ci(pipeline): enhance CI pipeline with installation tools

winromulus · winromulus · commit 51a8cf9aef88 · 2025-05-01T22:01:59.000+03:00
- Adds kubectl and helm installation steps to the CI pipeline.
- Implements authentication for helm and docker registries based on build requirements.
- Configures multi-platform Docker build and push actions.
- Removes redundant tools and steps to streamline the pipeline.
diff --git a/.github/workflows/pipeline.yaml b/.github/workflows/pipeline.yaml
@@ -124,6 +124,48 @@ jobs:
       - name: checkout
         uses: actions/checkout@v4
 
+      - name: tools - kubectl - install
+        uses: azure/setup-kubectl@v4
+
+      - name: tools - helm - install
+        uses: azure/setup-helm@v4
+
+      - name: tools - helm - login - ghcr
+        if: ${{ needs.discovery.outputs.requiresBuildPush == 'true' }}
+        run: |
+          echo "${{ secrets.ES_GITHUB_PAT }}" | helm registry login ghcr.io -u ${{ github.actor }} --password-stdin
+
+      - name: tools - helm - login - docker.io
+        if: ${{ needs.discovery.outputs.requiresBuildPush == 'true' }}
+        run: |
+          echo "${{ secrets.ES_DOCKERHUB_PAT }}" | helm registry login registry-1.docker.io -u ${{ secrets.ES_DOCKERHUB_USERNAME }} --password-stdin
+
+      - name: tools - docker - login ghcr.io
+        if: ${{ needs.discovery.outputs.requiresBuildPush == 'true' }}
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.ES_GITHUB_PAT }}
+
+      - name: tools - docker - login docker.io
+        if: ${{ needs.discovery.outputs.requiresBuildPush == 'true' }}
+        uses: docker/login-action@v3
+        with:
+          registry: docker.io
+          username: ${{ secrets.ES_DOCKERHUB_USERNAME }}
+          password: ${{ secrets.ES_DOCKERHUB_PAT }}
+
+      - name: tools - docker - register QEMU
+        run: |
+          docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
+
+      - name: tools - docker - setup buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          driver: docker-container  # REQUIRED for multi-platform builds
+
+
       - name: artifacts - prepare directories
         run: |
           mkdir -p .artifacts/helm
@@ -138,6 +180,25 @@ jobs:
       - name: helm - template chart
         run: helm template --namespace kube-system ${{ env.helmChart }} .artifacts/helm/${{ env.helmChart }}-${{ env.gitVersion_SemVer }}.tgz > .artifacts/kubectl/${{ env.helmChart }}-${{ env.gitVersion_SemVer }}.yaml
 
+      - name: docker - build and push
+        uses: docker/build-push-action@v5
+        with:
+          context: ${{ env.containerImageBuildContext }}
+          file: ${{ env.containerImageBuildDockerfile }}
+          push: ${{ needs.discovery.outputs.requiresBuildPush == 'true' }}
+          provenance: false
+          platforms: linux/amd64,linux/arm/v7,linux/arm64
+          tags: |
+            ${{ env.dockerHubContainerImageRepository }}/${{ env.containerImage }}:${{ env.gitVersion_SemVer }}
+            ${{ env.ghcrContainerImageRepository }}/${{ env.containerImage }}:${{ env.gitVersion_SemVer }}
+
+      - name: helm - push - ghcr
+        run: helm push .artifacts/helm/${{ env.helmChart }}-${{ env.gitVersion_SemVer }}.tgz oci://ghcr.io/${{ github.repository_owner }}/helm-charts
+
+      - name: helm - push - docker.io
+        run: helm push .artifacts/helm/${{ env.helmChart }}-${{ env.gitVersion_SemVer }}.tgz oci://registry-1.docker.io/${{ github.repository_owner }}/helm-charts
+
+
       - name: "artifacts - upload - helm chart"
         uses: actions/upload-artifact@v4
         with:
@@ -156,39 +217,4 @@ jobs:
           name: kubectl
           path: .artifacts/kubectl
 
-      - name: tools - docker - register QEMU
-        run: |
-          docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
-
-      - name: tools - docker - setup buildx
-        uses: docker/setup-buildx-action@v3
-        with:
-          driver: docker-container  # REQUIRED for multi-platform builds
-
-      - name: tools - docker - login docker.io
-        if: ${{ needs.discovery.outputs.requiresBuildPush == 'true' }}
-        uses: docker/login-action@v3
-        with:
-          registry: docker.io
-          username: ${{ secrets.ES_DOCKERHUB_USERNAME }}
-          password: ${{ secrets.ES_DOCKERHUB_PAT }}
-
-      - name: tools - docker - login ghcr.io
-        if: ${{ needs.discovery.outputs.requiresBuildPush == 'true' }}
-        uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.ES_GITHUB_PAT }}
 
-      - name: docker - build and push
-        uses: docker/build-push-action@v5
-        with:
-          context: ${{ env.containerImageBuildContext }}
-          file: ${{ env.containerImageBuildDockerfile }}
-          push: ${{ needs.discovery.outputs.requiresBuildPush == 'true' }}
-          provenance: false
-          platforms: linux/amd64,linux/arm/v7,linux/arm64
-          tags: |
-            ${{ env.dockerHubContainerImageRepository }}/${{ env.containerImage }}:${{ env.gitVersion_SemVer }}
-            ${{ env.ghcrContainerImageRepository }}/${{ env.containerImage }}:${{ env.gitVersion_SemVer }}
