name: "Charts: Release" concurrency: helm-release on: workflow_dispatch: push: branches: - master paths: - "charts/**" jobs: release-helm: runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 with: token: ${{ secrets.BOT_TOKEN }} fetch-depth: 1 - name: Checkout Helm-Staging uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 with: fetch-depth: 1 repository: truecharts/helm-staging token: ${{ secrets.BOT_TOKEN }} path: helm - name: Install pre-commit, yamale and yamllint run: | pip3 install --no-cache-dir pre-commit - name: Fix Pre-Commit issues shell: bash run: | echo "Running pre-commit test-and-cleanup..." pre-commit run --all ||: # Fix sh files to always be executable find . -name '*.sh' | xargs chmod +x # Optional step if GPG signing is used - name: Clean Questions shell: bash run: | find ./helm -type f -name 'questions.yaml' -exec rm {} \; - name: Commit Helm Changes run: | rm -rf helm/charts mkdir helm/charts cp -rf charts helm - name: Commit Helm Changes run: | cd helm git config user.name "TrueCharts-Bot" git config user.email "bot@truecharts.org" git add --all git commit -sm "Commit released Helm Charts for TrueCharts" || exit 0 git push cd - release-scale: runs-on: ubuntu-latest outputs: ref: ${{ steps.save-commit-hash.outputs.commit_hash }} steps: - name: Install Kubernetes tools uses: yokawasa/action-setup-kube-tools@dc0754a9a47b40f22f9bd52ffb082bbe6d142b22 # v0.11.0 with: setup-tools: | helmv3 helm: "3.14.0" - name: Prep go-yq run: | wget https://github.com/mikefarah/yq/releases/download/v4.26.1/yq_linux_amd64 -O /usr/local/bin/go-yq && chmod +x /usr/local/bin/go-yq # Optional step if GPG signing is used - name: Prepare GPG key shell: bash run: | gpg_dir=.cr-gpg mkdir -p "$gpg_dir" keyring="$gpg_dir/secring.gpg" base64 -d <<< "$GPG_KEYRING_BASE64" > "$keyring" passphrase_file="$gpg_dir/passphrase" echo "$GPG_PASSPHRASE" > "$passphrase_file" echo "CR_PASSPHRASE_FILE=$passphrase_file" >> "$GITHUB_ENV" echo "CR_KEYRING=$keyring" >> "$GITHUB_ENV" env: GPG_KEYRING_BASE64: "${{ secrets.GPG_KEYRING_BASE64 }}" GPG_PASSPHRASE: "${{ secrets.GPG_PASSPHRASE }}" - name: Checkout uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 with: token: ${{ secrets.BOT_TOKEN }} fetch-depth: 0 - name: Prep Helm shell: bash run: | ./.github/scripts/prep_helm.sh - name: Setting repo parent dir as safe safe.directory run: git config --global --add safe.directory "$GITHUB_WORKSPACE" - name: Collect changes id: collect-changes uses: ./.github/actions/collect-changes - name: Generate Changelog shell: bash if: | steps.collect-changes.outputs.changesDetectedAfterTag == 'true' run: | export GOBIN=/usr/local/bin/ go install github.com/git-chglog/git-chglog/cmd/git-chglog@latest CHARTS=(${{ steps.collect-changes.outputs.modifiedChartsAfterTag }}) parthreads=$(($(nproc) * 2)) parallel -j ${parthreads} .github/scripts/changelog.sh '2>&1' ::: ${CHARTS[@]} - name: Fix Pre-Commit issues shell: bash if: | steps.collect-changes.outputs.changesDetectedAfterTag == 'true' run: | echo "Running pre-commit test-and-cleanup..." pre-commit run --all ||: # Fix sh files to always be executable find . -name '*.sh' | xargs chmod +x - name: Checkout uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 if: | steps.collect-changes.outputs.changesDetectedAfterTag == 'true' with: fetch-depth: 1 repository: truecharts/website token: ${{ secrets.BOT_TOKEN }} path: website - name: Copy docs to website if: | steps.collect-changes.outputs.changesDetectedAfterTag == 'true' shell: bash run: | #!/bin/bash CHARTS=(${{ steps.collect-changes.outputs.modifiedChartsAfterTag }}) echo "Removing Chart Docs prior to regeneration..." mkdir -p website/static/img/hotlink-ok/chart-icons || echo "chart-icons path already exists, continuing..." for i in "${CHARTS[@]}" do IFS='/' read -r -a chart_parts <<< "$i" if [ -f "charts/${chart_parts[0]}"/"${chart_parts[1]}/Chart.yaml" ]; then train=${chart_parts[0]} chart=${chart_parts[1]} echo "copying docs to website for ${chart}" mkdir -p website/docs/charts/${train}/${chart} || echo "chart path already exists, continuing..." mkdir -p tmp/website/docs/charts/${train}/${chart}/ || echo "chart path already exists, continuing..." if [[ -f "website/docs/charts/${train}/${chart}/CHANGELOG.md" ]]; then echo "changelog found..." true else echo "changelog not found, starting with empty changelog..." touch "website/docs/charts/${train}/${chart}/CHANGELOG.md" fi echo "Keeping some docs safe..." # keep some docs safe mv -f website/docs/charts/${train}/${chart}/CHANGELOG.md tmp/website/docs/charts/${train}/${chart}/CHANGELOG.md || : echo "Removing old docs and recreating based on charts repo..." # remove old docs everywhere and recreate based on charts repo rm -rf website/docs/charts/*/${chart} || : mkdir -p website/docs/charts/${train}/${chart} || echo "chart path already exists, continuing..." yes | cp -rf charts/${train}/${chart}/docs/* website/docs/charts/${train}/${chart}/ 2>/dev/null || : yes | cp -rf charts/${train}/${chart}/icon.png website/static/img/hotlink-ok/chart-icons/${chart}.png 2>/dev/null || : yes | cp -rf charts/${train}/${chart}/screenshots/* website/static/img/hotlink-ok/chart-screenshots/${chart}/ 2>/dev/null || : echo "Copying back kept docs..." # Copy over kept documents mv -f tmp/website/docs/charts/${train}/${chart}/CHANGELOG.md website/docs/charts/${train}/${chart}/CHANGELOG.md 2>/dev/null || : echo "Appending SCALE changelog to actual changelog..." # Add SCALE changelog to actual changelog # Remove header from changelog sed -i '/^---$/,/^---$/d' "website/docs/charts/${train}/${chart}/CHANGELOG.md" # Prepend app-changelog to changelog cat "charts/${train}/${chart}/app-changelog.md" | cat - "website/docs/charts/${train}/${chart}/CHANGELOG.md" > temp && mv temp "website/docs/charts/${train}/${chart}/CHANGELOG.md" echo "Adding changelog header..." sed -i '1s/^/---\ntitle: Changelog\n---\n\n/' "website/docs/charts/${train}/${chart}/CHANGELOG.md" || echo "failed to add changelog header..." echo "Creating index.md..." touch website/docs/charts/${train}/${chart}/index.md ( echo "---" echo "title: ${chart}" echo "---" ) >> website/docs/charts/${train}/${chart}/index.md echo "" >> website/docs/charts/${train}/${chart}/index.md version=$(cat charts/${train}/${chart}/Chart.yaml | grep "^version: " | awk -F" " '{ print $2 }') appversion=$(cat charts/${train}/${chart}/Chart.yaml | grep "^appVersion: " | awk -F" " '{ print $2 }') echo '![Version: '"${version}"'](https://img.shields.io/badge/Version-'"${version}"'-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: '"${appversion}"'](https://img.shields.io/badge/AppVersion-'"${appversion}"'-informational?style=flat-square)' >> website/docs/charts/${train}/${chart}/index.md echo "" >> website/docs/charts/${train}/${chart}/index.md cat charts/${train}/${chart}/Chart.yaml | yq .description -r >> website/docs/charts/${train}/${chart}/index.md echo "" >> website/docs/charts/${train}/${chart}/index.md echo "## Chart Sources" >> website/docs/charts/${train}/${chart}/index.md echo "" >> website/docs/charts/${train}/${chart}/index.md cat charts/${train}/${chart}/Chart.yaml | go-yq .sources -r >> website/docs/charts/${train}/${chart}/index.md echo "" >> website/docs/charts/${train}/${chart}/index.md echo "## Available Documentation" >> website/docs/charts/${train}/${chart}/index.md echo "" >> website/docs/charts/${train}/${chart}/index.md echo "Iterating over all files in the docs directory..." # Iterate over all files in the docs directory for file in website/docs/charts/${train}/${chart}/*.md; do # Extract the file name and first line from each file filename=$(basename "${file}") echo "Found doc file: ${file}" ok_title="false" echo "Getting the first line" h=$(head -n 1 "${file}") echo "The first line is: ${h}. Checking validity..." # Check if the first line has --- if [[ "${h}" == "---" ]]; then echo "First line is ---, continuing..." ok_title="true" elif [[ "${h}" == "# "* ]]; then echo "First line is #..." ok_title="false" fi if [ ${ok_title} == "false" ]; then echo "Doc title should use front matter and not # for title, for example" echo "---" echo "title: some title" echo "---" else echo "Not bad title found, continuing..." title=$(cat "${file}" | grep "title: " | sed 's/title: //' | head -n 1) echo "The title is: ${title}" # Create a markdown link using the file name and title link="[**${title}**](./${filename})" echo "The link is: ${link}" if [ ${filename} != "index.md" ]; then # Append the link to the index.md file echo "- ${link}" >> website/docs/charts/${train}/${chart}/index.md fi fi done rm -rf temp || : fi done - name: Commit Website Changes if: | steps.collect-changes.outputs.changesDetected == 'true' run: | cd website git config user.name "TrueCharts-Bot" git config user.email "bot@truecharts.org" git add --all git commit -sm "Commit released docs for TrueCharts" || exit 0 git push - name: Checkout Catalog uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 if: | steps.collect-changes.outputs.changesDetectedAfterTag == 'true' with: fetch-depth: 1 repository: truecharts/catalog token: ${{ secrets.BOT_TOKEN }} ref: staging path: catalog - name: build catalog shell: bash if: | steps.collect-changes.outputs.changesDetectedAfterTag == 'true' run: | CHARTS=(${{ steps.collect-changes.outputs.modifiedChartsAfterTag }}) ./charttool deps ./charttool buildSCALE - name: Commit Catalog if: | steps.collect-changes.outputs.changesDetected == 'true' run: | cd catalog git config user.name "TrueCharts-Bot" git config user.email "bot@truecharts.org" git add --all git commit -sm "Commit new Chart releases for TrueCharts" || exit 0 git push cd - rm -rf catalog - name: set git author if: | steps.collect-changes.outputs.changesDetectedAfterTag == 'true' shell: bash run: | git config user.name "TrueCharts-Bot" git config user.email "bot@truecharts.org" - name: Install Helm uses: azure/setup-helm@29960d0f5f19214b88e1d9ba750a9914ab0f1a2f # v4 with: version: v3.14.0 # Optional step if GPG signing is used - name: Prepare GPG key shell: bash run: | gpg_dir=.cr-gpg mkdir -p "$gpg_dir" keyring="$gpg_dir/secring.gpg" base64 -d <<< "$GPG_KEYRING_BASE64" > "$keyring" passphrase_file="$gpg_dir/passphrase" echo "$GPG_PASSPHRASE" > "$passphrase_file" echo "CR_PASSPHRASE_FILE=$passphrase_file" >> "$GITHUB_ENV" echo "CR_KEYRING=$keyring" >> "$GITHUB_ENV" env: GPG_KEYRING_BASE64: "${{ secrets.GPG_KEYRING_BASE64 }}" GPG_PASSPHRASE: "${{ secrets.GPG_PASSPHRASE }}" - name: Clean Questions shell: bash run: | find . -type f -name 'questions.yaml' -exec rm {} \; - name: Run chart-releaser for dependency apps uses: helm/chart-releaser-action@a917fd15b20e8b64b94d9158ad54cd6345335584 # v1.6.0 if: | steps.collect-changes.outputs.changesDetectedAfterTag == 'true' with: charts_dir: charts/dependency charts_repo_url: https://deps.truecharts.org config: cr.yaml env: CR_TOKEN: "${{ secrets.BOT_TOKEN }}" CR_SKIP_EXISTING: "true" - name: Helm | Login shell: bash env: HELM_EXPERIMENTAL_OCI: 1 run: echo ${{ secrets.QUAY_SECRET }} | helm registry login -u ${{ secrets.QUAY_USER }} --password-stdin quay.io - name: Push Charts to Quay shell: bash env: HELM_EXPERIMENTAL_OCI: 1 run: | for pkg in .cr-release-packages/*.tgz; do if [ -z "${pkg:-}" ]; then break fi filename=$(basename "$pkg") name="${filename%%-[0-9]*.[0-9]*.[0-9]*.tgz}" echo "uploading $name" helm push "${pkg}" oci://quay.io/truecharts || echo "failed to upload $pkg to OCI" curl -X POST -H "Content-Type: application/json" -d '{"visibility": "public"}' -H "Authorization: Bearer ${{ secrets.QUAY_TOKEN }}" "https://quay.io/api/v1/repository/truecharts/$name/changevisibility" || echo "failed to set $pkg to public on OCI" done - name: Helm | Logout shell: bash env: HELM_EXPERIMENTAL_OCI: 1 run: helm registry logout quay.io - name: Tag App Releases if: | steps.collect-changes.outputs.changesDetectedAfterTag == 'true' shell: bash run: | #!/bin/bash CHARTS=(${{ steps.collect-changes.outputs.modifiedChartsAfterTag }}) echo "Removing Chart Docs prior to regeneration..." mkdir -p website/static/img/hotlink-ok/chart-icons || echo "chart-icons path already exists, continuing..." for i in "${CHARTS[@]}" do IFS='/' read -r -a chart_parts <<< "$i" if [ -f "charts/${chart_parts[0]}"/"${chart_parts[1]}/Chart.yaml" ]; then train=${chart_parts[0]} chart=${chart_parts[1]} if [ "${train}" != "dependency" ]; then echo "creating tag for ${chart}" version=$(cat charts/${train}/${chart}/Chart.yaml | grep '^version: ' | awk -F" " '{ print $2 }' | head -1) git tag ${chart}-${version} || echo "tag failed for ${chart}-${version}" fi fi done git push --tags