|
1 | | -name: release_chart |
2 | | - |
3 | | -on: |
4 | | - release: |
5 | | - types: |
6 | | - - published |
7 | | - - edited |
8 | | - |
9 | | -jobs: |
10 | | - release_chart: |
11 | | - name: Release Chart |
12 | | - permissions: |
13 | | - contents: write |
14 | | - runs-on: ubuntu-latest |
15 | | - steps: |
16 | | - - name: Checkout |
17 | | - uses: actions/checkout@v4 |
18 | | - with: |
19 | | - fetch-depth: 0 |
20 | | - |
21 | | - - name: Install chart-releaser |
22 | | - run: | |
23 | | - wget https://github.com/helm/chart-releaser/releases/download/v1.4.1/chart-releaser_1.4.1_linux_amd64.tar.gz |
24 | | - tar -zxf chart-releaser_1.4.1_linux_amd64.tar.gz cr |
25 | | - sudo install cr /usr/local/bin/ |
26 | | - rm -f cr chart-releaser_1.4.1_linux_amd64.tar.gz |
27 | | -
|
28 | | - - name: Package Chart |
29 | | - run: cr package deploy/helm/clickhouse-operator |
30 | | - |
31 | | - - name: Get Release Assets |
32 | | - id: get_assets |
33 | | - run: | |
34 | | - CHART_PATH=$(ls .cr-release-packages/altinity-clickhouse-operator-*.tgz) |
35 | | - ASSET_NAME=$(basename ${CHART_PATH}) |
36 | | - ASSET_ID=$(curl -s -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ |
37 | | - "https://api.github.com/repos/${{ github.repository }}/releases/${{ github.event.release.id }}/assets" | \ |
38 | | - jq -r ".[] | select(.name == \"$ASSET_NAME\") | .id") |
39 | | - |
40 | | - echo "Asset ID is $ASSET_ID" |
41 | | - echo "asset_id=$ASSET_ID" >> $GITHUB_OUTPUT |
42 | | -
|
43 | | - - name: Delete Existing Release Artifacts |
44 | | - if: steps.get_assets.outputs.asset_id != '' |
45 | | - run: | |
46 | | - curl -X DELETE -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ |
47 | | - "https://api.github.com/repos/${{ github.repository }} |
48 | | -
|
49 | | - - name: Upload Release Artifacts |
50 | | - run: | |
51 | | - CHART_PATH=$(ls .cr-release-packages/altinity-clickhouse-operator-*.tgz) |
52 | | - curl -X POST \ |
53 | | - -H "Accept: application/vnd.github+json" \ |
54 | | - -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ |
55 | | - -H "Content-Type: application/gzip" \ |
56 | | - -T "${CHART_PATH}" \ |
57 | | - "https://uploads.github.com/repos/${GITHUB_REPOSITORY}/releases/${{ github.event.release.id }}/assets?name=$(basename ${CHART_PATH})" |
58 | | - - name: Validate Helm Repository Configuration |
59 | | - run: | |
60 | | - if [ -z "${{ secrets.HELM_GITHUB_TOKEN }}" ]; then |
61 | | - echo "ERROR: HELM_GITHUB_TOKEN secret is not set or is empty" |
62 | | - echo "Please add HELM_GITHUB_TOKEN to repository secrets with write access to the helm repository" |
63 | | - exit 1 |
64 | | - fi |
65 | | - |
66 | | - if [ -z "${{ vars.HELM_GITHUB_REPOSITORY }}" ]; then |
67 | | - echo "ERROR: HELM_GITHUB_REPOSITORY variable is not set or is empty" |
68 | | - echo "Please add HELM_GITHUB_REPOSITORY to repository variables (Settings -> Secrets and variables -> Actions -> Variables)" |
69 | | - exit 1 |
70 | | - fi |
71 | | - |
72 | | - echo "Configuration validated:" |
73 | | - echo " HELM_GITHUB_REPOSITORY: ${{ vars.HELM_GITHUB_REPOSITORY }}" |
74 | | - echo " HELM_GITHUB_TOKEN: [SET]" |
75 | | - |
76 | | - - name: Upload Release Artifacts to Helm Repo |
77 | | - run: | |
78 | | - cr upload \ |
79 | | - --git-repo=${{ vars.HELM_GITHUB_REPOSITORY }} \ |
80 | | - --owner=${GITHUB_REPOSITORY_OWNER} \ |
81 | | - --release-name-template=${{ github.event.release.name }} \ |
82 | | - --token=${{ secrets.HELM_GITHUB_TOKEN }} \ |
83 | | - --package-path=.cr-release-packages \ |
84 | | - --skip-existing |
85 | | - - name: Configure Git |
86 | | - run: | |
87 | | - git config user.name "$GITHUB_ACTOR" |
88 | | - git config user.email "[email protected]" |
89 | | - - name: Release Chart to Operator Repo |
90 | | - run: | |
91 | | - git remote add httpsorigin "https://github.com/${GITHUB_REPOSITORY}.git" |
92 | | - git fetch httpsorigin |
93 | | - cr index \ |
94 | | - --git-repo=${GITHUB_REPOSITORY#*/} \ |
95 | | - --owner=${GITHUB_REPOSITORY_OWNER} \ |
96 | | - --release-name-template=${{ github.event.release.name }} \ |
97 | | - --token=${{ secrets.GITHUB_TOKEN }} \ |
98 | | - --index-path=index.yaml \ |
99 | | - --remote=httpsorigin \ |
100 | | - --push |
101 | | - - name: Release Chart to Helm Repo |
102 | | - run: | |
103 | | - # Validate configuration before attempting to push |
104 | | - if [ -z "${{ vars.HELM_GITHUB_REPOSITORY }}" ]; then |
105 | | - echo "ERROR: HELM_GITHUB_REPOSITORY variable is not set or is empty" |
106 | | - echo "This step requires HELM_GITHUB_REPOSITORY to be set in repository variables" |
107 | | - echo "Go to: Settings -> Secrets and variables -> Actions -> Variables" |
108 | | - exit 1 |
109 | | - fi |
110 | | - |
111 | | - if [ -z "${{ secrets.HELM_GITHUB_TOKEN }}" ]; then |
112 | | - echo "ERROR: HELM_GITHUB_TOKEN secret is not set or is empty" |
113 | | - echo "This step requires HELM_GITHUB_TOKEN with write access to: ${GITHUB_REPOSITORY_OWNER}/${{ vars.HELM_GITHUB_REPOSITORY }}" |
114 | | - echo "Go to: Settings -> Secrets and variables -> Actions -> Secrets" |
115 | | - exit 1 |
116 | | - fi |
117 | | - |
118 | | - echo "Attempting to push to helm repository: ${GITHUB_REPOSITORY_OWNER}/${{ vars.HELM_GITHUB_REPOSITORY }}" |
119 | | - |
120 | | - # Test token authentication |
121 | | - echo "Testing token authentication..." |
122 | | - TOKEN_USER=$(curl -sS -H "Authorization: token ${{ secrets.HELM_GITHUB_TOKEN }}" https://api.github.com/user | jq -r '.login') |
123 | | - echo "Token authenticated as user: ${TOKEN_USER}" |
124 | | - |
125 | | - # Save current directory |
126 | | - WORK_DIR=$(pwd) |
127 | | - |
128 | | - # Create a temporary directory for helm repo operations |
129 | | - TEMP_DIR=$(mktemp -d) |
130 | | - cd "$TEMP_DIR" |
131 | | - |
132 | | - # Clone the helm repository WITHOUT token in URL to avoid masking issues |
133 | | - echo "Cloning helm repository to temporary directory..." |
134 | | - git clone https://github.com/${GITHUB_REPOSITORY_OWNER}/${{ vars.HELM_GITHUB_REPOSITORY }}.git helm-repo || { |
135 | | - echo "ERROR: Failed to clone helm repository" |
136 | | - echo "Please verify:" |
137 | | - echo " 1. Repository exists: ${GITHUB_REPOSITORY_OWNER}/${{ vars.HELM_GITHUB_REPOSITORY }}" |
138 | | - exit 1 |
139 | | - } |
140 | | - |
141 | | - cd helm-repo |
142 | | - |
143 | | - # Configure git credentials for push |
144 | | - git config user.email "[email protected]" |
145 | | - git config user.name "$GITHUB_ACTOR" |
146 | | - |
147 | | - # Set up authentication using git credential helper |
148 | | - git config credential.helper "store --file=.git/credentials" |
149 | | - echo "https://x-access-token:${{ secrets.HELM_GITHUB_TOKEN }}@github.com" > .git/credentials |
150 | | - |
151 | | - # Now use cr index from within the helm repo to avoid history conflicts |
152 | | - echo "Generating index.yaml within helm repository context..." |
153 | | - |
154 | | - # Copy the package to a local directory within helm repo |
155 | | - mkdir -p .cr-release-packages |
156 | | - cp "$WORK_DIR"/.cr-release-packages/*.tgz .cr-release-packages/ || { |
157 | | - echo "ERROR: No chart packages found in .cr-release-packages" |
158 | | - exit 1 |
159 | | - } |
160 | | - |
161 | | - # Generate index with cr (this will handle the gh-pages branch automatically) |
162 | | - cr index \ |
163 | | - --git-repo=${{ vars.HELM_GITHUB_REPOSITORY }} \ |
164 | | - --owner=${GITHUB_REPOSITORY_OWNER} \ |
165 | | - --release-name-template=${{ github.event.release.name }} \ |
166 | | - --token=${{ secrets.HELM_GITHUB_TOKEN }} \ |
167 | | - --package-path=.cr-release-packages \ |
168 | | - --index-path=index.yaml \ |
169 | | - --push || { |
170 | | - echo "ERROR: Failed to generate or push index to helm repository" |
171 | | - echo "Debug: Current directory is $(pwd)" |
172 | | - echo "Debug: Git remotes:" |
173 | | - git remote -v |
174 | | - echo "Debug: Git status:" |
175 | | - git status |
176 | | - exit 1 |
177 | | - } |
178 | | - |
179 | | - echo "Successfully updated helm repository index" |
180 | | - |
181 | | - # Cleanup |
182 | | - cd / |
183 | | - rm -rf "$TEMP_DIR" |
| 1 | +name: release_chart |
| 2 | + |
| 3 | +on: |
| 4 | + release: |
| 5 | + types: |
| 6 | + - published |
| 7 | + - edited |
| 8 | + |
| 9 | +jobs: |
| 10 | + release_chart: |
| 11 | + name: Release Chart |
| 12 | + permissions: |
| 13 | + contents: write |
| 14 | + runs-on: ubuntu-latest |
| 15 | + steps: |
| 16 | + - name: Checkout |
| 17 | + uses: actions/checkout@v4 |
| 18 | + with: |
| 19 | + fetch-depth: 0 |
| 20 | + |
| 21 | + - name: Install chart-releaser |
| 22 | + run: | |
| 23 | + wget https://github.com/helm/chart-releaser/releases/download/v1.4.1/chart-releaser_1.4.1_linux_amd64.tar.gz |
| 24 | + tar -zxf chart-releaser_1.4.1_linux_amd64.tar.gz cr |
| 25 | + sudo install cr /usr/local/bin/ |
| 26 | + rm -f cr chart-releaser_1.4.1_linux_amd64.tar.gz |
| 27 | +
|
| 28 | + - name: Package Chart |
| 29 | + run: cr package deploy/helm/clickhouse-operator |
| 30 | + |
| 31 | + - name: Get Release Assets |
| 32 | + id: get_assets |
| 33 | + run: | |
| 34 | + CHART_PATH=$(ls .cr-release-packages/altinity-clickhouse-operator-*.tgz) |
| 35 | + ASSET_NAME=$(basename ${CHART_PATH}) |
| 36 | + ASSET_ID=$(curl -s -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ |
| 37 | + "https://api.github.com/repos/${{ github.repository }}/releases/${{ github.event.release.id }}/assets" | \ |
| 38 | + jq -r ".[] | select(.name == \"$ASSET_NAME\") | .id") |
| 39 | + |
| 40 | + echo "Asset ID is $ASSET_ID" |
| 41 | + echo "asset_id=$ASSET_ID" >> $GITHUB_OUTPUT |
| 42 | +
|
| 43 | + - name: Delete Existing Release Artifacts |
| 44 | + if: steps.get_assets.outputs.asset_id != '' |
| 45 | + run: | |
| 46 | + curl -X DELETE -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ |
| 47 | + "https://api.github.com/repos/${{ github.repository }}/releases/${{ github.event.release.id }}/assets/${{ steps.get_assets.outputs.asset_id }}" |
| 48 | +
|
| 49 | + - name: Upload Release Artifacts |
| 50 | + run: | |
| 51 | + CHART_PATH=$(ls .cr-release-packages/altinity-clickhouse-operator-*.tgz) |
| 52 | + curl -X POST \ |
| 53 | + -H "Accept: application/vnd.github+json" \ |
| 54 | + -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ |
| 55 | + -H "Content-Type: application/gzip" \ |
| 56 | + -T "${CHART_PATH}" \ |
| 57 | + "https://uploads.github.com/repos/${GITHUB_REPOSITORY}/releases/${{ github.event.release.id }}/assets?name=$(basename ${CHART_PATH})" |
| 58 | + - name: Validate Helm Repository Configuration |
| 59 | + run: | |
| 60 | + if [ -z "${{ secrets.HELM_GITHUB_TOKEN }}" ]; then |
| 61 | + echo "ERROR: HELM_GITHUB_TOKEN secret is not set or is empty" |
| 62 | + echo "Please add HELM_GITHUB_TOKEN to repository secrets with write access to the helm repository" |
| 63 | + exit 1 |
| 64 | + fi |
| 65 | + |
| 66 | + if [ -z "${{ vars.HELM_GITHUB_REPOSITORY }}" ]; then |
| 67 | + echo "ERROR: HELM_GITHUB_REPOSITORY variable is not set or is empty" |
| 68 | + echo "Please add HELM_GITHUB_REPOSITORY to repository variables (Settings -> Secrets and variables -> Actions -> Variables)" |
| 69 | + exit 1 |
| 70 | + fi |
| 71 | + |
| 72 | + echo "Configuration validated:" |
| 73 | + echo " HELM_GITHUB_REPOSITORY: ${{ vars.HELM_GITHUB_REPOSITORY }}" |
| 74 | + echo " HELM_GITHUB_TOKEN: [SET]" |
| 75 | + |
| 76 | + - name: Upload Release Artifacts to Helm Repo |
| 77 | + run: | |
| 78 | + cr upload \ |
| 79 | + --git-repo=${{ vars.HELM_GITHUB_REPOSITORY }} \ |
| 80 | + --owner=${GITHUB_REPOSITORY_OWNER} \ |
| 81 | + --release-name-template=${{ github.event.release.name }} \ |
| 82 | + --token=${{ secrets.HELM_GITHUB_TOKEN }} \ |
| 83 | + --package-path=.cr-release-packages \ |
| 84 | + --skip-existing |
| 85 | + - name: Configure Git |
| 86 | + run: | |
| 87 | + git config user.name "$GITHUB_ACTOR" |
| 88 | + git config user.email "[email protected]" |
| 89 | + - name: Release Chart to Operator Repo |
| 90 | + run: | |
| 91 | + git remote add httpsorigin "https://github.com/${GITHUB_REPOSITORY}.git" |
| 92 | + git fetch httpsorigin |
| 93 | + cr index \ |
| 94 | + --git-repo=${GITHUB_REPOSITORY#*/} \ |
| 95 | + --owner=${GITHUB_REPOSITORY_OWNER} \ |
| 96 | + --release-name-template=${{ github.event.release.name }} \ |
| 97 | + --token=${{ secrets.GITHUB_TOKEN }} \ |
| 98 | + --index-path=index.yaml \ |
| 99 | + --remote=httpsorigin \ |
| 100 | + --push |
| 101 | + - name: Release Chart to Helm Repo |
| 102 | + run: | |
| 103 | + # Validate configuration before attempting to push |
| 104 | + if [ -z "${{ vars.HELM_GITHUB_REPOSITORY }}" ]; then |
| 105 | + echo "ERROR: HELM_GITHUB_REPOSITORY variable is not set or is empty" |
| 106 | + echo "This step requires HELM_GITHUB_REPOSITORY to be set in repository variables" |
| 107 | + echo "Go to: Settings -> Secrets and variables -> Actions -> Variables" |
| 108 | + exit 1 |
| 109 | + fi |
| 110 | + |
| 111 | + if [ -z "${{ secrets.HELM_GITHUB_TOKEN }}" ]; then |
| 112 | + echo "ERROR: HELM_GITHUB_TOKEN secret is not set or is empty" |
| 113 | + echo "This step requires HELM_GITHUB_TOKEN with write access to: ${GITHUB_REPOSITORY_OWNER}/${{ vars.HELM_GITHUB_REPOSITORY }}" |
| 114 | + echo "Go to: Settings -> Secrets and variables -> Actions -> Secrets" |
| 115 | + exit 1 |
| 116 | + fi |
| 117 | + |
| 118 | + echo "Attempting to push to helm repository: ${GITHUB_REPOSITORY_OWNER}/${{ vars.HELM_GITHUB_REPOSITORY }}" |
| 119 | + |
| 120 | + # Test token authentication |
| 121 | + echo "Testing token authentication..." |
| 122 | + TOKEN_USER=$(curl -sS -H "Authorization: token ${{ secrets.HELM_GITHUB_TOKEN }}" https://api.github.com/user | jq -r '.login') |
| 123 | + echo "Token authenticated as user: ${TOKEN_USER}" |
| 124 | + |
| 125 | + # Save current directory |
| 126 | + WORK_DIR=$(pwd) |
| 127 | + |
| 128 | + # Create a temporary directory for helm repo operations |
| 129 | + TEMP_DIR=$(mktemp -d) |
| 130 | + cd "$TEMP_DIR" |
| 131 | + |
| 132 | + # Clone the helm repository WITHOUT token in URL to avoid masking issues |
| 133 | + echo "Cloning helm repository to temporary directory..." |
| 134 | + git clone https://github.com/${GITHUB_REPOSITORY_OWNER}/${{ vars.HELM_GITHUB_REPOSITORY }}.git helm-repo || { |
| 135 | + echo "ERROR: Failed to clone helm repository" |
| 136 | + echo "Please verify:" |
| 137 | + echo " 1. Repository exists: ${GITHUB_REPOSITORY_OWNER}/${{ vars.HELM_GITHUB_REPOSITORY }}" |
| 138 | + exit 1 |
| 139 | + } |
| 140 | + |
| 141 | + cd helm-repo |
| 142 | + |
| 143 | + # Configure git credentials for push |
| 144 | + git config user.email "[email protected]" |
| 145 | + git config user.name "$GITHUB_ACTOR" |
| 146 | + |
| 147 | + # Set up authentication using git credential helper |
| 148 | + git config credential.helper "store --file=.git/credentials" |
| 149 | + echo "https://x-access-token:${{ secrets.HELM_GITHUB_TOKEN }}@github.com" > .git/credentials |
| 150 | + |
| 151 | + # Now use cr index from within the helm repo to avoid history conflicts |
| 152 | + echo "Generating index.yaml within helm repository context..." |
| 153 | + |
| 154 | + # Copy the package to a local directory within helm repo |
| 155 | + mkdir -p .cr-release-packages |
| 156 | + cp "$WORK_DIR"/.cr-release-packages/*.tgz .cr-release-packages/ || { |
| 157 | + echo "ERROR: No chart packages found in .cr-release-packages" |
| 158 | + exit 1 |
| 159 | + } |
| 160 | + |
| 161 | + # Generate index with cr (this will handle the gh-pages branch automatically) |
| 162 | + cr index \ |
| 163 | + --git-repo=${{ vars.HELM_GITHUB_REPOSITORY }} \ |
| 164 | + --owner=${GITHUB_REPOSITORY_OWNER} \ |
| 165 | + --release-name-template=${{ github.event.release.name }} \ |
| 166 | + --token=${{ secrets.HELM_GITHUB_TOKEN }} \ |
| 167 | + --package-path=.cr-release-packages \ |
| 168 | + --index-path=index.yaml \ |
| 169 | + --push || { |
| 170 | + echo "ERROR: Failed to generate or push index to helm repository" |
| 171 | + echo "Debug: Current directory is $(pwd)" |
| 172 | + echo "Debug: Git remotes:" |
| 173 | + git remote -v |
| 174 | + echo "Debug: Git status:" |
| 175 | + git status |
| 176 | + exit 1 |
| 177 | + } |
| 178 | + |
| 179 | + echo "Successfully updated helm repository index" |
| 180 | + |
| 181 | + # Cleanup |
| 182 | + cd / |
| 183 | + rm -rf "$TEMP_DIR" |
0 commit comments