Release Alloy Operator Helm chart #18
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Release Alloy Operator Helm chart | |
| # yamllint disable-line rule:truthy | |
| on: | |
| workflow_dispatch: | |
| env: | |
| CR_INDEX_PATH: "${{ github.workspace }}/.cr-index" | |
| CR_PACKAGE_PATH: "${{ github.workspace }}/.cr-release-packages" | |
| CR_TOOL_PATH: "${{ github.workspace }}/.cr-tool" | |
| permissions: {} | |
| jobs: | |
| release-chart: | |
| uses: grafana/helm-charts/.github/workflows/update-helm-repo.yaml@e5ee6963cce3ab19519dc6dbd5f250aa14dc6f12 | |
| permissions: | |
| contents: write | |
| id-token: write | |
| packages: write | |
| with: | |
| charts_dir: charts | |
| cr_configfile: cr.yaml | |
| ct_configfile: charts/alloy-operator/ct.yaml | |
| secrets: | |
| vault_repo_secret_name: github-app | |
| release: | |
| runs-on: ubuntu-latest | |
| needs: release-chart | |
| # These permissions are needed to assume roles from GitHub's OIDC. | |
| permissions: | |
| contents: read | |
| id-token: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 | |
| with: | |
| fetch-depth: 0 | |
| path: source | |
| persist-credentials: 'false' | |
| - name: Configure Git | |
| run: | | |
| cd source | |
| git config user.name "$GITHUB_ACTOR" | |
| git config user.email "[email protected]" | |
| - name: Install Helm | |
| uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # v4.3.1 | |
| - name: Parse Chart.yaml | |
| id: parse-chart | |
| working-directory: source/charts/alloy-operator | |
| run: | | |
| name=$(yq ".name" < Chart.yaml) | |
| version=$(yq ".version" < Chart.yaml) | |
| { | |
| echo "chartpath=charts/$(basename "$(pwd)")"; | |
| echo "tagname=${name}-${version}"; | |
| echo "packagename=${name}-${version}"; | |
| } >> "${GITHUB_OUTPUT}" | |
| - name: Add dependency chart repos | |
| env: | |
| CHARTPATH: ${{ steps.parse-chart.outputs.chartpath }} | |
| working-directory: source | |
| run: | | |
| # Skip the header line and make sure that tabs are expanded into spaces | |
| deps=$(helm dependency list "${CHARTPATH}" | tail +2 | expand) | |
| while read -r row; do | |
| IFS=' ' read -ra parts <<< "$row" | |
| name="${parts[0]}" | |
| repo="${parts[2]}" | |
| case "$repo" in | |
| "https://"*) helm repo add "$name" "$repo" ;; | |
| *) echo >&2 "Skipping dependency $name: unsupported schema for \"$repo\"" ;; | |
| esac | |
| done <<< "$deps" | |
| - name: Retrieve GitHub App credentials from Vault | |
| id: get-secrets | |
| uses: grafana/shared-workflows/actions/get-vault-secrets@28361cdb22223e5f1e34358c86c20908e7248760 # v1.1.0 | |
| env: | |
| VAULT_REPO_SECRET_NAME: github-app | |
| with: | |
| repo_secrets: | | |
| GITHUB_APP_ID=${{ env.VAULT_REPO_SECRET_NAME }}:app-id | |
| PRIVATE_KEY=${{ env.VAULT_REPO_SECRET_NAME }}:private-key | |
| - name: Generate GitHub App Token | |
| if: env.GITHUB_APP_ID != '' | |
| id: app-token | |
| uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 | |
| with: | |
| # Variables generated by the previous step get-secrets | |
| app-id: ${{ env.GITHUB_APP_ID }} | |
| private-key: ${{ env.PRIVATE_KEY }} | |
| owner: ${{ github.repository_owner }} | |
| - name: Set the token | |
| env: | |
| APP_TOKEN: ${{ steps.app-token.outputs.token }} | |
| run: echo "AUTHTOKEN=${APP_TOKEN}" >> "${GITHUB_ENV}" | |
| - name: Install CR tool | |
| env: | |
| GITHUB_TOKEN: ${{ env.AUTHTOKEN }} | |
| run: | | |
| mkdir "${CR_TOOL_PATH}" | |
| mkdir "${CR_PACKAGE_PATH}" | |
| mkdir "${CR_INDEX_PATH}" | |
| crVersion=$(gh release list --repo helm/chart-releaser --exclude-pre-releases --json tagName --jq '.[0].tagName' | sed 's/v//') | |
| curl -sSLo cr.tar.gz "https://github.com/helm/chart-releaser/releases/download/v${crVersion}/chart-releaser_${crVersion}_linux_amd64.tar.gz" | |
| tar -xzf cr.tar.gz -C "${CR_TOOL_PATH}" | |
| rm -f cr.tar.gz | |
| - name: Create helm package | |
| env: | |
| CHARTPATH: ${{ steps.parse-chart.outputs.chartpath }} | |
| working-directory: source | |
| run: | | |
| "${CR_TOOL_PATH}/cr" package "${CHARTPATH}" --config cr.yaml --package-path "${CR_PACKAGE_PATH}" | |
| echo "Result of chart package:" | |
| cp charts/alloy-crd/crds/collectors.grafana.com_alloy.yaml "${CR_PACKAGE_PATH}/collectors.grafana.com_alloy.yaml" | |
| ls -l "${CR_PACKAGE_PATH}" | |
| - name: Make github release | |
| uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.5.0 | |
| with: | |
| name: ${{ steps.parse-chart.outputs.tagname }} | |
| repository: grafana/alloy-operator | |
| generate_release_notes: true | |
| files: | | |
| ${{ env.CR_PACKAGE_PATH }}/${{ steps.parse-chart.outputs.packagename }}.tgz | |
| ${{ env.CR_PACKAGE_PATH }}/collectors.grafana.com_alloy.yaml | |
| tag_name: ${{ steps.parse-chart.outputs.tagname }} | |
| token: ${{ env.AUTHTOKEN }} | |
| fail_on_unmatched_files: true |