-
Notifications
You must be signed in to change notification settings - Fork 62
143 lines (126 loc) · 5.12 KB
/
helm-release.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
---
name: Release Prefect Server and Worker Helm Charts
"on":
workflow_dispatch: {}
permissions: {}
jobs:
release:
runs-on: ubuntu-latest
permissions:
# GitHub considers creating releases and uploading assets as writing contents.
contents: write
outputs:
releaseVersion: ${{ steps.output_version.outputs.releaseVersion }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
# We set the chart release version here - the version schema
# is a SemVer adherent date-based versioning scheme that looks like:
# 2024.2.9125019
# which equates to a release on 2/9/24 at 12:50:19
- name: Get the version tags
id: get_version
run: |
# Enable pipefail so git command failures do not result in null versions downstream
set -x
echo "RELEASE_VERSION=$(date +'%Y.%-m.%-d%H%M%S')" >> $GITHUB_ENV
echo "PREFECT_VERSION=$(\
git ls-remote --tags --refs --sort="v:refname" \
https://github.com/PrefectHQ/prefect.git '[3].*.[!rc]' | tail -n1 | sed 's/.*\///' \
)" >> $GITHUB_ENV
- name: Output version as GitHub Output
id: output_version
run: |
echo "releaseVersion=$RELEASE_VERSION" >> $GITHUB_OUTPUT
- name: Copy Artifact Hub metadata
run: |
mkdir -p /tmp/chart
cp artifacthub-repo.yml /tmp/chart
- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "[email protected]"
- name: Set up Helm
uses: azure/setup-helm@v4
- name: Prepare GPG key for signing
run: |
gpg_dir=/tmp/.gpg
mkdir "$gpg_dir"
keyring="$gpg_dir/secring.gpg"
base64 -d <<< "$GPG_KEYRING_BASE64" > "$keyring"
passphrase_file="$gpg_dir/passphrase"
echo "$GPG_PASSPHRASE" > "$passphrase_file"
echo "SIGN_PASSPHRASE_FILE=$passphrase_file" >> $GITHUB_ENV
echo "SIGN_KEYRING=$keyring" >> $GITHUB_ENV
env:
GPG_KEYRING_BASE64: ${{ secrets.GPG_KEYRING_BASE64 }}
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
- name: Add dependency chart repos
run: |
helm repo add bitnami https://charts.bitnami.com/bitnami
- name: Package Worker helm chart
run: |
mkdir -p /tmp/chart
cd charts
# Update the prefect version tag in values.yaml
sed -i "s/prefectTag:.*$/prefectTag: $PREFECT_VERSION-python3.11-kubernetes/g" prefect-worker/values.yaml
helm package prefect-worker \
--destination /tmp/chart \
--dependency-update \
--version $RELEASE_VERSION \
--app-version $PREFECT_VERSION \
--sign --key '[email protected]' \
--keyring $SIGN_KEYRING \
--passphrase-file $SIGN_PASSPHRASE_FILE
- name: Package Server helm chart
run: |
mkdir -p /tmp/chart
cd charts
# Update the prefect version tag in values.yaml
sed -i "s/prefectTag:.*$/prefectTag: $PREFECT_VERSION-python3.11/g" prefect-server/values.yaml
helm package prefect-server \
--destination /tmp/chart \
--dependency-update \
--version $RELEASE_VERSION \
--app-version $PREFECT_VERSION \
--sign --key '[email protected]' \
--keyring $SIGN_KEYRING \
--passphrase-file $SIGN_PASSPHRASE_FILE
- name: Update chart index
run: |
git stash # Stash changes to the values.yaml so checkout doesn't complain
git checkout gh-pages
helm repo index /tmp/chart --url https://prefecthq.github.io/prefect-helm/charts --merge ./index.yaml
- name: Commit and push
run: |
cp /tmp/chart/artifacthub-repo.yml .
cp /tmp/chart/index.yaml .
cp /tmp/chart/prefect-server-$RELEASE_VERSION.* ./charts
cp /tmp/chart/prefect-worker-$RELEASE_VERSION.* ./charts
git add ./artifacthub-repo.yml ./index.yaml ./charts/prefect-server-$RELEASE_VERSION.* ./charts/prefect-worker-$RELEASE_VERSION.*
git commit -m "Release $RELEASE_VERSION"
git push origin gh-pages
- name: Create Github Release + Tag
run: |
gh release create $RELEASE_VERSION \
--generate-notes \
--notes "Packaged with Prefect version \
[$PREFECT_VERSION](https://github.com/PrefectHQ/prefect/releases/tag/$PREFECT_VERSION)"
env:
GH_TOKEN: ${{ github.token }}
update_helm_chart_versions_downstream:
name: Update Helm Chart versions in `ops-cluster-deployment`
needs: release
runs-on: ubuntu-latest
steps:
- name: Run workflow
run: |
gh workflow run update-prefect-helm-chart-versions.yaml \
--repo prefecthq/ops-cluster-deployment \
--ref main \
-f chart_version=${{ needs.release.outputs.releaseVersion }} \
-f type=main
env:
GH_TOKEN: ${{ secrets.OPS_CLUSTER_DEPLOYMENT_ACTIONS_RW }}