Merge 827ad6f into 5d043a1

Keyfactor · Jan 8, 2024 · 9bb4b1a · 9bb4b1a
2 parents 5d043a1 + 827ad6f
commit 9bb4b1a
Show file tree

Hide file tree

Showing 3 changed files with 118 additions and 3 deletions.
diff --git a/.github/workflows/go-build-and-release.yml b/.github/workflows/go-build-and-release.yml
@@ -27,6 +27,11 @@ jobs:
         with:
           # Allow goreleaser to access older tag information.
           fetch-depth: 0
+      - name: Check file existence
+        id: check_files
+        uses: andstor/file-existence-action@v2
+        with:
+          files: "pkg/version/version.go" # Make this file a property in the manifest and input to the workflow
       - uses: actions/setup-go@v4
         with:
           go-version-file: 'go.mod'
@@ -40,6 +45,10 @@ jobs:
             echo "GO_ARGS=build --snapshot" | tee -a "$GITHUB_ENV" 
             echo "VERSION=0.0.0" | tee -a "$GITHUB_ENV"  | tee -a "$GITHUB_STEP_SUMMARY"
           fi
+      - name: Update version.go
+        if: github.event_name == 'pull_request' && steps.check_files.outputs.files_exists == 'true' 
+        run: |
+          sed -i "s/const VERSION = .*/const VERSION = \"${{ inputs.release_version }}\"/" pkg/version/version.go
       - name: Import GPG key
         uses: crazy-max/ghaction-import-gpg@v6
         id: import_gpg

diff --git a/.github/workflows/helm-chart-build-and-release.yml b/.github/workflows/helm-chart-build-and-release.yml
@@ -0,0 +1,80 @@
+name: Go build 
+
+on:
+  workflow_call:
+    inputs:
+      release_version:
+        description: Condition based on release branch build
+        required: false
+        type: string
+
+    secrets:
+      token:
+        description: 'Secret token from caller workflow to access private packages'
+        required: true
+
+jobs:
+  helm:
+    runs-on: ubuntu-latest
+    # This job conditional should be moved to a step condition for the actual upload.
+    if: github.event.pull_request.merged == true
+    steps:
+      - name: get-is-release
+        run: |
+          if [[ ("${{ github.event_name }}" == "pull_request") && "${{ inputs.release_version }}" != "" ]]; then
+            echo "SKIP_CHARTS_UPLOAD=false" | tee -a "$GITHUB_ENV" | tee -a "$GITHUB_STEP_SUMMARY"
+          else
+            echo "SKIP_CHARTS_UPLOAD=true" | tee -a "$GITHUB_ENV" | tee -a "$GITHUB_STEP_SUMMARY"
+          fi
+
+      - name: Set IMAGE_NAME
+        run: |
+          echo "IMAGE_NAME=${GITHUB_REPOSITORY,,}" >>${GITHUB_ENV}
+
+      # Checkout code
+      # https://github.com/actions/checkout
+      - name: Checkout code
+        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+
+      # Extract metadata (tags, labels) to use in Helm chart
+      # https://github.com/docker/metadata-action
+      - name: Extract Docker metadata
+        id: meta
+        uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+
+      # Set version from DOCKER_METADATA_OUTPUT_VERSION as environment variable
+      - name: Set Version
+        run: |
+          echo "VERSION=${DOCKER_METADATA_OUTPUT_VERSION:1}" >> $GITHUB_ENV
+
+      # Change version and appVersion in Chart.yaml to the tag in the closed PR
+      - name: Update Helm App/Chart Version
+        shell: bash
+        run: |
+          sed -i "s/^version: .*/version: ${{ env.VERSION }}/g" deploy/charts/command-cert-manager-issuer/Chart.yaml
+          sed -i "s/^appVersion: .*/appVersion: \"${{ env.DOCKER_METADATA_OUTPUT_VERSION }}\"/g" deploy/charts/command-cert-manager-issuer/Chart.yaml
+
+      # Setup Helm
+      # https://github.com/Azure/setup-helm
+      - name: Install Helm
+        uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      # Helm requires an ident name to be set for chart-releaser to work
+      - name: Configure Git
+        run: |
+          git config user.name "$GITHUB_ACTOR"
+          git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
+
+      # Build and release Helm chart to GitHub Pages
+      # https://github.com/helm/chart-releaser-action
+      - name: Run chart-releaser
+        uses: helm/chart-releaser-action@be16258da8010256c6e82849661221415f031968 # v1.5.0
+        env:
+          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+        with:
+          charts_dir: deploy/charts
+          skip_upload: ${{ env.SKIP_CHARTS_UPLOAD}}
diff --git a/.github/workflows/starter.yml b/.github/workflows/starter.yml
@@ -40,6 +40,23 @@ jobs:
         run: |
           echo "primary_language=${{ steps.read.outputs.primary_language}}" | tee -a "$GITHUB_OUTPUT" | tee -a $GITHUB_STEP_SUMMARY
 
+
+  call-goreleaser-exists:
+    outputs:
+      goreleaser-exists: ${{ steps.check_files.outputs.files_exists }}
+    runs-on: ubuntu-latest
+    name: Check for .goreleaser file
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Check file existence
+        id: check_files
+        uses: andstor/file-existence-action@v2
+        with:
+          files: ".goreleaser.y*ml"
+
   call-create-github-release-workflow:
     uses: Keyfactor/actions/.github/workflows/github-release.yml@v2
 
@@ -56,16 +73,25 @@ jobs:
       token: ${{ secrets.token  }}
 
   call-go-build-and-release-workflow:
-    needs: [call-get-primary-language, call-assign-from-json-workflow, call-create-github-release-workflow]
-    if: needs.call-get-primary-language.outputs.primary_language == 'Go'
-    uses: keyfactor/actions/.github/workflows/go-build-and-release.yml@v2
+    needs: [call-get-primary-language, call-assign-from-json-workflow, call-create-github-release-workflow,call-goreleaser-exists]
+    if: needs.call-get-primary-language.outputs.primary_language == 'Go' && needs.call-goreleaser-exists.outputs.goreleaser-exists == 'true'
+    uses: keyfactor/actions/.github/workflows/go-build-and-release.yml@ab#53262-check-pkg-ver
     with: 
       release_version: ${{ needs.call-create-github-release-workflow.outputs.release_version }}
     secrets: 
       token: ${{ secrets.GITHUB_TOKEN }}
       gpg_key: ${{ secrets.gpg_key }}
       gpg_pass: ${{ secrets.gpg_pass }}
 
+  call-helm-chart-build-and-release-workflow:
+    needs: [call-get-primary-language, call-assign-from-json-workflow, call-create-github-release-workflow]
+    if: needs.call-get-primary-language.outputs.primary_language == 'Go' && !fileExists('.goreleaser.yaml')
+    uses: keyfactor/actions/.github/workflows/helm-chart-build-and-release.yml@ab#52817-add-helm-container-builds
+    with: 
+      release_version: ${{ needs.call-create-github-release-workflow.outputs.release_version }}
+    secrets: 
+      token: ${{ secrets.GITHUB_TOKEN }}
+
   call-generate-readme-workflow:
     if: github.event_name == 'push' || github.event_name == 'workflow_dispatch'
     uses: Keyfactor/actions/.github/workflows/generate-readme.yml@v2