Skip to content

Helm Preview Build

Helm Preview Build #31

Workflow file for this run

name: Helm Preview Build
on:
workflow_dispatch:
inputs:
plane-ce:
description: "Plane CE"
required: false
default: false
type: boolean
plane-enterprise:
description: "Plane Enterprise"
required: false
default: false
type: boolean
env:
PREVIEW_BUILD_FOLDER: helm-preview
AWS_ACCESS_KEY_ID: ${{ secrets.HELM_PREVIEW_AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.HELM_PREVIEW_AWS_SECRET_ACCESS_KEY }}
AWS_REGION: ${{ vars.HELM_PREVIEW_AWS_REGION }}
AWS_BUCKET: ${{ vars.HELM_PREVIEW_BUCKET }}
HELM_SUB_FOLDER: ${{ github.run_id }}
GNUPGHOME: ${{ github.workspace }}/.gnupg
GPG_KEY_NAME: ${{ secrets.GPG_KEY_NAME }}
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
CHART_PREFIX: ${{ github.run_id }}
BUILD_PLANE_CE: ${{ github.event.inputs.plane-ce }}
BUILD_PLANE_EE: ${{ github.event.inputs.plane-enterprise }}
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout Source
uses: actions/checkout@v4
with:
path: code
- name: Configure Git
working-directory: code
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "[email protected]"
mkdir -p helm-preview
echo "HELM_SUB_FOLDER=$(git rev-parse --short "$GITHUB_SHA")" >> "$GITHUB_ENV"
echo "CHART_PREFIX=$(git rev-parse --short "$GITHUB_SHA")" >> "$GITHUB_ENV"
- name: Set up Helm
uses: azure/setup-helm@v4
- name: Prepare GPG key #this step is for using exported keys and make your github runner
env:
CR_PASSPHRASE_FILE: ${{env.GNUPGHOME}}/gpg-passphrase
run: |
gpg --version
mkdir -p ${{env.GNUPGHOME}}
chmod 700 ${{env.GNUPGHOME}}
# Disable the use of the gpg-agent
echo "use-agent" >> ${{env.GNUPGHOME}}/gpg.conf
echo "pinentry-mode loopback" >> ${{env.GNUPGHOME}}/gpg.conf
echo "no-tty" >> ${{env.GNUPGHOME}}/gpg.conf
echo "no-autostart" >> ${{env.GNUPGHOME}}/gpg-agent.conf
echo "allow-loopback-pinentry" >> ${{env.GNUPGHOME}}/gpg-agent.conf
echo "${{env.GPG_PASSPHRASE}}" > ${{env.CR_PASSPHRASE_FILE}}
# Import the GPG key
echo "${{ env.GPG_PRIVATE_KEY }}" | gpg --batch --yes --pinentry-mode loopback --passphrase ${{ env.GPG_PASSPHRASE }} --import
# Re-create keyring in legacy format for Helm compatibility
gpg --export-secret-keys --passphrase ${{env.GPG_PASSPHRASE}} > ${{env.GNUPGHOME}}/secring.gpg
gpg --export --passphrase ${{env.GPG_PASSPHRASE}} > ${{env.GNUPGHOME}}/pubring.gpg
chmod 400 ${{env.GNUPGHOME}}/secring.gpg
- id: build-plane-ce
if: ${{ env.BUILD_PLANE_CE == 'true' }}
name: Build Plane-CE
working-directory: code
env:
EXPORT_DIR: ${{env.PREVIEW_BUILD_FOLDER}}
CHART_REPO: plane-ce
CR_KEY: ${{ env.GPG_KEY_NAME }}
CR_PASSPHRASE_FILE: ${{env.GNUPGHOME}}/gpg-passphrase
CR_KEYRING: ${{env.GNUPGHOME}}/secring.gpg
HELM_REPO: helm-preview
run: |
flatBranchName=$(echo "${{ github.ref_name}}" | sed 's/\//\-/g')
sed -i "s/name: ${{env.CHART_REPO}}/name: ${{ env.CHART_PREFIX }}-${{env.CHART_REPO}}/" charts/${{env.CHART_REPO}}/Chart.yaml
sed -i "s/description: .*/description: ${flatBranchName}/g" charts/${{env.CHART_REPO}}/Chart.yaml
# sed -i "s/version: \(.*\)/version: \1-${flatBranchName}/" charts/${{env.CHART_REPO}}/Chart.yaml
helm package --sign --key "$CR_KEY" --keyring $CR_KEYRING --passphrase-file "$CR_PASSPHRASE_FILE" charts/$CHART_REPO -u -d ${{ env.EXPORT_DIR }}/${{env.CHART_REPO}}/charts
cp charts/${{env.CHART_REPO}}/README.md ${{ env.EXPORT_DIR }}/${{env.CHART_REPO}}/${{env.CHART_REPO}}.md
helm repo index ${{ env.EXPORT_DIR }}/${{env.CHART_REPO}} --url oci://oci://${{ vars.HARBOR_REGISTRY }}/${{ env.HELM_REPO }}
helm registry login -u ${{ secrets.HARBOR_USERNAME }} -p ${{ secrets.HARBOR_TOKEN }} ${{ vars.HARBOR_REGISTRY }}
helm push ${{ env.EXPORT_DIR }}/${{env.CHART_REPO}}/charts/${{ env.CHART_PREFIX }}-${{env.CHART_REPO}}-*.tgz oci://${{ vars.HARBOR_REGISTRY }}/${{ env.HELM_REPO }}
- id: build-plane-enterprise
if: ${{ env.BUILD_PLANE_EE == 'true' }}
name: Build Plane-Enterprise
working-directory: code
env:
EXPORT_DIR: ${{env.PREVIEW_BUILD_FOLDER}}
CHART_REPO: plane-enterprise
CR_KEY: ${{ env.GPG_KEY_NAME }}
CR_PASSPHRASE_FILE: ${{env.GNUPGHOME}}/gpg-passphrase
CR_KEYRING: ${{env.GNUPGHOME}}/secring.gpg
HELM_REPO: helm-preview
run: |
flatBranchName=$(echo "${{ github.ref_name}}" | sed 's/\//\-/g')
sed -i "s/name: ${{env.CHART_REPO}}/name: ${{ env.CHART_PREFIX }}-${{env.CHART_REPO}}/" charts/${{env.CHART_REPO}}/Chart.yaml
sed -i "s/description: .*/description: ${flatBranchName}/g" charts/${{env.CHART_REPO}}/Chart.yaml
# sed -i "s/version: \(.*\)/version: \1-${flatBranchName}/" charts/${{env.CHART_REPO}}/Chart.yaml
helm package --sign --key "$CR_KEY" --keyring $CR_KEYRING --passphrase-file "$CR_PASSPHRASE_FILE" charts/$CHART_REPO -u -d ${{ env.EXPORT_DIR }}/${{env.CHART_REPO}}/charts
cp charts/${{env.CHART_REPO}}/README.md ${{ env.EXPORT_DIR }}/${{env.CHART_REPO}}/${{env.CHART_REPO}}.md
helm repo index ${{ env.EXPORT_DIR }}/${{env.CHART_REPO}} --url oci://oci://${{ vars.HARBOR_REGISTRY }}/${{ env.HELM_REPO }}
helm registry login -u ${{ secrets.HARBOR_USERNAME }} -p ${{ secrets.HARBOR_TOKEN }} ${{ vars.HARBOR_REGISTRY }}
helm push ${{ env.EXPORT_DIR }}/${{env.CHART_REPO}}/charts/${{ env.CHART_PREFIX }}-${{env.CHART_REPO}}-*.tgz oci://${{ vars.HARBOR_REGISTRY }}/${{ env.HELM_REPO }}
- name: Publish
if: ${{ env.BUILD_PLANE_CE == 'true' || env.BUILD_PLANE_EE == 'true' }}
working-directory: code
run: |
# helm repo index ${{env.PREVIEW_BUILD_FOLDER}}
touch ${{env.PREVIEW_BUILD_FOLDER}}/index.html
# echo "<p>Helm Preview Build for Branch:${{github.ref_name}}</p>" > ${{env.PREVIEW_BUILD_FOLDER}}/index.html
HTML_CONTENT="
<p>Helm Preview Build for Branch:${{github.ref_name}}</p>
<ul>"
if [ "${{ env.BUILD_PLANE_CE }}" == "true" ]; then
HTML_CONTENT="$HTML_CONTENT
<li><a href='plane-ce/'>Plane-CE</a></li>"
fi
if [ "${{ env.BUILD_PLANE_EE }}" == "true" ]; then
HTML_CONTENT="$HTML_CONTENT
<li><a href='plane-enterprise/'>Plane-Enterprise</a></li>"
fi
HTML_CONTENT="$HTML_CONTENT
</ul>"
echo $HTML_CONTENT >> ${{env.PREVIEW_BUILD_FOLDER}}/index.html
pip install awscli
aws s3 cp ${{env.PREVIEW_BUILD_FOLDER}} s3://${{env.AWS_BUCKET}}/${{ env.HELM_SUB_FOLDER }} --recursive
echo "************************************************"
echo "http://${{env.AWS_BUCKET}}.s3-website.${{env.AWS_REGION}}.amazonaws.com/${{env.HELM_SUB_FOLDER}}"
echo "************************************************"