diff --git a/.github/actions/publish/action.yml b/.github/actions/publish-gh-pages/action.yml similarity index 78% rename from .github/actions/publish/action.yml rename to .github/actions/publish-gh-pages/action.yml index 5201ab2..1418960 100644 --- a/.github/actions/publish/action.yml +++ b/.github/actions/publish-gh-pages/action.yml @@ -24,26 +24,28 @@ runs: echo "CHART_VERSION=$version" >> "$GITHUB_OUTPUT" echo "ARTIFACT=ld-relay-$version.tgz" >> "$GITHUB_OUTPUT" + - name: Make build directory + shell: bash + run: mkdir -p build + - name: Package the helm chart shell: bash - run: | - mkdir -p new-chart - helm package -d new-chart . + run: helm package -d build . - name: Generate updated index.yaml shell: bash - run: helm repo index new-chart --url https://launchdarkly.github.io/ld-relay-helm --merge helm-repo/index.yaml + run: helm repo index build --url https://launchdarkly.github.io/ld-relay-helm --merge helm-repo/index.yaml - name: Move files into publishable directory shell: bash - run: mv new-chart/${{ steps.version.outputs.ARTIFACT }} new-chart/index.yaml helm-repo - run: mv helm-repo/*tgz new-chart/ + run: mv build/${{ steps.version.outputs.ARTIFACT }} build/index.yaml helm-repo + run: mv helm-repo/*tgz build/ - name: Publish to GitHub pages if: ${{ inputs.dry_run == 'false' }} uses: launchdarkly/gh-actions/actions/publish-pages@publish-pages-v1.0.2 with: - docs_path: new-chart + docs_path: build github_token: ${{ inputs.token }} - name: Attach published chart to release diff --git a/.github/actions/publish-ghcr/action.yml b/.github/actions/publish-ghcr/action.yml new file mode 100644 index 0000000..d242a33 --- /dev/null +++ b/.github/actions/publish-ghcr/action.yml @@ -0,0 +1,34 @@ +name: Publish Chart +description: "Publish to gh-pages-backed chart repository" +inputs: + dry_run: + description: "Is this a dry run. If so no package will be published." + required: true + token: + description: "The GitHub token used to upload artifacts to the published release" + required: true + +runs: + using: composite + steps: + - uses: actions/checkout@v4 + + - name: Login to GitHub Container Registry + uses: docker/login-action@v3.6.0 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ inputs.token }} + + - name: Make build directory + shell: bash + run: mkdir -p build + + - name: Package the helm chart + shell: bash + run: helm package -d build . + + - name: Push chart to GHCR + if: ${{ inputs.dry_run == 'false' }} + shell: bash + run: helm push build/ld-relay-*.tgz oci://ghcr.io/${GITHUB_REPOSITORY_OWNER}/helm-charts diff --git a/.github/workflows/manual-publish.yml b/.github/workflows/manual-publish.yml index 29c5a84..bca3b0f 100644 --- a/.github/workflows/manual-publish.yml +++ b/.github/workflows/manual-publish.yml @@ -3,7 +3,7 @@ on: workflow_dispatch: inputs: dry_run: - description: 'Is this a dry run? If so no package will be published.' + description: "Is this a dry run? If so no package will be published." type: boolean required: true @@ -12,8 +12,9 @@ jobs: runs-on: ubuntu-latest # Needed to get tokens during publishing. permissions: - id-token: write - contents: write + id-token: write # Needed if using OIDC to get release secrets. + contents: write # Contents and pull-requests are for release-please to make releases. + packages: write # needed for ghcr access steps: - uses: actions/checkout@v4 @@ -22,7 +23,12 @@ jobs: - name: Run quality control checks uses: ./.github/actions/ci - - uses: ./.github/actions/publish + - uses: ./.github/actions/publish-gh-pages + with: + dry_run: ${{ inputs.dry_run }} + token: ${{ secrets.GITHUB_TOKEN }} + + - uses: ./.github/actions/publish-ghcr with: dry_run: ${{ inputs.dry_run }} token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index a788d88..23c8466 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -2,7 +2,7 @@ name: Run Release Please on: push: - branches: [ main ] + branches: [main] jobs: release-package: @@ -10,6 +10,7 @@ jobs: permissions: id-token: write # Needed if using OIDC to get release secrets. contents: write # Contents and pull-requests are for release-please to make releases. + packages: write # needed for ghcr access pull-requests: write steps: - uses: googleapis/release-please-action@v4 @@ -27,7 +28,13 @@ jobs: if: ${{ steps.release.outputs.releases_created == 'true' }} uses: ./.github/actions/ci - - uses: ./.github/actions/publish + - uses: ./.github/actions/publish-gh-pages + if: ${{ steps.release.outputs.releases_created == 'true' }} + with: + dry_run: false + token: ${{ secrets.GITHUB_TOKEN }} + + - uses: ./.github/actions/publish-ghcr if: ${{ steps.release.outputs.releases_created == 'true' }} with: dry_run: false diff --git a/Makefile b/Makefile index 703f290..2998eba 100644 --- a/Makefile +++ b/Makefile @@ -19,7 +19,7 @@ unittest: #! Run the unit tests .PHONY: lint lint: #! Run helm lint against this chart - @helm lint + @helm lint . .PHONY: package package: #! Build the helm package (e.g. ld-relay-x.y.z.tgz) diff --git a/README.md b/README.md index 5e44239..3065eaa 100644 --- a/README.md +++ b/README.md @@ -31,6 +31,8 @@ helm install ld-relay --set relay.environment.LD_ENV_YourEnvironment=your-sdk-ke For additional configuration, use the [Configuration options](#configuration-options) below. +OCI artifacts of all LaunchDarkly Helm charts are available in [ghcr.io](https://github.com/orgs/launchdarkly/packages?q=helm-charts). + ## Configuration options To customize this Helm chart, override the configuration options defined in the [values file](https://github.com/launchdarkly/ld-relay-helm/blob/main/values.yaml). The values file contains detailed documentation on each option.