name: Deploy the Helm Chart on: push: branches: - main workflow_dispatch: jobs: # "Build" from the source code build: runs-on: self-hosted outputs: chart-name: ${{ steps.update-helm-repo.outputs.CHART_NAME }} steps: # Get the source code from the repository - name: Checkout repository uses: actions/checkout@v4 # "Build"/package the source code int the appropriate format (Helm chart etc...) - name: Update Helm Repository (if needed) id: update-helm-repo run: | # Parse the chart name from the Chart.yaml CHART_NAME=$(yq '.name' Chart.yaml) CHART_NAME=${CHART_NAME#\"} # Remove leading quote CHART_NAME=${CHART_NAME%\"} # Remove trailing quote echo "CHART_NAME=$CHART_NAME" >> $GITHUB_OUTPUT echo "Chart Name: $CHART_NAME" # Note, this depends on the [Harbor Helm Index](https://git.bridgemanaccessible.ca/Bridgeman-Accessible/harbor-helm-index) pretty heavily # In particular, that tool allows us to treat what is an OCI registry as a Helm repository (which includes using `helm search repo`) helm repo add BridgemanAccessible https://helm.bridgemanaccessible.ca # Check if the chart is already in the repository or not REMOTE_CHART_WORK_OUTPUT=$(helm search repo BridgemanAccessible/$CHART_NAME 2>/dev/null || echo "") if [ -n "$REMOTE_CHART_WORK_OUTPUT" ]; then # The chart is already in the repository, so we need to check if the version is the same or not echo "Chart already exists in the repository. Checking version..." IFS=' ' read -r -a REMOTE_VERSIONS <<< $(helm search repo BridgemanAccessible/$CHART_NAME --output json | jq '.[].version | @sh') echo "Remote Chart Versions: ${REMOTE_VERSIONS[@]}" else # The chart is not in the repository, so we'll need to add it echo "Chart not found in the repository. Adding it..." # Set a blank value so that it WON'T match the local version IFS=' ' read -r -a REMOTE_VERSIONS <<< "" fi # Just to keep things clean/safe/etc... remove the repo helm repo remove BridgemanAccessible # Get the local version from the Chart.yaml file LOCAL_VERSION=$(yq '.version' Chart.yaml) LOCAL_VERSION=${LOCAL_VERSION#\"} # Remove leading quote LOCAL_VERSION=${LOCAL_VERSION%\"} # Remove trailing quote echo "Local Chart Version: $LOCAL_VERSION" has_match='false' if [ ${#REMOTE_VERSIONS[@]} -gt 0 ]; then # Loop through the remote tags and check if any of them match the local version for REMOTE_VERSION in ${REMOTE_VERSIONS[@]}; do REMOTE_VERSION=${REMOTE_VERSION#\'} # Remove leading quote REMOTE_VERSION=${REMOTE_VERSION%\'} # Remove trailing quote # Check if the remote tag is the same as the local tag if [ "$REMOTE_VERSION" == "$LOCAL_VERSION" ]; then echo "Remote version matches local version!" has_match='true' break fi done fi # If the versions match, we want to increment the chart's patch version if [ "has_match" ]; then echo "Versions match!" # Increment the patch version of the local version (Ex. 1.0.0 -> 1.0.1) IFS='.' read -r major minor patch <<< "$LOCAL_VERSION" patch=$((patch + 1)) NEW_LOCAL_VERSION="$major.$minor.$patch" echo "New Local Version: $NEW_LOCAL_VERSION" echo "Committing new chart version change..." sed -i "s|version: \"$LOCAL_VERSION\"|version: \"$NEW_LOCAL_VERSION\"|g" Chart.yaml LOCAL_VERSION=$NEW_LOCAL_VERSION # Update remote URL to use the GITHUB_TOKEN for authentication git remote set-url origin https://x-access-token:${{ secrets.GITHUB_TOKEN }}@git.bridgemanaccessible.ca/${{ github.repository }}.git # Setup git user details for committing the version change and tag git config user.name "Forgejo Actions" git config user.email "actions@git.bridgemanaccessible.ca" # Commit the version change to the `package.json` file git add Chart.yaml git commit -m "[Forgejo Actions] Update Helm chart version to $(yq -r '.version' Chart.yaml)" # Push the changes to the repository git push origin HEAD:main else echo "Versions do not match!" fi #helm package . #helm push ./$CHART_NAME-$LOCAL_VERSION.tgz oci://${{ secrets.REPOSITORY_HOSTNAME }}/helm # Deploy to our environment (stagging cluster) #deploy: # runs-on: self-hosted # needs: build # outputs: # backup-created: ${{ steps.backup.outputs.created }} # restore-time: ${{ steps.deploy-helm-chart.outputs.RESTORE_TIME }} # env: # NAMESPACE: custom-vault # RELEASE_NAME: custom-vault # CHART_NAME: ${{ needs.build.outputs.chart-name }} # steps: # # Deploy the resources to the cluster # - name: Deploy Helm Chart # id: deploy-helm-chart # run: | # FILLED_VALUES_FILE="values.filled.yaml" # # # Download a filled version of the `values.yaml` file from a secure location # DOWNLOAD_FILE=$(curl -sSL https://secure-storage.bridgemanaccessible.ca/services-dashboard/values.filled.yaml?token=${{ secrets.SECURE_STORAGE_TOKEN }} -o $FILLED_VALUES_FILE || echo "Failed to download filled values file.") # if [ "$DOWNLOAD_FILE" == "Failed to download filled values file." ]; then # echo "Error: $DOWNLOAD_FILE" # exit 1 # fi # # # Parse the chart name from the Chart.yaml # CHART_NAME=${{ env.CHART_NAME }} # echo "Chart Name: $CHART_NAME" # # # Can run `k8s-deploy --help` if you want to see all the options available # k8s-deploy \ # --namespace ${{ env.NAMESPACE }} \ # --release-name ${{ env.RELEASE_NAME }} \ # --filled-values-file $FILLED_VALUES_FILE \ # --chart-name $CHART_NAME \ # --rwx-volumes vault-role-vars