-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #2 from konstructio/mirror-charts-remote
Add support for uploading downloaded charts to a remote museum.
- Loading branch information
Showing
3 changed files
with
113 additions
and
51 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,101 @@ | ||
| name: "Mirror Helm Charts" | ||
|
|
||
| on: | ||
| push: # runs on any branch push | ||
| schedule: | ||
| - cron: "0 0 * * 1" # runs every Monday at midnight | ||
| workflow_dispatch: # runs whenever the workflow is dispatched via the UI | ||
|
|
||
| env: | ||
| REGISTRY_SOURCE: "https://charts.kubefirst.com" | ||
| REGISTRY_DESTINATION: "https://chartmuseum.freegitopsmagic.com" | ||
|
|
||
| permissions: | ||
| contents: write | ||
|
|
||
| jobs: | ||
| download-charts: | ||
| name: "Download charts to local Git repository" | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: "Checkout repository branch" | ||
| uses: actions/checkout@v2 | ||
| with: | ||
| ref: "charts" | ||
| fetch-depth: 0 | ||
|
|
||
| - name: "Install Helm mirror" | ||
| run: | | ||
| cd /tmp | ||
| wget https://github.com/konstructio/helm-mirror/releases/download/v0.5.0/helm-mirror_linux_x86_64.tar.gz | ||
| tar -xzf helm-mirror_linux_x86_64.tar.gz | ||
| install -m 755 bin/mirror /usr/local/bin/helm-mirror | ||
| - name: "Download a testing Chart" | ||
| if: github.ref != 'refs/heads/main' | ||
| run: | | ||
| helm-mirror "$REGISTRY_SOURCE" "$(pwd)" --chart-name=kubefirst --chart-version=2.4.13 --verbose | ||
| - name: "Download all Helm charts" | ||
| if: github.ref == 'refs/heads/main' | ||
| run: | | ||
| helm-mirror "$REGISTRY_SOURCE" "$(pwd)" --all-versions --verbose | ||
| - name: "Commit changes" | ||
| if: github.ref == 'refs/heads/main' | ||
| run: | | ||
| git config --global user.email "github-actions[bot]@users.noreply.github.com" | ||
| git config --global user.name "GitHub Actions Bot" | ||
| git add . | ||
| git commit -m "Update Helm charts" | ||
| git push origin charts | ||
| push-charts-to-museum: | ||
| name: "Push Helm charts to Remote museum" | ||
| needs: download-charts | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: "Checkout repository branch" | ||
| uses: actions/checkout@v2 | ||
| with: | ||
| ref: "charts" | ||
| fetch-depth: 0 | ||
|
|
||
| - name: "Install Helm cm-push" | ||
| run: | | ||
| cd /tmp | ||
| wget https://github.com/chartmuseum/helm-push/releases/download/v0.10.4/helm-push_0.10.4_linux_amd64.tar.gz | ||
| tar -xzf helm-push_0.10.4_linux_amd64.tar.gz | ||
| install -m 755 bin/helm-cm-push /usr/local/bin/helm-push | ||
| - name: "Install Hurl" | ||
| uses: gacts/install-hurl@v1 | ||
|
|
||
| - name: "Validate Helm credentials" | ||
| run: | | ||
| export HURL_REGISTRY_DESTINATION="${REGISTRY_DESTINATION}" | ||
| hurl --test <<EOF | ||
| POST {{REGISTRY_DESTINATION}}/api/charts | ||
| [BasicAuth] | ||
| {{HELM_REPO_USERNAME}}: {{HELM_REPO_PASSWORD}} | ||
| HTTP 400 | ||
| [Asserts] | ||
| jsonpath "$.error" == "EOF" | ||
| EOF | ||
| env: | ||
| HURL_HELM_REPO_USERNAME: "${{ secrets.TEST_CHARTMUSEUM_USER }}" | ||
| HURL_HELM_REPO_PASSWORD: "${{ secrets.TEST_CHARTMUSEUM_PASSWORD }}" | ||
|
|
||
| - name: "Upload Helm charts to a different museum" | ||
| if: github.ref == 'refs/heads/main' | ||
| run: | | ||
| # find each .tgz file in the current directory, then push | ||
| # them to a remote museum | ||
| for tgz in $(find ./downloaded/ -name "*.tgz"); do | ||
| echo "Found Helm Chart ${tgz}" | ||
| helm-push "${tgz}" "${REGISTRY_DESTINATION}" --force | ||
| done | ||
| env: | ||
| HELM_REPO_USERNAME: "${{ secrets.TEST_CHARTMUSEUM_USER }}" | ||
| HELM_REPO_PASSWORD: "${{ secrets.TEST_CHARTMUSEUM_PASSWORD }}" |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,2 +1,14 @@ | ||
| # charts-mirror | ||
| Git mirror of Konstruct.io and Kubefirst Helm charts | ||
|
|
||
| ### How to use this repository | ||
|
|
||
| You can manually trigger this repository's workflow via a `workflow_dispatch` which will do the following: | ||
|
|
||
| * Download all Helm charts from `$REGISTRY_SOURCE` | ||
| * Commit and push them to the `charts` branch of this repository | ||
| * Upload all found charts to the `$REGISTRY_DESTINATION` Helm repository | ||
|
|
||
| The commit part doesn't need any special tokens since the workflow itself is automatically authenticated for `write` operations. | ||
|
|
||
| To upload the charts to the destination repository, you'll need to provide the authentication credentials for the target ChartMuseum. These are the environment variables `HELM_REPO_USERNAME` and `HELM_REPO_PASSWORD`. |