ci(helm): roll prereleases on main pushes + manual trigger #3

Workflow file for this run

.github/workflows/helm-prerelease.yml at bcf28dc

	name: 🧭 Helm Chart Prerelease

	on:
	pull_request:
	types: [opened, synchronize, reopened]
	paths:
	- "hosting/k8s/helm/**"
	push:
	branches:
	- main
	paths:
	- "hosting/k8s/helm/**"
	workflow_dispatch:
	inputs:
	app_version:
	description: "Override appVersion (e.g. 'main', 'v4.4.4'). Leave empty to keep Chart.yaml value."
	required: false
	type: string
	default: ""

	concurrency:
	group: helm-prerelease-${{ github.event.pull_request.number \|\| github.ref }}
	cancel-in-progress: true

	env:
	REGISTRY: ghcr.io
	CHART_NAME: trigger

	jobs:
	lint-and-test:
	runs-on: ubuntu-latest
	permissions:
	contents: read
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Set up Helm
	uses: azure/setup-helm@v4
	with:
	version: "3.18.3"

	- name: Build dependencies
	run: helm dependency build ./hosting/k8s/helm/

	- name: Extract dependency charts
	run: \|
	cd ./hosting/k8s/helm/
	for file in ./charts/*.tgz; do echo "Extracting $file"; tar -xzf "$file" -C ./charts; done

	- name: Lint Helm Chart
	run: \|
	helm lint ./hosting/k8s/helm/

	- name: Render templates
	run: \|
	helm template test-release ./hosting/k8s/helm/ \
	--values ./hosting/k8s/helm/values.yaml \
	--output-dir ./helm-output

	- name: Validate manifests
	uses: docker://ghcr.io/yannh/kubeconform:v0.7.0
	with:
	entrypoint: "/kubeconform"
	args: "-summary -output json ./helm-output"

	prerelease:
	needs: lint-and-test
	if: \|
	(github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository) \|\|
	github.event_name == 'push' \|\|
	github.event_name == 'workflow_dispatch'
	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: write
	pull-requests: write
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Set up Helm
	uses: azure/setup-helm@v4
	with:
	version: "3.18.3"

	- name: Build dependencies
	run: helm dependency build ./hosting/k8s/helm/

	- name: Extract dependency charts
	run: \|
	cd ./hosting/k8s/helm/
	for file in ./charts/*.tgz; do echo "Extracting $file"; tar -xzf "$file" -C ./charts; done

	- name: Log in to Container Registry
	uses: docker/login-action@v3
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Generate prerelease version
	id: version
	run: \|
	BASE_VERSION=$(grep '^version:' ./hosting/k8s/helm/Chart.yaml \| awk '{print $2}')
	if [[ "${{ github.event_name }}" == "pull_request" ]]; then
	PR_NUMBER=${{ github.event.pull_request.number }}
	SHORT_SHA=$(echo "${{ github.event.pull_request.head.sha }}" \| cut -c1-7)
	PRERELEASE_VERSION="${BASE_VERSION}-pr${PR_NUMBER}.${SHORT_SHA}"
	elif [[ "${{ github.event_name }}" == "push" ]]; then
	SHORT_SHA=$(echo "${{ github.sha }}" \| cut -c1-7)
	PRERELEASE_VERSION="${BASE_VERSION}-main.${SHORT_SHA}"
	else
	SHORT_SHA=$(echo "${{ github.sha }}" \| cut -c1-7)
	REF_SLUG=$(echo "${{ github.ref_name }}" \| tr '/' '-' \| tr -cd 'a-zA-Z0-9-')
	if [[ -z "$REF_SLUG" ]]; then
	REF_SLUG="manual"
	fi
	PRERELEASE_VERSION="${BASE_VERSION}-${REF_SLUG}.${SHORT_SHA}"
	fi
	echo "version=$PRERELEASE_VERSION" >> $GITHUB_OUTPUT
	echo "Prerelease version: $PRERELEASE_VERSION"

	- name: Update Chart.yaml with prerelease version
	run: \|
	sed -i "s/^version:.*/version: ${{ steps.version.outputs.version }}/" ./hosting/k8s/helm/Chart.yaml

	- name: Override appVersion
	if: github.event_name == 'workflow_dispatch' && inputs.app_version != ''
	env:
	APP_VERSION: ${{ inputs.app_version }}
	run: \|
	yq -i '.appVersion = strenv(APP_VERSION)' ./hosting/k8s/helm/Chart.yaml

	- name: Package Helm Chart
	run: \|
	helm package ./hosting/k8s/helm/ --destination /tmp/

	- name: Push Helm Chart to GHCR
	run: \|
	VERSION="${{ steps.version.outputs.version }}"
	CHART_PACKAGE="/tmp/${{ env.CHART_NAME }}-${VERSION}.tgz"

	# Push to GHCR OCI registry
	helm push "$CHART_PACKAGE" "oci://${{ env.REGISTRY }}/${{ github.repository_owner }}/charts"

	- name: Write run summary
	run: \|
	{
	echo "### 🧭 Helm Chart Prerelease Published"
	echo ""
	echo "Version: \`${{ steps.version.outputs.version }}\`"
	echo ""
	echo "Install:"
	echo '```bash'
	echo "helm upgrade --install trigger \\"
	echo " oci://${{ env.REGISTRY }}/${{ github.repository_owner }}/charts/${{ env.CHART_NAME }} \\"
	echo " --version \"${{ steps.version.outputs.version }}\""
	echo '```'
	} >> "$GITHUB_STEP_SUMMARY"

	- name: Find existing comment
	if: github.event_name == 'pull_request'
	uses: peter-evans/find-comment@v3
	id: find-comment
	with:
	issue-number: ${{ github.event.pull_request.number }}
	comment-author: "github-actions[bot]"
	body-includes: "Helm Chart Prerelease Published"

	- name: Create or update PR comment
	if: github.event_name == 'pull_request'
	uses: peter-evans/create-or-update-comment@v4
	with:
	comment-id: ${{ steps.find-comment.outputs.comment-id }}
	issue-number: ${{ github.event.pull_request.number }}
	body: \|
	### 🧭 Helm Chart Prerelease Published

	Version: `${{ steps.version.outputs.version }}`

	Install:
	```bash
	helm upgrade --install trigger \
	oci://ghcr.io/${{ github.repository_owner }}/charts/trigger \
	--version "${{ steps.version.outputs.version }}"
	```

	> ⚠️ This is a prerelease for testing. Do not use in production.
	edit-mode: replace

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

ci(helm): roll prereleases on main pushes + manual trigger #3

Workflow file

ci(helm): roll prereleases on main pushes + manual trigger #3

Uh oh!

Workflow file for this run