Skip to content

Merge pull request #195 from wallarm/NODE-5872 #77

Merge pull request #195 from wallarm/NODE-5872

Merge pull request #195 from wallarm/NODE-5872 #77

Workflow file for this run

name: Publish Helm
on:
push:
tags:
- 'helm-chart-[0-9]+.[0-9]+.[0-9]+'
- 'helm-chart-[0-9]+.[0-9]+.[0-9]+-rc*'
permissions:
contents: read
jobs:
release:
name: Release Helm chart
runs-on: self-hosted-amd64-1cpu
outputs:
chart_version: ${{ steps.get_versions.outputs.chart_version }}
release_type: ${{ steps.check_release.outputs.type }}
steps:
- name: Import secrets
uses: hashicorp/vault-action@130d1f5f4fe645bb6c83e4225c04d64cfb62de6e # v2.5.0
id: secrets
with:
exportEnv: false
url: ${{ secrets.VAULT_URL }}
role: ${{ secrets.VAULT_ROLE }}
method: kubernetes
path: kubernetes-ci
secrets: |
kv-gitlab-ci/data/github/shared/github_token token | GITHUB_TOKEN ;
- name: Checkout
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c
- name: Check release type
id: check_release
run: |
TYPE="production"
if [[ ${GITHUB_REF#refs/*/} =~ "rc" ]]; then
TYPE="release-candidate"
fi
echo -e "Type: ${TYPE}"
echo "type=${TYPE}" >> $GITHUB_OUTPUT
- name: Get versions
id: get_versions
run: |
echo "chart_version=$(echo ${GITHUB_REF_NAME} | cut -d '-' -f 3,4)" >> $GITHUB_OUTPUT
echo "app_version=$(yq -r '.appVersion' helm/Chart.yaml)" >> $GITHUB_OUTPUT
- name: Publish
uses: stefanprodan/helm-gh-pages@master
with:
token: ${{ steps.secrets.outputs.GITHUB_TOKEN }}
charts_dir: .
charts_url: https://charts.wallarm.com
linting: off
repository: helm-charts
branch: main
target_dir: wallarm-sidecar
index_dir: .
app_version: ${{ steps.get_versions.outputs.app_version }}
chart_version: ${{ steps.get_versions.outputs.chart_version }}
update_version:
name: Update package version
if: needs.release.outputs.release_type == 'production'
runs-on: self-hosted-amd64-1cpu
needs: release
steps:
- name: Import secrets
uses: hashicorp/vault-action@130d1f5f4fe645bb6c83e4225c04d64cfb62de6e # v2.5.0
id: secrets
with:
exportEnv: true
url: ${{ secrets.VAULT_URL }}
role: ${{ secrets.VAULT_ROLE }}
method: kubernetes
path: kubernetes-ci
secrets: |
kv-gitlab-ci/data/github/shared/versions-repo-creds token_secret | GITLAB_TOKEN ;
kv-gitlab-ci/data/github/shared/versions-repo-creds token_secret | GITLAB_TOKEN_NAME ;
kv-gitlab-ci/data/github/shared/versions-repo-creds host | GITLAB_HOST ;
kv-gitlab-ci/data/github/shared/versions-repo-creds repo | GITLAB_REPO ;
- name: Update package version
env:
COMPONENT_NAME: wallarm-sidecar-proxy
COMPONENT_VERSION: ${{ needs.release.outputs.chart_version}}
run: |
PR_BRANCH="update/${COMPONENT_NAME}/${COMPONENT_VERSION}"
COMMIT_MESSAGE="Bump ${COMPONENT_NAME} version to ${COMPONENT_VERSION}"
GITLAB_REPO_URL="https://${GITLAB_TOKEN_NAME}:${GITLAB_TOKEN}@${GITLAB_HOST}/${GITLAB_REPO}"
git clone ${GITLAB_REPO_URL}
cd packages_versions
git checkout -b ${PR_BRANCH}
git config --local user.name 'project_808_bot'
git config --local user.email 'project808_bot@noreply.${GITLAB_HOST}'
cd packages_versions
cat latest.json | jq -r '.body."'"$COMPONENT_NAME"'" += ["'"$COMPONENT_VERSION"'"]' > latest.new.json
mv latest.new.json latest.json
git add latest.json
git commit -m "${COMMIT_MESSAGE}"
git push ${GITLAB_REPO_URL} ${PR_BRANCH}
glab auth login --hostname ${GITLAB_HOST} --token ${GITLAB_TOKEN}
echo "Creating merge request ..."
glab mr create \
--fill \
--yes \
--label ${COMPONENT_NAME} \
--source-branch ${PR_BRANCH} \
--repo https://${GITLAB_HOST}/${GITLAB_REPO}
echo "Approving merge request ..."
glab mr approve \
${PR_BRANCH} \
--repo https://${GITLAB_HOST}/${GITLAB_REPO}
# Sometimes merging is failed without delay
echo "Sleep ..."
sleep 20
echo "Merging ..."
glab mr merge \
${PR_BRANCH} \
--yes \
--remove-source-branch \
--when-pipeline-succeeds=false \
--repo https://${GITLAB_HOST}/${GITLAB_REPO}