-
Notifications
You must be signed in to change notification settings - Fork 0
120 lines (105 loc) · 4.17 KB
/
helm_publish.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
name: Publish Helm
on:
push:
tags:
- 'helm-chart-[0-9]+.[0-9]+.[0-9]+'
permissions:
contents: read
jobs:
release:
name: Release Helm chart
runs-on: self-hosted-amd64-1cpu
outputs:
chart_version: ${{ steps.get_versions.outputs.chart_version }}
steps:
- name: Import secrets
uses: hashicorp/vault-action@130d1f5f4fe645bb6c83e4225c04d64cfb62de6e # v2.5.0
id: secrets
with:
exportEnv: false
url: ${{ secrets.VAULT_URL }}
role: ${{ secrets.VAULT_ROLE }}
method: kubernetes
path: kubernetes-ci
secrets: |
kv-gitlab-ci/data/github/shared/github_token token | GITHUB_TOKEN ;
- name: Checkout
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c
- name: Get versions
id: get_versions
run: |
echo "chart_version=$(echo ${GITHUB_REF_NAME} | cut -d '-' -f 3)" >> $GITHUB_OUTPUT
echo "app_version=$(yq -r '.appVersion' helm/Chart.yaml)" >> $GITHUB_OUTPUT
- name: Publish
uses: stefanprodan/helm-gh-pages@master
with:
token: ${{ steps.secrets.outputs.GITHUB_TOKEN }}
charts_dir: .
charts_url: https://charts.wallarm.com
linting: off
repository: helm-charts
branch: main
target_dir: wallarm-sidecar
index_dir: .
app_version: ${{ steps.get_versions.outputs.app_version }}
chart_version: ${{ steps.get_versions.outputs.chart_version }}
update_version:
name: Update package version
runs-on: self-hosted-amd64-1cpu
needs: release
steps:
- name: Import secrets
uses: hashicorp/vault-action@130d1f5f4fe645bb6c83e4225c04d64cfb62de6e # v2.5.0
id: secrets
with:
exportEnv: true
url: ${{ secrets.VAULT_URL }}
role: ${{ secrets.VAULT_ROLE }}
method: kubernetes
path: kubernetes-ci
secrets: |
kv-gitlab-ci/data/github/shared/versions-repo-creds token_secret | GITLAB_TOKEN ;
kv-gitlab-ci/data/github/shared/versions-repo-creds token_secret | GITLAB_TOKEN_NAME ;
kv-gitlab-ci/data/github/shared/versions-repo-creds host | GITLAB_HOST ;
kv-gitlab-ci/data/github/shared/versions-repo-creds repo | GITLAB_REPO ;
- name: Update package version
env:
COMPONENT_NAME: wallarm-sidecar-proxy
COMPONENT_VERSION: ${{ needs.release.outputs.chart_version}}
run: |
PR_BRANCH="update/${COMPONENT_NAME}/${COMPONENT_VERSION}"
COMMIT_MESSAGE="Bump ${COMPONENT_NAME} version to ${COMPONENT_VERSION}"
GITLAB_REPO_URL="https://${GITLAB_TOKEN_NAME}:${GITLAB_TOKEN}@${GITLAB_HOST}/${GITLAB_REPO}"
git clone ${GITLAB_REPO_URL}
cd packages_versions
git checkout -b ${PR_BRANCH}
git config --local user.name 'project_808_bot'
git config --local user.email 'project808_bot@noreply.${GITLAB_HOST}'
cd packages_versions
cat latest.json | jq -r '.body."'"$COMPONENT_NAME"'" += ["'"$COMPONENT_VERSION"'"]' > latest.new.json
mv latest.new.json latest.json
git add latest.json
git commit -m "${COMMIT_MESSAGE}"
git push ${GITLAB_REPO_URL} ${PR_BRANCH}
glab auth login --hostname ${GITLAB_HOST} --token ${GITLAB_TOKEN}
echo "Creating merge request ..."
glab mr create \
--fill \
--yes \
--label ${COMPONENT_NAME} \
--source-branch ${PR_BRANCH} \
--repo https://${GITLAB_HOST}/${GITLAB_REPO}
echo "Approving merge request ..."
glab mr approve \
${PR_BRANCH} \
--repo https://${GITLAB_HOST}/${GITLAB_REPO}
# Sometimes merging is failed without delay
echo "Sleep ..."
sleep 20
echo "Merging ..."
glab mr merge \
${PR_BRANCH} \
--yes \
--remove-source-branch \
--when-pipeline-succeeds=false \
--repo https://${GITLAB_HOST}/${GITLAB_REPO}