Merge pull request #1346 from banzaicloud/disable-psp #67

Summary
Jobs
- Helm
Run details
- Usage
- Workflow file

Workflow file for this run

	name: Helm chart

	on:
	push:
	branches:
	- master
	tags:
	- "**/[0-9]+.[0-9]+.[0-9]+"
	- "**/[0-9]+.[0-9]+.[0-9]+-dev.[0-9]+"
	pull_request:

	env:
	HELM_PLUGIN_CHARTMUSEUM_PUSH_VERSION: 0.9.0
	HELM_PUSH_REPOSITORY_NAME: chartmuseum
	HELM_VERSION: 3.1.1

	jobs:
	helm:
	name: Helm
	runs-on: ubuntu-latest

	steps:
	- name: Check out code
	uses: actions/checkout@v2

	- uses: azure/setup-helm@v1
	with:
	version: ${{ env.HELM_VERSION }}

	- name: Add Helm repositories
	run: \|
	helm repo add incubator https://charts.helm.sh/incubator
	helm repo add chartmuseum https://kubernetes-charts.banzaicloud.com
	helm repo add banzaicloud-stable http://kubernetes-charts.banzaicloud.com/branch/master
	helm repo add rimusz https://charts.rimusz.net

	- name: Update Helm repositories
	run: \|
	helm repo update
	helm repo list

	- name: Update Helm dependencies
	run: \|
	find -H '.' \
	-maxdepth 2 \
	-name 'Chart.yaml' \
	-execdir helm dependency update \;

	- name: Lint Helm charts
	run: \|
	find -H '.' \
	-maxdepth 2 \
	-name 'Chart.yaml' \
	-printf '%h\n' \
	\| xargs helm lint

	- name: Set Git refname
	id: set-git-refname
	run: \|
	GIT_REFNAME="$(echo "${{ github.ref }}" \| sed -r 's@refs/(heads\|pull\|tags)/@@g')"

	echo "GIT_REFNAME=${GIT_REFNAME}"
	echo "git_refname=${GIT_REFNAME}" >> $GITHUB_OUTPUT

	- name: Set Helm push enabled
	id: set-helm-push-enabled
	run: \|
	HELM_PUSH_ENABLED=""
	if [ "${{ github.event_name }}" == "push" ] && echo "${{ steps.set-git-refname.outputs.git_refname }}" \| grep -E -q "^(chart/)?[^/]+/[0-9]+\.[0-9]+\.[0-9]+"; then
	HELM_PUSH_ENABLED=1
	else
	printf >&2 "Unstable chart (%s) from %s event, chart will not be pushed" "${{ steps.set-git-refname.outputs.git_refname }}" "${{ github.event_name }}"
	fi

	echo "HELM_PUSH_ENABLED=${HELM_PUSH_ENABLED}"
	echo "helm_push_enabled=${HELM_PUSH_ENABLED}" >> $GITHUB_OUTPUT

	- if: ${{ steps.set-helm-push-enabled.outputs.helm_push_enabled == 1 }}
	name: Set chart name
	id: set-chart-name
	run: \|
	CHART_NAME="$(echo "${{ steps.set-git-refname.outputs.git_refname }}}" \| awk -F '/' '{print $(NF-1)}')"

	echo "CHART_NAME=${CHART_NAME}"
	echo "chart_name=${CHART_NAME}" >> $GITHUB_OUTPUT

	- if: ${{ steps.set-helm-push-enabled.outputs.helm_push_enabled == 1 }}
	name: Package Helm chart
	id: package-chart
	run: \|
	HELM_PACKAGE_OUTPUT=$(helm package "${{ github.workspace }}/${{ steps.set-chart-name.outputs.chart_name }}") \|\| exit 1
	HELM_PACKAGE_PATH="${HELM_PACKAGE_OUTPUT##"Successfully packaged chart and saved it to: "}"

	echo "HELM_PACKAGE_PATH=${HELM_PACKAGE_PATH}"
	echo "helm_package_path=${HELM_PACKAGE_PATH}" >> $GITHUB_OUTPUT

	- if: ${{ steps.set-helm-push-enabled.outputs.helm_push_enabled == 1 }}
	name: Check Helm chart version in repository
	run: \|
	CHART_PATH="${{ github.workspace }}/${{ steps.set-chart-name.outputs.chart_name }}"
	EXPECTED_CHART_VERSION="$(echo "${{ steps.set-git-refname.outputs.git_refname }}" \| awk -F '/' '{print $NF}')" \|\| exit 1
	ACTUAL_CHART_VERSION="$(awk '/version: [0-9]+\.[0-9]+\.[0-9]+/ {print $2}' "${CHART_PATH}/Chart.yaml")" \|\| exit 1

	if [ "${EXPECTED_CHART_VERSION}" != "${ACTUAL_CHART_VERSION}" ]; then
	printf >&2 "chart version mismatches, name: %s, expected version (from tag): %s, actual version (from chart): %s" "${{ steps.set-chart-name.outputs.chart_name }}" "${EXPECTED_CHART_VERSION}" "${ACTUAL_CHART_VERSION}"
	exit 1
	fi

	if helm search repo "${{ env.HELM_PUSH_REPOSITORY_NAME }}/${{ steps.set-chart-name.outputs.chart_name }}" --version "${ACTUAL_CHART_VERSION}" --output json \| jq --exit-status 'length > 0'; then
	printf >&2 "chart version already exists in the repository, repository: %s, name: %s, version: %s" "${{ env.HELM_PUSH_REPOSITORY_NAME }}" "${{ steps.set-chart-name.outputs.chart_name }}" "${ACTUAL_CHART_VERSION}"
	exit 1
	fi

	- if: ${{ steps.set-helm-push-enabled.outputs.helm_push_enabled == 1 }}
	name: Install Helm ChartMuseum push plugin
	run: helm plugin install "https://github.com/chartmuseum/helm-push.git" --version "${{ env.HELM_PLUGIN_CHARTMUSEUM_PUSH_VERSION }}"

	- if: ${{ steps.set-helm-push-enabled.outputs.helm_push_enabled == 1 }}
	name: Push Helm chart
	env:
	HELM_REPO_PASSWORD: ${{ secrets.HELM_REPO_PASSWORD }}
	HELM_REPO_USERNAME: ${{ secrets.HELM_REPO_USERNAME }}
	run: helm push "${{ steps.package-chart.outputs.helm_package_path }}" "${{ env.HELM_PUSH_REPOSITORY_NAME }}"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge pull request #1346 from banzaicloud/disable-psp #67

Workflow file

Merge pull request #1346 from banzaicloud/disable-psp #67

Jobs

Run details

Workflow file for this run