Files
library-charts/.github/workflows/common.release.yaml
TrueCharts Bot 977ec2ee77 chore(deps): update actions/checkout digest to 0ad4b8f (#807)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://togithub.com/actions/checkout) | action |
digest | `44c2b7a` -> `0ad4b8f` |

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled because a matching PR was automerged
previously.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://togithub.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTMuMCIsInVwZGF0ZWRJblZlciI6IjM3LjM1My4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
2024-05-19 13:01:13 +02:00

81 lines
2.4 KiB
YAML

name: "Charts: Release"
concurrency: helm-release
on:
workflow_dispatch:
push:
branches:
- main
paths:
- ".github/**"
- "library/**"
jobs:
release-charts:
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4
with:
token: ${{ secrets.BOT_TOKEN }}
ref: main
fetch-depth: 0
- name: Configure Git
run: |
git config user.name "TrueCharts-Bot"
git config user.email "bot@truecharts.org"
- name: Install Helm
uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4
with:
version: v3.14.4
# Optional step if GPG signing is used
- name: Prepare GPG key
run: |
gpg_dir=.cr-gpg
mkdir "$gpg_dir"
keyring="$gpg_dir/secring.gpg"
base64 -d <<< "$GPG_KEYRING_BASE64" > "$keyring"
passphrase_file="$gpg_dir/passphrase"
echo "$GPG_PASSPHRASE" > "$passphrase_file"
echo "CR_PASSPHRASE_FILE=$passphrase_file" >> "$GITHUB_ENV"
echo "CR_KEYRING=$keyring" >> "$GITHUB_ENV"
env:
GPG_KEYRING_BASE64: "${{ secrets.GPG_KEYRING_BASE64 }}"
GPG_PASSPHRASE: "${{ secrets.GPG_PASSPHRASE }}"
- name: Run chart-releaser
uses: helm/chart-releaser-action@a917fd15b20e8b64b94d9158ad54cd6345335584 # v1.6.0
with:
charts_dir: library
config: cr.yaml
env:
CR_TOKEN: "${{ secrets.BOT_TOKEN }}"
CR_SKIP_EXISTING: "true"
- name: Helm | Login
shell: bash
run: echo ${{ secrets.QUAY_SECRET }} | helm registry login -u ${{ secrets.QUAY_USER }} --password-stdin quay.io
- name: Push Charts to Quay
shell: bash
run: |
for pkg in .cr-release-packages/*.tgz; do
if [ -z "${pkg:-}" ]; then
break
fi
filename=$(basename "$pkg")
name="${filename%%-[0-9]*.[0-9]*.[0-9]*.tgz}"
echo "uploading $name"
helm push "${pkg}" oci://quay.io/truecharts || echo "failed to upload $pkg to OCI"
curl -X POST -H "Content-Type: application/json" -d '{"visibility": "public"}' -H "Authorization: Bearer ${{ secrets.QUAY_TOKEN }}" "https://quay.io/api/v1/repository/truecharts/$name/changevisibility" || echo "failed to set $pkg to public on OCI"
done
- name: Helm | Logout
shell: bash
run: helm registry logout quay.io