From d2046a1cb920068e962cceee7cf535a9e809fd1a Mon Sep 17 00:00:00 2001 From: Alejandro Moreno Date: Thu, 27 Jun 2024 16:12:43 +0200 Subject: [PATCH] Improve release process (#1559) Improve release process automating several actions: - After the container is published, an automatic PR will be created updating the chart - After the chart is published, an automatic PR will be created updating the Carvel package Signed-off-by: Alejandro Moreno --- .github/workflows/helm-release.yaml | 19 +++++++----- .github/workflows/publish-release.yaml | 42 +++++++++++++++++++++++++- .github/workflows/release.yaml | 2 +- 3 files changed, 53 insertions(+), 10 deletions(-) diff --git a/.github/workflows/helm-release.yaml b/.github/workflows/helm-release.yaml index e73ee22ff5..86eb6d409c 100644 --- a/.github/workflows/helm-release.yaml +++ b/.github/workflows/helm-release.yaml @@ -65,17 +65,20 @@ jobs: IMGPKG_REGISTRY_USERNAME: ${{ github.actor }} IMGPKG_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} run: | - imgpkg push -b ghcr.io/${{ github.repository_owner }}/sealed-secrets-carvel:${{ env.chart_version }} -f . + imgpkg push -b ghcr.io/${{ github.repository_owner }}/sealed-secrets-carvel:${{ env.chart_version }} -f . --json > output + echo carvel_pkg=$(cat output | grep Pushed | cut -d "'" -f2 ) >> $GITHUB_ENV - name: Update package.yaml run: | yq -i '.spec.version = "${{ env.chart_version }}"' carvel/package.yaml yq -i '.metadata.name = "sealedsecrets.bitnami.com.${{ env.chart_version }}"' carvel/package.yaml - yq -i '.spec.template.spec.fetch.0.imgpkgBundle.image = "ghcr.io/${{ github.repository_owner }}/sealed-secrets-carvel:${{ env.chart_version }}"' carvel/package.yaml + yq -i '.spec.template.spec.fetch.0.imgpkgBundle.image = "${{ env.carvel_pkg }}"' carvel/package.yaml + git checkout -B 'release-carvel-${{ env.chart_version }}' + git add carvel/package.yaml + git commit -m 'Release carvel package ${{ env.chart_version }}' + git push origin 'release-carvel-${{ env.chart_version }}' - # Commenting the git commit action - #- name: Commit package.yaml - #run: | - #git add ./carvel/package.yaml - #git commit -s -m 'Update package to version ${{ env.chart_version }}' - #git push + - name: Create PR + run: gh pr create --fill --base main --repo $GITHUB_REPOSITORY + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/publish-release.yaml b/.github/workflows/publish-release.yaml index 59d8577466..d27509d2e2 100644 --- a/.github/workflows/publish-release.yaml +++ b/.github/workflows/publish-release.yaml @@ -2,9 +2,14 @@ name: Publish Release on: workflow_dispatch: + inputs: + chart: + description: 'Chart version (e.g. 2.11.3)' + required: true + type: string jobs: - build: + release: runs-on: ubuntu-latest env: controller_dockerhub_image_name: docker.io/bitnami/sealed-secrets-controller @@ -153,3 +158,38 @@ jobs: COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} TAG_CURRENT: ${{ steps.meta_kubeseal.outputs.tags }} COSIGN_REPOSITORY: ${{ env.kubeseal_ghcr_image_name }}/signs + + chart-pr: + needs: release + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 + with: + fetch-depth: 0 + + - name: Config Git + run: | + git config user.name "$GITHUB_ACTOR" + git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + + - name: Fetch Versions + run: | + echo NEW_VERSION=$(git describe --tags --match "v[0-9]*" --abbrev=0 | tr -d v) >> "$GITHUB_ENV" + echo PREV_VERSION=$(grep appVersion helm/sealed-secrets/Chart.yaml | grep -o '[0-9.]*') >> "$GITHUB_ENV" + + - name: Update Version + run: | + sed -i "s/version: .*/version: ${{ inputs.chart }}/" helm/sealed-secrets/Chart.yaml + sed -i "s/appVersion: .*/appVersion: $NEW_VERSION/" helm/sealed-secrets/Chart.yaml + sed -i "s/tag: .*/tag: $NEW_VERSION/" helm/sealed-secrets/values.yaml + sed -i "s/\`$PREV_VERSION\`/\`$NEW_VERSION\`/" helm/sealed-secrets/README.md + git checkout -B 'release-chart-${{ inputs.chart }}' + git add helm/sealed-secrets/Chart.yaml helm/sealed-secrets/values.yaml helm/sealed-secrets/README.md + git commit -m 'Release chart ${{ inputs.chart }}' + git push origin 'release-chart-${{ inputs.chart }}' + + - name: Create PR + run: gh pr create --fill --base main --repo $GITHUB_REPOSITORY + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 60a74da014..448de86803 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -1,4 +1,4 @@ -name: Release +name: Prepare Release # Only release when a new GH release branch is pushed on: