-
Notifications
You must be signed in to change notification settings - Fork 65
159 lines (143 loc) · 6.28 KB
/
helm-release.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
name: Release Helm Chart
"on":
workflow_dispatch:
jobs:
release:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
# We set the chart release version here - the version schema
# is a SemVer adherent date-based versioning scheme that looks like:
# 2024.2.9125019
# which equates to a release on 2/9/24 at 12:50:19
- name: Get the version tags
id: get_version
run: |
# Enable pipefail so git command failures do not result in null versions downstream
set -x
echo "RELEASE_VERSION=$(date +'%Y.%-m.%-d%H%M%S')" >> $GITHUB_OUTPUT
echo "PREFECT_VERSION=$(\
git ls-remote --tags --refs --sort="v:refname" \
https://github.com/PrefectHQ/prefect.git '*.*.*' | tail -n1 | sed 's/.*\///' \
)" >> $GITHUB_OUTPUT
- name: Copy Artifact Hub metadata
run: |
mkdir -p /tmp/chart
cp artifacthub-repo.yml /tmp/chart
- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "[email protected]"
- name: Set up Helm
uses: azure/[email protected]
- name: Prepare GPG key for signing
run: |
gpg_dir=/tmp/.gpg
mkdir "$gpg_dir"
keyring="$gpg_dir/secring.gpg"
base64 -d <<< "$GPG_KEYRING_BASE64" > "$keyring"
passphrase_file="$gpg_dir/passphrase"
echo "$GPG_PASSPHRASE" > "$passphrase_file"
echo "SIGN_PASSPHRASE_FILE=$passphrase_file" >> "$GITHUB_ENV"
echo "SIGN_KEYRING=$keyring" >> "$GITHUB_ENV"
env:
GPG_KEYRING_BASE64: "${{ secrets.GPG_KEYRING_BASE64 }}"
GPG_PASSPHRASE: "${{ secrets.GPG_PASSPHRASE }}"
- name: Add dependency chart repos
run: |
helm repo add bitnami https://charts.bitnami.com/bitnami
- name: Package Agent helm chart
run: |
mkdir -p /tmp/chart
cd charts
# Update the prefect version tag in values.yaml
sed -i "s/prefectTag:.*$/prefectTag: $PREFECT_VERSION-python3.10/g" prefect-agent/values.yaml
helm package prefect-agent \
--destination /tmp/chart \
--dependency-update \
--version $RELEASE_VERSION \
--app-version $PREFECT_VERSION \
--sign --key '[email protected]' \
--keyring $SIGN_KEYRING \
--passphrase-file $SIGN_PASSPHRASE_FILE
env:
RELEASE_VERSION: ${{ steps.get_version.outputs.RELEASE_VERSION }}
PREFECT_VERSION: ${{ steps.get_version.outputs.PREFECT_VERSION }}
SIGN_KEYRING: ${{ env.SIGN_KEYRING }}
SIGN_PASSPHRASE_FILE: ${{ env.SIGN_PASSPHRASE_FILE }}
- name: Package Worker helm chart
run: |
mkdir -p /tmp/chart
cd charts
# Update the prefect version tag in values.yaml
sed -i "s/prefectTag:.*$/prefectTag: $PREFECT_VERSION-python3.11-kubernetes/g" prefect-worker/values.yaml
helm package prefect-worker \
--destination /tmp/chart \
--dependency-update \
--version $RELEASE_VERSION \
--app-version $PREFECT_VERSION \
--sign --key '[email protected]' \
--keyring $SIGN_KEYRING \
--passphrase-file $SIGN_PASSPHRASE_FILE
env:
RELEASE_VERSION: ${{ steps.get_version.outputs.RELEASE_VERSION }}
PREFECT_VERSION: ${{ steps.get_version.outputs.PREFECT_VERSION }}
SIGN_KEYRING: ${{ env.SIGN_KEYRING }}
SIGN_PASSPHRASE_FILE: ${{ env.SIGN_PASSPHRASE_FILE }}
- name: Package Server helm chart
run: |
mkdir -p /tmp/chart
cd charts
# Update the prefect version tag in values.yaml
sed -i "s/prefectTag:.*$/prefectTag: $PREFECT_VERSION-python3.10/g" prefect-server/values.yaml
helm package prefect-server \
--destination /tmp/chart \
--dependency-update \
--version $RELEASE_VERSION \
--app-version $PREFECT_VERSION \
--sign --key '[email protected]' \
--keyring $SIGN_KEYRING \
--passphrase-file $SIGN_PASSPHRASE_FILE
env:
RELEASE_VERSION: ${{ steps.get_version.outputs.RELEASE_VERSION }}
PREFECT_VERSION: ${{ steps.get_version.outputs.PREFECT_VERSION }}
SIGN_KEYRING: ${{ env.SIGN_KEYRING }}
SIGN_PASSPHRASE_FILE: ${{ env.SIGN_PASSPHRASE_FILE }}
- name: Update chart index
run: |
git stash # Stash changes to the values.yaml so checkout doesn't complain
git checkout gh-pages
helm repo index /tmp/chart --url https://prefecthq.github.io/prefect-helm/charts --merge ./index.yaml
- name: Commit and push
run: |
cp /tmp/chart/artifacthub-repo.yml .
cp /tmp/chart/index.yaml .
cp /tmp/chart/prefect-agent-$RELEASE_VERSION.* ./charts
cp /tmp/chart/prefect-server-$RELEASE_VERSION.* ./charts
cp /tmp/chart/prefect-worker-$RELEASE_VERSION.* ./charts
git add ./artifacthub-repo.yml ./index.yaml ./charts/prefect-agent-$RELEASE_VERSION.* ./charts/prefect-server-$RELEASE_VERSION.* ./charts/prefect-worker-$RELEASE_VERSION.*
git commit -m "Release $RELEASE_VERSION"
git push origin gh-pages
env:
RELEASE_VERSION: ${{ steps.get_version.outputs.RELEASE_VERSION }}
- name: Trigger deploy-latest-helm-version workflow
run: |
gh workflow run deploy-latest-helm-version.yaml \
--ref main \
-f helm_version=$RELEASE_VERSION
env:
GITHUB_TOKEN: ${{ github.token }}
RELEASE_VERSION: ${{ steps.get_version.outputs.RELEASE_VERSION }}
- name: Create Github Release + Tag
run: |
gh release create $RELEASE_VERSION \
--generate-notes \
--notes "Packaged with Prefect version \
[$PREFECT_VERSION](https://github.com/PrefectHQ/prefect/releases/tag/$PREFECT_VERSION)"
env:
GITHUB_TOKEN: ${{ github.token }}
RELEASE_VERSION: ${{ steps.get_version.outputs.RELEASE_VERSION }}
PREFECT_VERSION: ${{ steps.get_version.outputs.PREFECT_VERSION }}