Bump image tags for workbench images #487
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Generate Inframold Charts Artifacts Manifest | |
on: | |
pull_request: | |
branches: | |
- 'main' | |
jobs: | |
path-filter: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.head_ref }} | |
- name: Check if the following files changed | |
uses: dorny/paths-filter@v3 | |
id: path_filtering | |
with: | |
filters: | | |
pathsrc: | |
- '.github/workflows/update-artifacts.yml' | |
- 'charts/tfy-k8s-aws-eks-inframold/**' | |
- 'charts/tfy-k8s-azure-aks-inframold/**' | |
- 'charts/tfy-k8s-civo-talos-inframold/**' | |
- 'charts/tfy-k8s-gcp-gke-standard-inframold/**' | |
- 'charts/tfy-k8s-generic-inframold/**' | |
- 'scripts/generate-artifacts-manifest/**' | |
- 'scripts/upload-artifacts/**' | |
outputs: | |
pathsrc_output: ${{ steps.path_filtering.outputs.pathsrc}} == 'true' | |
update-artifacts: | |
runs-on: ubuntu-latest | |
needs: path-filter | |
permissions: | |
contents: write | |
id-token: write | |
env: | |
ARTIFACTORY_USERNAME: ${{ secrets.TRUEFOUNDRY_ARTIFACTORY_PUBLIC_USERNAME }} | |
ARTIFACTORY_PASSWORD: ${{ secrets.TRUEFOUNDRY_ARTIFACTORY_PUBLIC_PASSWORD }} | |
ARTIFACTORY_REPOSITORY_URL: ${{ vars.TRUEFOUNDRY_ARTIFACTORY_PUBLIC_REPOSITORY }} | |
ARTIFACTORY_HELM_REGISTRY_URL: ${{ vars.TRUEFOUNDRY_ARTIFACTORY_PUBLIC_HELM_REGISTRY }} | |
steps: | |
- name: Checkout Code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
ref: ${{ github.head_ref }} | |
- name: Setup Kubectl | |
id: install-kubectl | |
uses: azure/setup-kubectl@v3 | |
with: | |
version: 'v1.28.0' | |
- name: Setup Helm | |
uses: azure/[email protected] | |
with: | |
version: v3.15.1 | |
- name: Setup Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.10' | |
- name: Log in to JFrog Artifactory | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.TRUEFOUNDRY_ARTIFACTORY_PRIVATE_READONLY_USERNAME }} | |
password: ${{ secrets.TRUEFOUNDRY_ARTIFACTORY_PRIVATE_READONLY_PASSWORD }} | |
registry: ${{ vars.TRUEFOUNDRY_ARTIFACTORY_REGISTRY_URL }} | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
role-to-assume: ${{ secrets.PUBLIC_ECR_IAM_ROLE_ARN }} | |
aws-region: us-east-1 | |
- name: Login to Amazon ECR | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v2 | |
with: | |
registry-type: public | |
- name: Install python dependencies | |
if: needs.path-filter.outputs.pathsrc_output | |
run: | | |
pip install -r scripts/upload-artifacts/requirements.txt | |
pip install -r scripts/generate-artifacts-manifest/requirements.txt | |
# Generate artifacts manifest for inframold charts | |
- name: Generate Artifacts Manifest for Each Chart | |
if: needs.path-filter.outputs.pathsrc_output | |
run: | | |
charts_list=("tfy-k8s-aws-eks-inframold" "tfy-k8s-azure-aks-inframold" "tfy-k8s-gcp-gke-standard-inframold" "tfy-k8s-generic-inframold") | |
for chart in "${charts_list[@]}"; | |
do | |
version=$(cat charts/$chart/Chart.yaml | grep version | awk '{print $2}') | |
python scripts/generate-artifacts-manifest/artifacts_template_generator.py $chart https://truefoundry.github.io/infra-charts/ \ | |
$version charts/$chart/values-artifact-manifest.yaml charts/$chart/artifacts-manifest.json scripts/generate-artifacts-manifest/extra.json | |
done | |
env: | |
MODE: 'local' | |
# Update the inframold artifacts manifest | |
- name: Update Artifacts Manifest | |
if: needs.path-filter.outputs.pathsrc_output | |
run: | | |
git config user.name "$GITHUB_ACTOR" | |
git config user.email "[email protected]" | |
git add . | |
if git diff --cached --quiet; then | |
echo "Nothing to commit for now" | |
else | |
git commit -am "[CI] Update charts artifacts manifest files" --signoff | |
git pull origin --rebase | |
git push | |
fi |