.github/workflows/helm-charts-release-ghcr.yaml
# SPDX-FileCopyrightText: the secureCodeBox authors
#
# SPDX-License-Identifier: Apache-2.0
on:
release:
types: [published]
name: "Publish Helm Charts to GHCR"
env:
CONTAINER_REGISTRY: ghcr.io/securecodebox
HELM_VERSION: "v3.12.2"
jobs:
GHCR-Helm-Release:
name: "Publish Helm Charts to GHCR"
runs-on: ubuntu-22.04
permissions:
contents: read
packages: write
steps:
- uses: actions/checkout@v4
- name: Parse Release Version
run: |
RELEASE_VERSION="${GITHUB_REF#refs/*/}"
# Remove leading 'v' from git tag to create valid semver
RELEASE_VERSION="${RELEASE_VERSION//v}"
echo "version=$RELEASE_VERSION" >> "$GITHUB_ENV"
- name: Install Helm
run: |
curl -Lo ./helm.tar.gz https://get.helm.sh/helm-${{ env.HELM_VERSION }}-linux-amd64.tar.gz
tar -xzf ./helm.tar.gz
chmod +x ./linux-amd64/helm
sudo mv ./linux-amd64/helm /usr/local/bin/helm
helm version
- name: "Login to Package Registry"
run: 'echo "${{ secrets.GITHUB_TOKEN }}" | helm registry login --username ${{ github.actor }} --password-stdin ${{ env.CONTAINER_REGISTRY }}'
- name: "Package and Push Helm Charts to GHCR"
run: |
find . -type f -name Chart.yaml -not -path "./.templates/*" -print0 | while IFS= read -r -d '' chart; do
(
dir="$(dirname "${chart}")"
cd "${dir}" || exit
echo "Processing Helm Chart in $dir"
NAME=$(yq eval '.name' - < Chart.yaml)
helm package --version "${{ env.version }}" .
helm push "${NAME}-${{ env.version }}.tgz" oci://$CONTAINER_REGISTRY/helm/
)
done