PASSWORD }}" > gpg-password.txt | |
| - name: Install Nix | |
| uses: nixbuild/nix-quick-install-action@v34 | |
| - name: Setup Nix Cache | |
| uses: DeterminateSystems/magic-nix-cache-action@b8276522d77f21bf19d3574e5bc99186a6c7aa6c # main commit | |
| - name: Setup Helm | |
| run: nix develop --command make _helm_setup | |
| - name: Run chart-releaser | |
| uses: helm/[email protected] | |
| env: | |
| CR_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| CR_RELEASE_NAME_TEMPLATE: "helm-chart-{{ .Name }}-{{ .Version }}" # Publishes a new release. Ex: helm-chart-ngrok-operator-0.1.0 | |
| CR_SKIP_EXISTING: "true" | |
| CR_KEY: "Team Eng Infra (ngrok.com) (Key for signing ngrok-operator Helm chart) <[email protected]>" # full key name | |
| CR_KEYRING: keyring.gpg | |
| CR_PASSPHRASE_FILE: gpg-password.txt | |
| CR_SIGN: true | |
| with: | |
| charts_dir: helm | |
| - run: ls -alth . | |
| working-directory: ./.cr-release-packages | |
| - name: Push ngrok-crds to charts.ngrok.com | |
| if: needs.changes.outputs.ngrok-crds == 'true' | |
| working-directory: ./.cr-release-packages | |
| env: | |
| CHART_PUSH_AUTH: ${{ secrets.CHART_PUSH_AUTH }} | |
| run: | | |
| for chart in ngrok-crds-*.tgz; do | |
| if [ -f "${chart}.prov" ]; then | |
| echo "Uploading ${chart} and ${chart}.prov" | |
| curl -H "Authorization: Basic ${CHART_PUSH_AUTH}" -F "chart=@${chart}" -F "prov=@${chart}.prov" "https://charts.ngrok.com/api/charts" | |
| else | |
| echo "Uploading ${chart}" | |
| curl -H "Authorization: Basic ${CHART_PUSH_AUTH}" -F "chart=@${chart}" "https://charts.ngrok.com/api/charts" | |
| fi | |
| done | |
| - name: Push ngrok-operator to charts.ngrok.com | |
| if: needs.changes.outputs.ngrok-operator == 'true' | |
| working-directory: ./.cr-release-packages | |
| env: | |
| CHART_PUSH_AUTH: ${{ secrets.CHART_PUSH_AUTH }} | |
| run: | | |
| for chart in ngrok-operator-*.tgz; do | |
| if [ -f "${chart}.prov" ]; then | |
| echo "Uploading ${chart} and ${chart}.prov" | |
| curl -H "Authorization: Basic ${CHART_PUSH_AUTH}" -F "chart=@${chart}" -F "prov=@${chart}.prov" "https://charts.ngrok.com/api/charts" | |
| else | |
| echo "Uploading ${chart}" | |
| curl -H "Authorization: Basic ${CHART_PUSH_AUTH}" -F "chart=@${chart}" "https://charts.ngrok.com/api/charts" | |
| fi | |
| done |