Skip to content

Bump image tags for workbench images #487

Bump image tags for workbench images

Bump image tags for workbench images #487

name: Generate Inframold Charts Artifacts Manifest
on:
pull_request:
branches:
- 'main'
jobs:
path-filter:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
ref: ${{ github.head_ref }}
- name: Check if the following files changed
uses: dorny/paths-filter@v3
id: path_filtering
with:
filters: |
pathsrc:
- '.github/workflows/update-artifacts.yml'
- 'charts/tfy-k8s-aws-eks-inframold/**'
- 'charts/tfy-k8s-azure-aks-inframold/**'
- 'charts/tfy-k8s-civo-talos-inframold/**'
- 'charts/tfy-k8s-gcp-gke-standard-inframold/**'
- 'charts/tfy-k8s-generic-inframold/**'
- 'scripts/generate-artifacts-manifest/**'
- 'scripts/upload-artifacts/**'
outputs:
pathsrc_output: ${{ steps.path_filtering.outputs.pathsrc}} == 'true'
update-artifacts:
runs-on: ubuntu-latest
needs: path-filter
permissions:
contents: write
id-token: write
env:
ARTIFACTORY_USERNAME: ${{ secrets.TRUEFOUNDRY_ARTIFACTORY_PUBLIC_USERNAME }}
ARTIFACTORY_PASSWORD: ${{ secrets.TRUEFOUNDRY_ARTIFACTORY_PUBLIC_PASSWORD }}
ARTIFACTORY_REPOSITORY_URL: ${{ vars.TRUEFOUNDRY_ARTIFACTORY_PUBLIC_REPOSITORY }}
ARTIFACTORY_HELM_REGISTRY_URL: ${{ vars.TRUEFOUNDRY_ARTIFACTORY_PUBLIC_HELM_REGISTRY }}
steps:
- name: Checkout Code
uses: actions/checkout@v4
with:
fetch-depth: 0
ref: ${{ github.head_ref }}
- name: Setup Kubectl
id: install-kubectl
uses: azure/setup-kubectl@v3
with:
version: 'v1.28.0'
- name: Setup Helm
uses: azure/[email protected]
with:
version: v3.15.1
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: '3.10'
- name: Log in to JFrog Artifactory
uses: docker/login-action@v3
with:
username: ${{ secrets.TRUEFOUNDRY_ARTIFACTORY_PRIVATE_READONLY_USERNAME }}
password: ${{ secrets.TRUEFOUNDRY_ARTIFACTORY_PRIVATE_READONLY_PASSWORD }}
registry: ${{ vars.TRUEFOUNDRY_ARTIFACTORY_REGISTRY_URL }}
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.PUBLIC_ECR_IAM_ROLE_ARN }}
aws-region: us-east-1
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
with:
registry-type: public
- name: Install python dependencies
if: needs.path-filter.outputs.pathsrc_output
run: |
pip install -r scripts/upload-artifacts/requirements.txt
pip install -r scripts/generate-artifacts-manifest/requirements.txt
# Generate artifacts manifest for inframold charts
- name: Generate Artifacts Manifest for Each Chart
if: needs.path-filter.outputs.pathsrc_output
run: |
charts_list=("tfy-k8s-aws-eks-inframold" "tfy-k8s-azure-aks-inframold" "tfy-k8s-gcp-gke-standard-inframold" "tfy-k8s-generic-inframold")
for chart in "${charts_list[@]}";
do
version=$(cat charts/$chart/Chart.yaml | grep version | awk '{print $2}')
python scripts/generate-artifacts-manifest/artifacts_template_generator.py $chart https://truefoundry.github.io/infra-charts/ \
$version charts/$chart/values-artifact-manifest.yaml charts/$chart/artifacts-manifest.json scripts/generate-artifacts-manifest/extra.json
done
env:
MODE: 'local'
# Update the inframold artifacts manifest
- name: Update Artifacts Manifest
if: needs.path-filter.outputs.pathsrc_output
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "[email protected]"
git add .
if git diff --cached --quiet; then
echo "Nothing to commit for now"
else
git commit -am "[CI] Update charts artifacts manifest files" --signoff
git pull origin --rebase
git push
fi