-
Notifications
You must be signed in to change notification settings - Fork 127
196 lines (174 loc) · 6.55 KB
/
release.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
name: Release Charts
on:
push:
branches:
- main
env:
GITHUB_USERNAME: draios-jenkins
GITHUB_USER_EMAIL: [email protected]
jobs:
charts-to-release:
runs-on: ubuntu-latest
outputs:
modified-charts-files: ${{ steps.updated-charts.outputs.all_modified_files }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Retrieve a list of updated charts
id: updated-charts
uses: tj-actions/changed-files@v45
with:
files: charts/*/Chart.yaml
generate-changelog:
needs: charts-to-release
if: needs.charts-to-release.outputs.modified-charts-files
runs-on: ubuntu-latest
container: quay.io/sysdig/git-chglog:0.15.1-3-g6e4e27d
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Generate changelog for every updated chart
shell: bash
run: |
set -x
git config --global --add safe.directory '*'
for chart_file in ${{ needs.charts-to-release.outputs.modified-charts-files }}; do
chart_name=$(grep -Po "(?<=^name: ).+" ${chart_file})
chart_version=$(grep -Po "(?<=^version: ).+" ${chart_file})
chart_tag="${chart_name}-${chart_version}"
chart_path="charts/${chart_name}"
# check if a changelog entry already present
if grep -q "^# v$chart_version" "charts/${chart_name}/CHANGELOG.md"
then
echo "Changelog entry already present, skipping"
else
# generate the new changelog entry
git-chglog \
--config .chglog/config-changelog.yml \
--output "/tmp/CHANGELOG_${chart_name}_new.md" \
--tag-filter-pattern "${chart_name}" \
--next-tag "${chart_tag}" \
--path "${chart_path}" "${chart_tag}"
# insert the new changelog entry to the changelog
# file after the '## Change Log' header
cat "/tmp/CHANGELOG_${chart_name}_new.md" \
| sed -i '/^##\ Change Log$/ r /dev/stdin' \
"charts/${chart_name}/CHANGELOG.md"
fi
# generate the release notes for github release
git-chglog \
--config .chglog/config-release.yml \
--output "${chart_path}/RELEASE-NOTES.md" \
--tag-filter-pattern "${chart_name}" \
--next-tag "${chart_tag}" \
--path "${chart_path}" "${chart_tag}"
done
- name: Stash changelog files
uses: actions/upload-artifact@v4
with:
name: generated-changelogs
path: |
charts/*/RELEASE-NOTES.md
charts/*/CHANGELOG.md
release-charts:
needs:
- generate-changelog
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Unstash generated changelogs
uses: actions/download-artifact@v4
with:
name: generated-changelogs
path: charts
- name: Configure Git
run: |
git config user.name "$GITHUB_USERNAME"
git config user.email "$GITHUB_USER_EMAIL"
- name: Import GPG key
run: |
GPG_DIR=".helm-gpg"
mkdir "$GPG_DIR"
KEYRING_FILE="$GPG_DIR/keyring.gpg"
echo "${GPG_PRIVATE_KEY}" | gpg --dearmor --output "${KEYRING_FILE}"
PASSPHRASE_FILE="$GPG_DIR/passphrase"
echo "${GPG_PASSPHRASE}" > "${PASSPHRASE_FILE}"
echo "CR_PASSPHRASE_FILE=$PASSPHRASE_FILE" >> "$GITHUB_ENV"
echo "CR_KEYRING=$KEYRING_FILE" >> "$GITHUB_ENV"
env:
GPG_PASSPHRASE: "${{ secrets.GPG_PASSPHRASE }}"
GPG_PRIVATE_KEY: "${{ secrets.GPG_PRIVATE_KEY }}"
- name: Set up Helm
uses: azure/setup-helm@v4
with:
version: v3.10.3
- name: Bundle chart dependencies
run: make deps
- name: Run Chart Releaser
uses: helm/[email protected]
with:
config: cr.yaml
env:
CR_TOKEN: "${{ secrets.TOOLS_JENKINS_ADMIN_ACCESS_GITHUB_TOKEN }}"
CR_KEY: "${{ secrets.GPG_KEY_NAME }}"
- name: Copy README.md files and GPG public key to gh-pages
run: |
existing_worktree=$(git worktree list --porcelain | grep -B 2 "branch refs/heads/gh-pages" | head -n 1 | cut -d ' ' -f 2)
if [[ $existing_worktree != "" ]]; then git worktree remove -f $existing_worktree; fi
tmp_folder=$(mktemp -d)
git worktree add ${tmp_folder} gh-pages
rm -f -r ${tmp_folder}/charts
cp -r charts ${tmp_folder}/
pushd ${tmp_folder}
git add -A "charts/**/README.md"
git add -A "charts/**/values.yaml"
echo "${GPG_PUBLIC_KEY}" > public.gpg
git add public.gpg
if ! git diff-index --quiet HEAD; then
git pull && git commit -m "github_actions_ci: Update public key" && git push
fi
popd
env:
GPG_PUBLIC_KEY: "${{ secrets.GPG_PUBLIC_KEY }}"
commit-changelogs:
needs:
- charts-to-release
- release-charts
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
token: ${{ secrets.TOOLS_JENKINS_ADMIN_ACCESS_GITHUB_TOKEN }}
- name: Unstash generated changelogs
uses: actions/download-artifact@v4
with:
name: generated-changelogs
path: charts
- name: Configure Git
run: |
git config user.name "$GITHUB_USERNAME"
git config user.email "$GITHUB_USER_EMAIL"
- name: Commit CHANGELOG.md and RELEASE-NOTES.md
run: |
released_charts_files="${{ needs.charts-to-release.outputs.modified-charts-files }}"
echo "released_charts_files: ${released_charts_files}"
# Commit changes locally.
for chart_file in ${released_charts_files}; do
chart_name=$(grep -Po "(?<=^name: ).+" ${chart_file})
chart_version=$(grep -Po "(?<=^version: ).+" ${chart_file})
chart_path="charts/${chart_name}"
git add ${chart_path}/CHANGELOG.md
git add ${chart_path}/RELEASE-NOTES.md
git commit -m "github_actions_ci: Update CHANGELOG and RELEASE-NOTES for ${chart_name}-${chart_version}"
done
# Push changes to the main branch.
git push origin "${GITHUB_REF##*/}":main -f