Implement LoadManifests with Kustomize template (#5291) #1162
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: publish_image_chart | |
on: | |
push: | |
branches: | |
- master | |
tags: | |
- 'v*' | |
env: | |
GHCR: ghcr.io | |
GCR: gcr.io | |
HELM_VERSION: 3.8.2 | |
GO_VERSION: 1.22.4 | |
NODE_VERSION: 16.13.0 | |
jobs: | |
artifacts: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
packages: write | |
strategy: | |
matrix: | |
container_registry: | |
- ghcr.io/pipe-cd | |
- gcr.io/pipecd | |
image: | |
- helloworld | |
- launcher | |
- launcher-okd | |
- pipecd | |
- piped | |
- piped-okd | |
- pipectl | |
include: | |
- image: helloworld | |
dockerfile: cmd/helloworld/Dockerfile | |
- image: launcher | |
dockerfile: cmd/launcher/Dockerfile | |
- image: launcher-okd | |
dockerfile: cmd/launcher/Dockerfile-okd | |
- image: pipecd | |
dockerfile: cmd/pipecd/Dockerfile | |
- image: piped | |
dockerfile: cmd/piped/Dockerfile | |
- image: piped-okd | |
dockerfile: cmd/piped/Dockerfile-okd | |
- image: pipectl | |
dockerfile: cmd/pipectl/Dockerfile | |
exclude: | |
- image: launcher-okd | |
container_registry: gcr.io/pipecd | |
- image: pipecd | |
container_registry: gcr.io/pipecd | |
- image: piped-okd | |
container_registry: gcr.io/pipecd | |
- image: pipectl | |
container_registry: gcr.io/pipecd | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- uses: actions/setup-go@v3 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
cache: true | |
- name: Determine version | |
run: echo "PIPECD_VERSION=$(git describe --tags --always --abbrev=7)" >> $GITHUB_ENV | |
# Building go modules. | |
- name: Build go modules | |
run: make build/go | |
# Building web. | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: ${{ env.NODE_VERSION }} | |
- name: Get yarn cache directory path | |
id: yarn-cache-dir-path | |
run: echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT | |
- uses: actions/cache@v2 | |
id: yarn-cache | |
with: | |
path: ${{ steps.yarn-cache-dir-path.outputs.dir }} | |
key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }} | |
restore-keys: | | |
${{ runner.os }}-yarn- | |
- name: Update web dependencies | |
run: make update/web-deps | |
- name: Build web static | |
run: make build/web | |
# Setup QEMU and Buildx. | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@8b122486cedac8393e77aa9734c3528886e4a1a8 #v2.0.0 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@dc7b9719a96d48369863986a06765841d7ea23f6 #2.0.0 | |
# Login to push container images. | |
- name: Log in to GHCR | |
uses: docker/login-action@49ed152c8eca782a232dede0303416e8f356c37b #v2.0.0 | |
with: | |
registry: ${{ env.GHCR }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Log in to GCR | |
uses: docker/login-action@49ed152c8eca782a232dede0303416e8f356c37b #v2.0.0 | |
with: | |
registry: ${{ env.GCR }} | |
username: _json_key | |
password: ${{ secrets.GCR_SA }} | |
# Building and pushing container images. | |
- name: Build and push ${{ matrix.image }} image | |
uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 #v5.0.0 | |
with: | |
push: true | |
context: . | |
file: ${{ matrix.dockerfile }} | |
platforms: linux/amd64,linux/arm64 | |
tags: ${{ matrix.container_registry }}/${{ matrix.image }}:${{ env.PIPECD_VERSION }} | |
# Building and pushing Helm charts. | |
- name: Install helm | |
uses: Azure/setup-helm@v1 | |
with: | |
version: ${{ env.HELM_VERSION }} | |
- name: Login to OCI using Helm | |
run: | | |
echo ${{ secrets.GITHUB_TOKEN }} | helm registry login ${{ env.GHCR }} --username ${{ github.repository_owner }} --password-stdin | |
- name: Publish helm charts | |
run: | | |
make build/chart VERSION=${{ env.PIPECD_VERSION }} | |
helm push .artifacts/pipecd-${{ env.PIPECD_VERSION }}.tgz oci://${{ env.GHCR }}/pipe-cd/chart | |
helm push .artifacts/piped-${{ env.PIPECD_VERSION }}.tgz oci://${{ env.GHCR }}/pipe-cd/chart | |
helm push .artifacts/helloworld-${{ env.PIPECD_VERSION }}.tgz oci://${{ env.GHCR }}/pipe-cd/chart | |
# Notify PipeCD to trigger deployment via EventWatcher. | |
- uses: pipe-cd/actions-event-register@v1 | |
with: | |
api-address: ${{ secrets.PIPECD_API_ADDRESS }} | |
api-key: ${{ secrets.PIPECD_API_KEY }} | |
event-name: helm-release | |
labels: helmRepo=pipecd | |
data: ${{ env.PIPECD_VERSION }} | |
release-quickstart-manifests: | |
runs-on: ubuntu-latest | |
needs: artifacts | |
if: startsWith(github.ref, 'refs/tags/') | |
permissions: | |
contents: write | |
pull-requests: write | |
steps: | |
# setup tools and repositories | |
- name: Install helm | |
uses: Azure/setup-helm@v1 | |
with: | |
version: ${{ env.HELM_VERSION }} | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
ref: master | |
# Building and publishing quickstart manifests. | |
# we use `github.ref_name` to get the tag name without the `refs/tags/` prefix. | |
- name: Build quickstart manifests | |
run: | | |
helm template pipecd oci://ghcr.io/pipe-cd/chart/pipecd --version ${{ github.ref_name }} -n pipecd -f quickstart/control-plane-values.yaml > quickstart/manifests/control-plane.yaml | |
helm template piped oci://ghcr.io/pipe-cd/chart/piped --version ${{ github.ref_name }} -n pipecd --set quickstart.enabled=true --set quickstart.pipedId=\<YOUR_PIPED_ID\> --set quickstart.pipedKeyData=\<YOUR_PIPED_KEY_DATA\> > quickstart/manifests/piped.yaml | |
- name: Publish quickstart manifests | |
uses: peter-evans/create-pull-request@v6 | |
with: | |
title: "[bot] Publish quickstart manifests" | |
commit-message: "[bot] Publish quickstart manifests" | |
branch: "create-pull-request/publish-quickstart-manifests" | |
body: | | |
Automated changes by [create-pull-request](https://github.com/peter-evans/create-pull-request) GitHub action. | |
The workflow is defined [here](https://github.com/pipe-cd/pipecd/blob/master/.github/workflows/publish_image_chart.yaml). | |
**Note:** You need to **close and reopen this PR** manually to trigger status check workflows. (Or just click `Update branch` if possible.) | |
For details, see https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#triggering-further-workflow-runs. | |
delete-branch: true | |
signoff: true | |
token: ${{ secrets.GITHUB_TOKEN }} |