|
1 | 1 | name: Build and Release Helm Chart |
2 | 2 | on: |
| 3 | + # Trigger workflow when a tag is pushed (executed when tags are created with a PAT / non-default GitHub token) |
3 | 4 | push: |
4 | 5 | tags: |
5 | 6 | - '[0-9]+.[0-9]+.[0-9]+' # 1.2.3 (exact match) - release candidates are excluded |
| 7 | + |
| 8 | + # Add workflow dispatch for manual triggering |
| 9 | + workflow_dispatch: |
| 10 | + inputs: |
| 11 | + tag: |
| 12 | + description: 'Tag to build and release (e.g., 2.3.0)' |
| 13 | + required: true |
| 14 | + type: string |
| 15 | + dry_run: |
| 16 | + description: 'Dry run (skip actual release steps)' |
| 17 | + required: false |
| 18 | + type: boolean |
| 19 | + default: false |
6 | 20 |
|
7 | 21 | jobs: |
8 | 22 | helm: |
9 | 23 | runs-on: ubuntu-latest |
10 | 24 | steps: |
| 25 | + - name: Determine tag reference |
| 26 | + id: tag_ref |
| 27 | + run: | |
| 28 | + if [ "${{ github.event_name }}" == "workflow_dispatch" ]; then |
| 29 | + TAG_NAME="${{ github.event.inputs.tag }}" |
| 30 | + echo "tag_name=${TAG_NAME}" >> $GITHUB_OUTPUT |
| 31 | + echo "checkout_ref=${TAG_NAME}" >> $GITHUB_OUTPUT |
| 32 | + echo "triggered_by=manual" >> $GITHUB_OUTPUT |
| 33 | + else |
| 34 | + # Extract tag from push event |
| 35 | + TAG_NAME=${GITHUB_REF#refs/tags/} |
| 36 | + echo "tag_name=${TAG_NAME}" >> $GITHUB_OUTPUT |
| 37 | + echo "checkout_ref=${GITHUB_REF}" >> $GITHUB_OUTPUT |
| 38 | + echo "triggered_by=automatic" >> $GITHUB_OUTPUT |
| 39 | + fi |
| 40 | + |
| 41 | + echo "Building release for tag: ${TAG_NAME}" |
| 42 | + |
11 | 43 | - name: Set IMAGE_NAME |
12 | 44 | run: | |
13 | 45 | echo "IMAGE_NAME=${GITHUB_REPOSITORY,,}" >>${GITHUB_ENV} |
14 | 46 |
|
15 | 47 | # Checkout code |
16 | | - # https://github.com/actions/checkout |
17 | | - - name: Checkout code |
18 | | - |
| 48 | + - name: Checkout code at tag |
| 49 | + uses: actions/checkout@v4 |
| 50 | + with: |
| 51 | + ref: ${{ steps.tag_ref.outputs.checkout_ref }} |
| 52 | + fetch-depth: 0 # Fetch full history for better context |
| 53 | + |
| 54 | + - name: Verify checkout |
| 55 | + run: | |
| 56 | + echo "Current commit: $(git rev-parse HEAD)" |
| 57 | + echo "Current tag: $(git describe --tags --exact-match 2>/dev/null || echo 'No exact tag match')" |
| 58 | + echo "Triggered by: ${{ steps.tag_ref.outputs.triggered_by }}" |
19 | 59 |
|
20 | 60 | # Extract metadata (tags, labels) to use in Helm chart |
21 | 61 | # https://github.com/docker/metadata-action |
|
28 | 68 | # Set version from DOCKER_METADATA_OUTPUT_VERSION as environment variable |
29 | 69 | - name: Set Version |
30 | 70 | run: | |
31 | | - echo "VERSION=${{ github.ref_name }}" >> $GITHUB_ENV # Eventually will build this into Keyfactor bootstrap |
| 71 | + echo "VERSION=${{ steps.tag_ref.outputs.tag_name }}" >> $GITHUB_ENV # Eventually will build this into Keyfactor bootstrap |
32 | 72 |
|
33 | 73 | # Change version and appVersion in Chart.yaml to the tag in the closed PR |
34 | 74 | - name: Update Helm App/Chart Version |
|
50 | 90 | git config user.name "$GITHUB_ACTOR" |
51 | 91 | git config user.email "[email protected]" |
52 | 92 |
|
| 93 | + - name: Dry Run - Show what would be built |
| 94 | + if: ${{ github.event.inputs.dry_run == 'true' }} |
| 95 | + run: | |
| 96 | + echo "DRY RUN MODE - Would build:" |
| 97 | + echo " Tag: ${{ steps.tag_ref.outputs.tag_name }}" |
| 98 | + echo " Image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}" |
| 99 | + echo " Version: ${{ env.VERSION }}" |
| 100 | + echo " Commit: $(git rev-parse HEAD)" |
| 101 | + cat deploy/charts/command-cert-manager-issuer/Chart.yaml |
| 102 | +
|
53 | 103 | # Build and release Helm chart to GitHub Pages |
54 | 104 | # https://github.com/helm/chart-releaser-action |
55 | 105 | - name: Run chart-releaser |
| 106 | + if: ${{ github.event.inputs.dry_run != 'true' }} |
56 | 107 | |
57 | 108 | env: |
58 | 109 | CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" |
|
0 commit comments