build(deps): bump the github-actions group with 2 updates #54
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Helm Charts - Test and Release | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| workflow_dispatch: | |
| inputs: | |
| release_all: | |
| description: "Release all charts (skip change detection)" | |
| required: false | |
| default: true | |
| type: boolean | |
| permissions: | |
| contents: read | |
| id-token: write | |
| packages: write | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| jobs: | |
| detect-changes: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| charts: ${{ steps.matrix.outputs.charts }} | |
| has-changes: ${{ steps.matrix.outputs.has-changes }} | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Get changed files | |
| id: changes | |
| if: ${{ github.event_name != 'workflow_dispatch' }} | |
| uses: tj-actions/changed-files@22103cc46bda19c2b464ffe86db46df6922fd323 # v47.0.5 | |
| - name: Detect changed charts | |
| id: matrix | |
| env: | |
| MODIFIED_FILES: ${{ steps.changes.outputs.all_modified_files }} | |
| RELEASE_ALL: ${{ github.event.inputs.release_all }} | |
| EVENT_NAME: ${{ github.event_name }} | |
| run: | | |
| set -x | |
| # Get all chart directories | |
| if [ -d "charts" ]; then | |
| charts_dirs=($(ls charts | tr -d " ")) | |
| else | |
| echo "No charts directory found" | |
| echo "charts=[]" >> $GITHUB_OUTPUT | |
| echo "has-changes=false" >> $GITHUB_OUTPUT | |
| exit 0 | |
| fi | |
| echo "Available charts: ${charts_dirs[@]}" | |
| # If workflow_dispatch with release_all, return all charts | |
| if [ "$EVENT_NAME" = "workflow_dispatch" ]; then | |
| echo "π Manual dispatch - releasing all charts" | |
| charts_output=$(jq -nc '[$ARGS.positional[]]' --args "${charts_dirs[@]}") | |
| echo "charts=$charts_output" >> $GITHUB_OUTPUT | |
| echo "has-changes=true" >> $GITHUB_OUTPUT | |
| exit 0 | |
| fi | |
| # Parse modified files | |
| modified_files=(${{ env.MODIFIED_FILES }}) | |
| echo "Modified files: ${modified_files[@]}" | |
| # Check if common chart was changed | |
| common_changed=false | |
| for file in "${modified_files[@]}"; do | |
| if [[ $file =~ charts\/common/.* ]]; then | |
| common_changed=true | |
| echo "β οΈ Common chart changed - will trigger all dependent charts" | |
| break | |
| fi | |
| done | |
| # Find changed charts | |
| changed_charts=() | |
| for chart in "${charts_dirs[@]}"; do | |
| for file in "${modified_files[@]}"; do | |
| if [[ $file =~ charts\/$chart/.* ]]; then | |
| changed_charts+=("$chart") | |
| break | |
| fi | |
| done | |
| done | |
| echo "Changed charts: ${changed_charts[@]}" | |
| # If common chart changed, include all charts | |
| if [ "$common_changed" = true ]; then | |
| echo "π Common changed - adding all charts" | |
| changed_charts=("${charts_dirs[@]}") | |
| fi | |
| echo "Final charts to process: ${changed_charts[@]}" | |
| # Create JSON output | |
| if [ ${#changed_charts[@]} -eq 0 ]; then | |
| echo "charts=[]" >> $GITHUB_OUTPUT | |
| echo "has-changes=false" >> $GITHUB_OUTPUT | |
| else | |
| charts_output=$(jq -nc '[$ARGS.positional[]]' --args "${changed_charts[@]}") | |
| echo "charts=$charts_output" >> $GITHUB_OUTPUT | |
| echo "has-changes=true" >> $GITHUB_OUTPUT | |
| fi | |
| test: | |
| runs-on: ubuntu-latest | |
| needs: detect-changes | |
| if: ${{ needs.detect-changes.outputs.has-changes == 'true' || github.event_name == 'workflow_dispatch' }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| chart: ${{ fromJSON(needs.detect-changes.outputs.charts) }} | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: azure/setup-helm@dda3372f752e03dde6b3237bc9431cdc2f7a02a2 # v5.0.0 | |
| - uses: mikefarah/yq@0f4fb8d35ec1a939d78dd6862f494d19ec589f19 # v4.52.5 | |
| - uses: azure/setup-kubectl@15650b3ad78fff148532a140b8a4c821796b2d7b # v5.0.0 | |
| - name: Update Helm repositories | |
| run: | | |
| echo "π Updating Helm repository indexes (once for all charts)" | |
| helm repo update || echo "No repositories configured, continuing..." | |
| - name: Get chart version | |
| id: vars | |
| run: | | |
| chart_version=$(yq '.version' charts/${{ matrix.chart }}/Chart.yaml) | |
| echo "CHART_VERSION=$chart_version" >> $GITHUB_ENV | |
| echo "Chart ${{ matrix.chart }} version: $chart_version" | |
| - name: Helm dependency update | |
| working-directory: charts/${{ matrix.chart }} | |
| run: | | |
| if grep -q "dependencies:" Chart.yaml 2>/dev/null; then | |
| echo "π¦ Updating dependencies for ${{ matrix.chart }} (resyncs Chart.lock)" | |
| helm dependency update --skip-refresh | |
| else | |
| echo "βΉοΈ No dependencies found for ${{ matrix.chart }}" | |
| fi | |
| - name: Run chart test suite | |
| if: ${{ matrix.chart != 'common' }} | |
| run: | | |
| echo "π Running comprehensive test suite for ${{ matrix.chart }}" | |
| chmod +x ./scripts/test-render.sh | |
| ./scripts/test-render.sh charts/${{ matrix.chart }} | |
| - name: Skip test for library chart | |
| if: ${{ matrix.chart == 'common' }} | |
| run: | | |
| echo "βΉοΈ Skipping tests for library chart: ${{ matrix.chart }}" | |
| - name: Helm package | |
| working-directory: charts/${{ matrix.chart }} | |
| run: | | |
| echo "π Packaging ${{ matrix.chart }}" | |
| helm package . --version ${{ env.CHART_VERSION }} | |
| - name: Upload chart artifact | |
| uses: actions/upload-artifact@v7 | |
| with: | |
| name: chart-${{ matrix.chart }}-${{ env.CHART_VERSION }} | |
| path: charts/${{ matrix.chart }}/${{ matrix.chart }}-${{ env.CHART_VERSION }}.tgz | |
| retention-days: 1 | |
| publish-oci: | |
| runs-on: ubuntu-latest | |
| needs: [detect-changes, test] | |
| if: ${{ needs.detect-changes.outputs.has-changes == 'true' && needs.test.result == 'success' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref == 'refs/heads/main' }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| chart: ${{ fromJSON(needs.detect-changes.outputs.charts) }} | |
| outputs: | |
| charts-published: ${{ steps.collect.outputs.charts }} | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: azure/setup-helm@dda3372f752e03dde6b3237bc9431cdc2f7a02a2 # v5.0.0 | |
| - uses: mikefarah/yq@0f4fb8d35ec1a939d78dd6862f494d19ec589f19 # v4.52.5 | |
| - name: Get chart version | |
| id: vars | |
| run: | | |
| chart_version=$(yq '.version' charts/${{ matrix.chart }}/Chart.yaml) | |
| echo "CHART_VERSION=$chart_version" >> $GITHUB_ENV | |
| repository=${{ github.repository }} | |
| echo "REPOSITORY=${repository@L}" >> $GITHUB_ENV | |
| - name: Download chart artifact | |
| uses: actions/download-artifact@v8 | |
| with: | |
| name: chart-${{ matrix.chart }}-${{ env.CHART_VERSION }} | |
| path: charts/${{ matrix.chart }}/ | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Push Helm chart to GHCR | |
| working-directory: charts/${{ matrix.chart }} | |
| run: | | |
| echo "π Pushing ${{ matrix.chart }} to GHCR" | |
| helm push ${{ matrix.chart }}-${{ env.CHART_VERSION }}.tgz oci://ghcr.io/${{ env.REPOSITORY }} | |
| - name: Collect published charts | |
| id: collect | |
| run: | | |
| echo "charts=${{ matrix.chart }}" >> $GITHUB_OUTPUT | |
| - name: Summary | |
| run: | | |
| echo "### π¦ Chart Published" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "**Chart:** \`${{ matrix.chart }}\`" >> $GITHUB_STEP_SUMMARY | |
| echo "**Version:** \`${{ env.CHART_VERSION }}\`" >> $GITHUB_STEP_SUMMARY | |
| echo "**Registry:** \`oci://ghcr.io/${{ env.REPOSITORY }}/${{ matrix.chart }}\`" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "π Successfully pushed chart to GitHub Container Registry!" >> $GITHUB_STEP_SUMMARY | |
| publish-pages: | |
| runs-on: ubuntu-latest | |
| needs: [detect-changes, test] | |
| if: ${{ always() && needs.test.result == 'success' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref == 'refs/heads/main' }} | |
| permissions: | |
| contents: write # Required for chart-releaser to push to gh-pages branch | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| - uses: azure/setup-helm@dda3372f752e03dde6b3237bc9431cdc2f7a02a2 # v5.0.0 | |
| - uses: mikefarah/yq@0f4fb8d35ec1a939d78dd6862f494d19ec589f19 # v4.52.5 | |
| - name: Get repository info | |
| run: | | |
| repository=${{ github.repository }} | |
| echo "REPOSITORY=${repository@L}" >> $GITHUB_ENV | |
| org_name=$(echo $repository | cut -d'/' -f1) | |
| repo_name=$(echo $repository | cut -d'/' -f2) | |
| echo "ORG_NAME=${org_name@L}" >> $GITHUB_ENV | |
| echo "REPO_NAME=${repo_name@L}" >> $GITHUB_ENV | |
| - name: Configure Git | |
| run: | | |
| git config user.name "$GITHUB_ACTOR" | |
| git config user.email "$GITHUB_ACTOR@users.noreply.github.com" | |
| # Delete existing releases and tags to allow overwrite | |
| - name: Delete existing releases and tags | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| for chart in charts/*/; do | |
| if [ -f "$chart/Chart.yaml" ]; then | |
| chart_name=$(basename "$chart") | |
| version=$(yq '.version' "$chart/Chart.yaml") | |
| tag="${chart_name}-${version}" | |
| echo "ποΈ Checking release/tag: $tag" | |
| # Check if release exists and delete it | |
| if gh release view "$tag" &>/dev/null; then | |
| echo " Deleting release $tag" | |
| gh release delete "$tag" --yes --cleanup-tag | |
| fi | |
| # Force delete tag if it still exists | |
| if git ls-remote --tags origin | grep -q "refs/tags/$tag$"; then | |
| echo " Deleting remote tag $tag" | |
| git push origin ":refs/tags/$tag" | |
| fi | |
| # Delete local tag if exists | |
| git tag -d "$tag" 2>/dev/null || true | |
| fi | |
| done | |
| echo "β Cleanup complete" | |
| - name: Run chart-releaser | |
| uses: helm/chart-releaser-action@cae68fefc6b5f367a0275617c9f83181ba54714f # v1.7.0 | |
| env: | |
| CR_TOKEN: ${{ github.token }} | |
| with: | |
| charts_dir: charts | |
| mark_as_latest: false | |
| - name: Pages Summary | |
| run: | | |
| echo "### π Helm Repository Updated" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "**Charts Repository:** https://${{ env.ORG_NAME }}.github.io/${{ env.REPO_NAME }}" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "Add to Helm with:" >> $GITHUB_STEP_SUMMARY | |
| echo "\`\`\`bash" >> $GITHUB_STEP_SUMMARY | |
| echo "helm repo add ${{ env.ORG_NAME }} https://${{ env.ORG_NAME }}.github.io/${{ env.REPO_NAME }}" >> $GITHUB_STEP_SUMMARY | |
| echo "helm repo update" >> $GITHUB_STEP_SUMMARY | |
| echo "\`\`\`" >> $GITHUB_STEP_SUMMARY |