Skip to content
Build and Release Helm Chart

Build and Release Helm Chart #48

Sign in to view logs

Build and Release Helm Chart

Build and Release Helm Chart #48

Workflow file for this run

.github/workflows/helm.yml at 9b2182b
name: Build and Release Helm Chart
on:
# Trigger workflow when a tag is pushed (executed when tags are created with a PAT / non-default GitHub token)
push:
tags:
- '[0-9]+.[0-9]+.[0-9]+' # 1.2.3 (exact match) - release candidates are excluded
# Add workflow dispatch for manual triggering
workflow_dispatch:
inputs:
tag:
description: 'Tag to build and release (e.g., 2.3.0)'
required: true
type: string
dry_run:
description: 'Dry run (skip actual release steps)'
required: false
type: boolean
default: false
jobs:
helm:
runs-on: ubuntu-latest
steps:
- name: Determine tag reference
id: tag_ref
run: |
if [ "${{ github.event_name }}" == "workflow_dispatch" ]; then
TAG_NAME="${{ github.event.inputs.tag }}"
echo "tag_name=${TAG_NAME}" >> $GITHUB_OUTPUT
echo "checkout_ref=${TAG_NAME}" >> $GITHUB_OUTPUT
echo "triggered_by=manual" >> $GITHUB_OUTPUT
else
# Extract tag from push event
TAG_NAME=${GITHUB_REF#refs/tags/}
echo "tag_name=${TAG_NAME}" >> $GITHUB_OUTPUT
echo "checkout_ref=${GITHUB_REF}" >> $GITHUB_OUTPUT
echo "triggered_by=automatic" >> $GITHUB_OUTPUT
fi
echo "Building release for tag: ${TAG_NAME}"
- name: Set IMAGE_NAME
run: |
echo "IMAGE_NAME=${GITHUB_REPOSITORY,,}" >>${GITHUB_ENV}
# Checkout code
- name: Checkout code at tag
uses: actions/checkout@v4
with:
ref: ${{ steps.tag_ref.outputs.checkout_ref }}
fetch-depth: 0 # Fetch full history for better context
- name: Verify checkout
run: |
echo "Current commit: $(git rev-parse HEAD)"
echo "Current tag: $(git describe --tags --exact-match 2>/dev/null || echo 'No exact tag match')"
echo "Triggered by: ${{ steps.tag_ref.outputs.triggered_by }}"
# Extract metadata (tags, labels) to use in Helm chart
# https://github.com/docker/metadata-action
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@v5.0.0
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
# Set version from DOCKER_METADATA_OUTPUT_VERSION as environment variable
- name: Set Version
run: |
echo "VERSION=${{ steps.tag_ref.outputs.tag_name }}" >> $GITHUB_ENV # Eventually will build this into Keyfactor bootstrap
# Change version and appVersion in Chart.yaml to the tag in the closed PR
- name: Update Helm App/Chart Version
shell: bash
run: |
sed -i "s/^version: .*/version: ${{ env.VERSION }}/g" deploy/charts/command-cert-manager-issuer/Chart.yaml
sed -i "s/^appVersion: .*/appVersion: \"v${{ env.VERSION }}\"/g" deploy/charts/command-cert-manager-issuer/Chart.yaml
# Setup Helm
# https://github.com/Azure/setup-helm
- name: Install Helm
uses: azure/setup-helm@v3.5
with:
token: ${{ secrets.GITHUB_TOKEN }}
# Helm requires an ident name to be set for chart-releaser to work
- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
- name: Dry Run - Show what would be built
if: ${{ github.event.inputs.dry_run == 'true' }}
run: |
echo "DRY RUN MODE - Would build:"
echo " Tag: ${{ steps.tag_ref.outputs.tag_name }}"
echo " Image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}"
echo " Version: ${{ env.VERSION }}"
echo " Commit: $(git rev-parse HEAD)"
cat deploy/charts/command-cert-manager-issuer/Chart.yaml
# Build and release Helm chart to GitHub Pages
# https://github.com/helm/chart-releaser-action
- name: Run chart-releaser
if: ${{ github.event.inputs.dry_run != 'true' }}
uses: helm/chart-releaser-action@v1.5.0
env:
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
with:
charts_dir: deploy/charts