96042481e7
**Description** This changes does a dirty implementation of charttool for catalog building **⚙️ Type of change** - [x] ⚙️ Feature/App addition - [ ] 🪛 Bugfix - [ ] ⚠️ Breaking change (fix or feature that would cause existing functionality to not work as expected) - [x] 🔃 Refactor of current code **🧪 How Has This Been Tested?** <!-- Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration --> **📃 Notes:** <!-- Please enter any other relevant information here --> **✔️ Checklist:** - [ ] ⚖️ My code follows the style guidelines of this project - [ ] 👀 I have performed a self-review of my own code - [ ] #️⃣ I have commented my code, particularly in hard-to-understand areas - [ ] 📄 I have made corresponding changes to the documentation - [ ] ⚠️ My changes generate no new warnings - [ ] 🧪 I have added tests to this description that prove my fix is effective or that my feature works - [ ] ⬆️ I increased versions for any altered app according to semantic versioning **➕ App addition** If this PR is an app addition please make sure you have done the following. - [ ] 🖼️ I have added an icon in the Chart's root directory called `icon.png` --- _Please don't blindly check all the boxes. Read them and only check those that apply. Those checkboxes are there for the reviewer to see what is this all about and the status of this PR with a quick glance._
397 lines
17 KiB
YAML
397 lines
17 KiB
YAML
name: "Charts: Release"
|
|
|
|
concurrency: helm-release
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
push:
|
|
branches:
|
|
- master
|
|
paths:
|
|
- "charts/**"
|
|
|
|
jobs:
|
|
release-helm:
|
|
runs-on: ubuntu-latest
|
|
container:
|
|
image: ghcr.io/truecharts/devcontainer:3.1.10@sha256:c239addf725eb5cedf79517f8089fdafdc32b5270d1893ee87ae6e511b9bcae3
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
|
|
with:
|
|
token: ${{ secrets.BOT_TOKEN }}
|
|
fetch-depth: 1
|
|
|
|
- name: Checkout Helm-Staging
|
|
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
|
|
with:
|
|
fetch-depth: 1
|
|
repository: truecharts/helm-staging
|
|
token: ${{ secrets.BOT_TOKEN }}
|
|
path: helm
|
|
|
|
- name: Fix Pre-Commit issues
|
|
shell: bash
|
|
run: |
|
|
echo "Running pre-commit test-and-cleanup..."
|
|
pre-commit run --all ||:
|
|
# Fix sh files to always be executable
|
|
find . -name '*.sh' | xargs chmod +x
|
|
|
|
- name: Commit Helm Changes
|
|
run: |
|
|
rm -rf helm/charts
|
|
mkdir helm/charts
|
|
cp -rf charts helm
|
|
|
|
- name: Commit Helm Changes
|
|
run: |
|
|
cd helm
|
|
git config user.name "TrueCharts-Bot"
|
|
git config user.email "bot@truecharts.org"
|
|
git add --all
|
|
git commit -sm "Commit released Helm Charts for TrueCharts" || exit 0
|
|
git push
|
|
cd -
|
|
|
|
release-scale:
|
|
runs-on: ubuntu-latest
|
|
outputs:
|
|
ref: ${{ steps.save-commit-hash.outputs.commit_hash }}
|
|
steps:
|
|
- name: Install Kubernetes tools
|
|
uses: yokawasa/action-setup-kube-tools@93f6df178ec13d1b814a7622073ba28727716ca2 # v0.10.0
|
|
with:
|
|
setup-tools: |
|
|
helmv3
|
|
helm: "3.14.0"
|
|
|
|
- name: Prep Helm
|
|
run: |
|
|
helm repo add jetstack https://charts.jetstack.io
|
|
helm repo add vmwaretanzu https://vmware-tanzu.github.io/helm-charts
|
|
helm repo add cnpg https://cloudnative-pg.github.io/charts
|
|
helm repo add metallb https://metallb.github.io/metallb
|
|
helm repo update
|
|
|
|
- name: Prep go-yq
|
|
run: |
|
|
wget https://github.com/mikefarah/yq/releases/download/v4.26.1/yq_linux_amd64 -O /usr/local/bin/go-yq && chmod +x /usr/local/bin/go-yq
|
|
|
|
# Optional step if GPG signing is used
|
|
- name: Prepare GPG key
|
|
shell: bash
|
|
run: |
|
|
gpg_dir=.cr-gpg
|
|
mkdir -p "$gpg_dir"
|
|
keyring="$gpg_dir/secring.gpg"
|
|
base64 -d <<< "$GPG_KEYRING_BASE64" > "$keyring"
|
|
passphrase_file="$gpg_dir/passphrase"
|
|
echo "$GPG_PASSPHRASE" > "$passphrase_file"
|
|
echo "CR_PASSPHRASE_FILE=$passphrase_file" >> "$GITHUB_ENV"
|
|
echo "CR_KEYRING=$keyring" >> "$GITHUB_ENV"
|
|
env:
|
|
GPG_KEYRING_BASE64: "${{ secrets.GPG_KEYRING_BASE64 }}"
|
|
GPG_PASSPHRASE: "${{ secrets.GPG_PASSPHRASE }}"
|
|
|
|
- name: Checkout
|
|
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
|
|
with:
|
|
token: ${{ secrets.BOT_TOKEN }}
|
|
fetch-depth: 0
|
|
|
|
- name: Setting repo parent dir as safe safe.directory
|
|
run: git config --global --add safe.directory "$GITHUB_WORKSPACE"
|
|
|
|
- name: Collect changes
|
|
id: collect-changes
|
|
uses: ./.github/actions/collect-changes
|
|
|
|
- name: Generate Changelog
|
|
shell: bash
|
|
if: |
|
|
steps.collect-changes.outputs.changesDetectedAfterTag == 'true'
|
|
run: |
|
|
CHARTS=(${{ steps.collect-changes.outputs.modifiedChartsAfterTag }})
|
|
parthreads=$(($(nproc) * 2))
|
|
parallel -j ${parthreads} .github/scripts/changelog.sh '2>&1' ::: ${CHARTS[@]}
|
|
|
|
- name: Fix Pre-Commit issues
|
|
shell: bash
|
|
if: |
|
|
steps.collect-changes.outputs.changesDetectedAfterTag == 'true'
|
|
run: |
|
|
echo "Running pre-commit test-and-cleanup..."
|
|
pre-commit run --all ||:
|
|
# Fix sh files to always be executable
|
|
find . -name '*.sh' | xargs chmod +x
|
|
|
|
- name: Checkout
|
|
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
|
|
if: |
|
|
steps.collect-changes.outputs.changesDetectedAfterTag == 'true'
|
|
with:
|
|
fetch-depth: 1
|
|
repository: truecharts/website
|
|
token: ${{ secrets.BOT_TOKEN }}
|
|
path: website
|
|
|
|
- name: Copy docs to website
|
|
if: |
|
|
steps.collect-changes.outputs.changesDetectedAfterTag == 'true'
|
|
shell: bash
|
|
run: |
|
|
#!/bin/bash
|
|
CHARTS=(${{ steps.collect-changes.outputs.modifiedChartsAfterTag }})
|
|
echo "Removing Chart Docs prior to regeneration..."
|
|
mkdir -p website/static/img/hotlink-ok/chart-icons || echo "chart-icons path already exists, continuing..."
|
|
for i in "${CHARTS[@]}"
|
|
do
|
|
IFS='/' read -r -a chart_parts <<< "$i"
|
|
if [ -f "charts/${chart_parts[0]}"/"${chart_parts[1]}/Chart.yaml" ]; then
|
|
train=${chart_parts[0]}
|
|
chart=${chart_parts[1]}
|
|
echo "copying docs to website for ${chart}"
|
|
mkdir -p website/docs/charts/${train}/${chart} || echo "chart path already exists, continuing..."
|
|
mkdir -p tmp/website/docs/charts/${train}/${chart}/ || echo "chart path already exists, continuing..."
|
|
if [[ -f "website/docs/charts/${train}/${chart}/CHANGELOG.md" ]]; then
|
|
echo "changelog found..."
|
|
true
|
|
else
|
|
echo "changelog not found, starting with empty changelog..."
|
|
touch "website/docs/charts/${train}/${chart}/CHANGELOG.md"
|
|
fi
|
|
|
|
echo "Keeping some docs safe..."
|
|
# keep some docs safe
|
|
mv -f website/docs/charts/${train}/${chart}/CHANGELOG.md tmp/website/docs/charts/${train}/${chart}/CHANGELOG.md || :
|
|
|
|
echo "Removing old docs and recreating based on charts repo..."
|
|
# remove old docs everywhere and recreate based on charts repo
|
|
rm -rf website/docs/charts/*/${chart} || :
|
|
mkdir -p website/docs/charts/${train}/${chart} || echo "chart path already exists, continuing..."
|
|
yes | cp -rf charts/${train}/${chart}/docs/* website/docs/charts/${train}/${chart}/ 2>/dev/null || :
|
|
yes | cp -rf charts/${train}/${chart}/icon.png website/static/img/hotlink-ok/chart-icons/${chart}.png 2>/dev/null || :
|
|
yes | cp -rf charts/${train}/${chart}/screenshots/* website/static/img/hotlink-ok/chart-screenshots/${chart}/ 2>/dev/null || :
|
|
|
|
echo "Copying back kept docs..."
|
|
# Copy over kept documents
|
|
mv -f tmp/website/docs/charts/${train}/${chart}/CHANGELOG.md website/docs/charts/${train}/${chart}/CHANGELOG.md 2>/dev/null || :
|
|
|
|
echo "Appending SCALE changelog to actual changelog..."
|
|
# Add SCALE changelog to actual changelog
|
|
# Remove header from changelog
|
|
sed -i '/^---$/,/^---$/d' "website/docs/charts/${train}/${chart}/CHANGELOG.md"
|
|
# Prepend app-changelog to changelog
|
|
cat "charts/${train}/${chart}/app-changelog.md" | cat - "website/docs/charts/${train}/${chart}/CHANGELOG.md" > temp && mv temp "website/docs/charts/${train}/${chart}/CHANGELOG.md"
|
|
echo "Adding changelog header..."
|
|
sed -i '1s/^/---\ntitle: Changelog\n---\n\n/' "website/docs/charts/${train}/${chart}/CHANGELOG.md" || echo "failed to add changelog header..."
|
|
|
|
echo "Creating index.md..."
|
|
touch website/docs/charts/${train}/${chart}/index.md
|
|
(
|
|
echo "---"
|
|
echo "title: ${chart}"
|
|
echo "---"
|
|
) >> website/docs/charts/${train}/${chart}/index.md
|
|
echo "" >> website/docs/charts/${train}/${chart}/index.md
|
|
version=$(cat charts/${train}/${chart}/Chart.yaml | grep "^version: " | awk -F" " '{ print $2 }')
|
|
appversion=$(cat charts/${train}/${chart}/Chart.yaml | grep "^appVersion: " | awk -F" " '{ print $2 }')
|
|
echo '![Version: '"${version}"'](https://img.shields.io/badge/Version-'"${version}"'-informational?style=flat-square)  ![AppVersion: '"${appversion}"'](https://img.shields.io/badge/AppVersion-'"${appversion}"'-informational?style=flat-square)' >> website/docs/charts/${train}/${chart}/index.md
|
|
echo "" >> website/docs/charts/${train}/${chart}/index.md
|
|
cat charts/${train}/${chart}/Chart.yaml | yq .description -r >> website/docs/charts/${train}/${chart}/index.md
|
|
echo "" >> website/docs/charts/${train}/${chart}/index.md
|
|
echo "## Chart Sources" >> website/docs/charts/${train}/${chart}/index.md
|
|
echo "" >> website/docs/charts/${train}/${chart}/index.md
|
|
cat charts/${train}/${chart}/Chart.yaml | go-yq .sources -r >> website/docs/charts/${train}/${chart}/index.md
|
|
echo "" >> website/docs/charts/${train}/${chart}/index.md
|
|
echo "## Available Documentation" >> website/docs/charts/${train}/${chart}/index.md
|
|
echo "" >> website/docs/charts/${train}/${chart}/index.md
|
|
|
|
echo "Iterating over all files in the docs directory..."
|
|
# Iterate over all files in the docs directory
|
|
for file in website/docs/charts/${train}/${chart}/*.md; do
|
|
# Extract the file name and first line from each file
|
|
filename=$(basename "${file}")
|
|
echo "Found doc file: ${file}"
|
|
ok_title="false"
|
|
echo "Getting the first line"
|
|
h=$(head -n 1 "${file}")
|
|
echo "The first line is: ${h}. Checking validity..."
|
|
# Check if the first line has ---
|
|
if [[ "${h}" == "---" ]]; then
|
|
echo "First line is ---, continuing..."
|
|
ok_title="true"
|
|
elif [[ "${h}" == "# "* ]]; then
|
|
echo "First line is #..."
|
|
ok_title="false"
|
|
fi
|
|
if [ ${ok_title} == "false" ]; then
|
|
echo "Doc title should use front matter and not # for title, for example"
|
|
echo "---"
|
|
echo "title: some title"
|
|
echo "---"
|
|
else
|
|
echo "Not bad title found, continuing..."
|
|
title=$(cat "${file}" | grep "title: " | sed 's/title: //' | head -n 1)
|
|
echo "The title is: ${title}"
|
|
# Create a markdown link using the file name and title
|
|
link="[**${title}**](./${filename})"
|
|
echo "The link is: ${link}"
|
|
if [ ${filename} != "index.md" ]; then
|
|
# Append the link to the index.md file
|
|
echo "- ${link}" >> website/docs/charts/${train}/${chart}/index.md
|
|
fi
|
|
fi
|
|
done
|
|
|
|
rm -rf temp || :
|
|
fi
|
|
done
|
|
|
|
- name: Commit Website Changes
|
|
if: |
|
|
steps.collect-changes.outputs.changesDetected == 'true'
|
|
run: |
|
|
cd website
|
|
git config user.name "TrueCharts-Bot"
|
|
git config user.email "bot@truecharts.org"
|
|
git add --all
|
|
git commit -sm "Commit released docs for TrueCharts" || exit 0
|
|
git push
|
|
|
|
- name: Checkout Catalog
|
|
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
|
|
if: |
|
|
steps.collect-changes.outputs.changesDetectedAfterTag == 'true'
|
|
with:
|
|
fetch-depth: 1
|
|
repository: truecharts/catalog
|
|
token: ${{ secrets.BOT_TOKEN }}
|
|
ref: staging
|
|
path: catalog
|
|
|
|
- name: build catalog
|
|
shell: bash
|
|
if: |
|
|
steps.collect-changes.outputs.changesDetectedAfterTag == 'true'
|
|
run: |
|
|
CHARTS=(${{ steps.collect-changes.outputs.modifiedChartsAfterTag }})
|
|
./charttool deps
|
|
./charttool buildSCALE
|
|
pip install yq
|
|
parthreads=$(($(nproc) * 2))
|
|
parallel -j ${parthreads} .github/scripts/build-catalog.sh '2>&1' ::: ${CHARTS[@]}
|
|
rm -rf website
|
|
|
|
- name: Commit Catalog
|
|
if: |
|
|
steps.collect-changes.outputs.changesDetected == 'true'
|
|
run: |
|
|
cd catalog
|
|
git config user.name "TrueCharts-Bot"
|
|
git config user.email "bot@truecharts.org"
|
|
git add --all
|
|
git commit -sm "Commit new Chart releases for TrueCharts" || exit 0
|
|
git push
|
|
cd -
|
|
rm -rf catalog
|
|
|
|
- name: set git author
|
|
if: |
|
|
steps.collect-changes.outputs.changesDetectedAfterTag == 'true'
|
|
shell: bash
|
|
run: |
|
|
git config user.name "TrueCharts-Bot"
|
|
git config user.email "bot@truecharts.org"
|
|
|
|
- name: Install Helm
|
|
uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # tag=v3
|
|
with:
|
|
version: v3.14.0
|
|
|
|
# Optional step if GPG signing is used
|
|
- name: Prepare GPG key
|
|
shell: bash
|
|
run: |
|
|
gpg_dir=.cr-gpg
|
|
mkdir -p "$gpg_dir"
|
|
keyring="$gpg_dir/secring.gpg"
|
|
base64 -d <<< "$GPG_KEYRING_BASE64" > "$keyring"
|
|
passphrase_file="$gpg_dir/passphrase"
|
|
echo "$GPG_PASSPHRASE" > "$passphrase_file"
|
|
echo "CR_PASSPHRASE_FILE=$passphrase_file" >> "$GITHUB_ENV"
|
|
echo "CR_KEYRING=$keyring" >> "$GITHUB_ENV"
|
|
env:
|
|
GPG_KEYRING_BASE64: "${{ secrets.GPG_KEYRING_BASE64 }}"
|
|
GPG_PASSPHRASE: "${{ secrets.GPG_PASSPHRASE }}"
|
|
|
|
- name: Clean Questions
|
|
shell: bash
|
|
run: |
|
|
find . -type f -name 'questions.yaml' -exec rm {} \;
|
|
|
|
- name: Run chart-releaser for dependency apps
|
|
uses: helm/chart-releaser-action@a917fd15b20e8b64b94d9158ad54cd6345335584 # v1.6.0
|
|
if: |
|
|
steps.collect-changes.outputs.changesDetectedAfterTag == 'true'
|
|
with:
|
|
charts_dir: charts/dependency
|
|
charts_repo_url: https://deps.truecharts.org
|
|
config: cr.yaml
|
|
env:
|
|
CR_TOKEN: "${{ secrets.BOT_TOKEN }}"
|
|
CR_SKIP_EXISTING: "true"
|
|
|
|
- name: Helm | Login
|
|
shell: bash
|
|
env:
|
|
HELM_EXPERIMENTAL_OCI: 1
|
|
run: echo ${{ secrets.QUAY_SECRET }} | helm registry login -u ${{ secrets.QUAY_USER }} --password-stdin quay.io
|
|
|
|
- name: Push Charts to Quay
|
|
shell: bash
|
|
env:
|
|
HELM_EXPERIMENTAL_OCI: 1
|
|
run: |
|
|
for pkg in .cr-release-packages/*.tgz; do
|
|
if [ -z "${pkg:-}" ]; then
|
|
break
|
|
fi
|
|
filename=$(basename "$pkg")
|
|
name="${filename%%-[0-9]*.[0-9]*.[0-9]*.tgz}"
|
|
echo "uploading $name"
|
|
helm push "${pkg}" oci://quay.io/truecharts || echo "failed to upload $pkg to OCI"
|
|
curl -X POST -H "Content-Type: application/json" -d '{"visibility": "public"}' -H "Authorization: Bearer ${{ secrets.QUAY_TOKEN }}" "https://quay.io/api/v1/repository/truecharts/$name/changevisibility" || echo "failed to set $pkg to public on OCI"
|
|
done
|
|
|
|
- name: Helm | Logout
|
|
shell: bash
|
|
env:
|
|
HELM_EXPERIMENTAL_OCI: 1
|
|
run: helm registry logout quay.io
|
|
|
|
- name: Tag App Releases
|
|
if: |
|
|
steps.collect-changes.outputs.changesDetectedAfterTag == 'true'
|
|
shell: bash
|
|
run: |
|
|
#!/bin/bash
|
|
CHARTS=(${{ steps.collect-changes.outputs.modifiedChartsAfterTag }})
|
|
echo "Removing Chart Docs prior to regeneration..."
|
|
mkdir -p website/static/img/hotlink-ok/chart-icons || echo "chart-icons path already exists, continuing..."
|
|
for i in "${CHARTS[@]}"
|
|
do
|
|
IFS='/' read -r -a chart_parts <<< "$i"
|
|
if [ -f "charts/${chart_parts[0]}"/"${chart_parts[1]}/Chart.yaml" ]; then
|
|
train=${chart_parts[0]}
|
|
chart=${chart_parts[1]}
|
|
if [ "${train}" != "dependency" ]; then
|
|
echo "creating tag for ${chart}"
|
|
version=$(cat charts/${train}/${chart}/Chart.yaml | grep '^version: ' | awk -F" " '{ print $2 }' | head -1)
|
|
git tag ${chart}-${version} || echo "tag failed for ${chart}-${version}"
|
|
fi
|
|
fi
|
|
done
|
|
git push --tags
|