Skip to content
Prequel Client Helm Package Release

trigger-workflow #26

Sign in to view logs

trigger-workflow

trigger-workflow #26

Workflow file for this run

.github/workflows/trigger.yml at 28e6fd4
name: Prequel Client Helm Package Release
on:
workflow_dispatch:
repository_dispatch:
types: [trigger-workflow]
env:
AWS_REGION : us-east-1
permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
jobs:
release:
runs-on: [self-hosted, release-runner]
steps:
- name: Checkout
uses: actions/checkout@v4
with:
# This deploy key only has access to the prequel-helm repo
ssh-key: ${{ secrets.PREQUEL_HELM_DEPLOY_KEY }}
- name: Grab prequel-release server images publish artifact
uses: actions/download-artifact@v4
with:
name: prequel-release
github-token: ${{ secrets.PREQUEL_HELM_PREQUEL_RELEASE_ACCESS_GH_TOKEN }}
repository: prequel-dev/prequel-release
run-id: ${{ github.event.client_payload.runid }}
path: ./prequel-release
- name: Configure credentials
uses: aws-actions/configure-aws-credentials@v4.0.2
with:
role-to-assume: ${{ secrets.PROD_ROLE }}
role-session-name: GitHub_to_AWS_via_FederatedOIDC
aws-region: ${{ env.AWS_REGION }}
- name: Patch Client Helm Chart
run: |
echo "${{ secrets.PREQUEL_HELM_DEPLOY_KEY }}" > github.sshkey
chmod 400 github.sshkey
eval $(ssh-agent -s)
ssh-add github.sshkey
echo "Patch prequel-server"
./ci/patch.sh ./collector/values.yaml ./prequel-release/VERSION
- name: Bump, Commit and Tag
id: commit_and_tag
run: |
git config --global user.email "prequel-release@prequel.dev"
git config --global user.name "Prequel Release"
NEW_VERSION=$(cat ./prequel-release/VERSION)
yq -i '.version = "'$NEW_VERSION'"' ./collector/Chart.yaml
yq -i '.appVersion = "'$NEW_VERSION'"' ./collector/Chart.yaml
git add ./collector
git commit -m "new release ${{ steps.commit_and_tag.outputs.next_tag }}" || true
git push origin main || true
git fetch --tags origin
latest_tag=$(git tag --list 'v[0-9]*.[0-9]*.[0-9]*' --sort=-v:refname | head -n 1)
version=${latest_tag#v}
IFS='.' read -r major minor patch <<< "$version"
patch=$((patch + 1))
next_tag="v${major}.${minor}.${patch}"
echo "Bumping version: ${latest_tag:-none} → $next_tag"
git tag -a "$next_tag" -m "Release $next_tag"
git push origin "$next_tag"
echo "next_tag=$next_tag" >> "$GITHUB_OUTPUT"
- name: Checkout public helm chart
uses: actions/checkout@v4
with:
ssh-key: ${{ secrets.PREQUEL_HELM_DEPLOY_KEY_HELM }}
repository: prequel-dev/helm
path: helm
- name: Tag and Publish new collector chart
run: |
echo "${{ secrets.PREQUEL_HELM_DEPLOY_KEY_HELM }}" > github_helm.sshkey
chmod 400 github_helm.sshkey
eval $(ssh-agent -s)
ssh-add github_helm.sshkey
pushd ./helm
../ci/helm.sh ../ ./prequel-release/VERSION
git status
git add index.yaml
git add *.tgz
git config --global user.email "prequel-release@prequel.dev"
git config --global user.name "Prequel Release"
git commit -m "new release ${{ steps.commit_and_tag.outputs.next_tag }}" || true
git push origin main || true
git tag -a "${{ steps.commit_and_tag.outputs.next_tag }}" -m "Release ${{ steps.commit_and_tag.outputs.next_tag }}"
git push origin "${{ steps.commit_and_tag.outputs.next_tag }}"
popd
- name: Configure dev credentials
uses: aws-actions/configure-aws-credentials@v4.0.2
with:
role-to-assume: ${{ secrets.DEV_ROLE }}
role-session-name: GitHub_to_AWS_via_FederatedOIDC
aws-region: us-east-2
- name: Configure Kubernetes
uses: silverlyra/setup-aws-eks@v0.1
with:
cluster: ${{ secrets.DEV_CLUSTER_NAME }}
- name: Deploy release to dev
run: |
helm -n prequel upgrade prequel-latest-dev ./collector
- name: Configure prod credentials
uses: aws-actions/configure-aws-credentials@v4.0.2
with:
role-to-assume: ${{ secrets.PROD_ROLE }}
role-session-name: GitHub_to_AWS_via_FederatedOIDC
aws-region: us-east-1
- name: Configure prod Kubernetes
uses: silverlyra/setup-aws-eks@v0.1
with:
cluster: ${{ secrets.PROD_CLUSTER_NAME }}
- name: Deploy release to production
run: |
helm -n prequel upgrade prequel ./collector