chanzuckerberg · jakeyheath · Feb 7, 2025 · Feb 6, 2025
diff --git a/.github/workflows/chart-dependency-update.yaml b/.github/workflows/chart-dependency-update.yaml
@@ -8,52 +8,52 @@
 
 jobs:
   update_chart_locks:
-    runs-on: [ARM64, self-hosted, Linux]
+    runs-on: ARM64
     steps:
       - name: Generate token
         id: generate_token
        uses: tibdex/github-app-token@v2
        with:
          app_id: ${{ secrets.CZI_RELEASE_PLEASE_APP_ID }}
          private_key: ${{ secrets.CZI_RELEASE_PLEASE_PK }}
      - name: Checkout
        uses: actions/checkout@v4
        with:
          token: ${{ steps.generate_token.outputs.token }}
      - uses: dorny/paths-filter@v3
        id: filter
        with:
          initial-fetch-depth: '1'
          list-files: json
          filters: |
            changed:
              - added|modified: '**'
      - uses: actions/github-script@v7
        id: changed_charts
        with:
          script: |
            const fs = require('fs');
            const path = require("path");
            const changedFiles = ${{ steps.filter.outputs.changed_files }}
            const changedDirs = changedFiles.map(f => path.dirname(f)).filter(dir => fs.existsSync(path.join(dir, 'Chart.yaml')));
            const uniqueChangedDirs = [...new Set(changedDirs)];
            console.log(`Found the following changed charts: ${JSON.stringify(uniqueChangedDirs, null, 2)}\n OG: ${JSON.stringify(changedFiles, null, 2)} `)
            core.setOutput('changed_chart_dirs', uniqueChangedDirs)
            core.setOutput('changed_chart_dirs_bash', uniqueChangedDirs.join(' '));

      - uses: azure/setup-helm@v4
        with:
          version: '3.15.2'
      - name: Update Chart.lock
        run: |
          for chart in ${{ steps.changed_charts.outputs.changed_chart_dirs_bash }}
          do
            echo "----------------------------------------"
            echo "Updating ${chart}/Chart.lock"
            helm dependency update ${chart}
            git diff ${chart}/Chart.lock
          done
      - name: Commit changes
        uses: EndBug/add-and-commit@v9
        with:
          add: -A

diff --git a/.github/workflows/chart-release.yaml b/.github/workflows/chart-release.yaml
@@ -10,34 +10,34 @@
 
 jobs:
   check-chart-released:
-    runs-on: [ARM64, self-hosted, Linux]
+    runs-on: ARM64
     steps:
       - name: Checkout
         uses: actions/checkout@v4
      - name: Check Release
        id: chart_released
        uses: actions/github-script@v7
        with:
          script: |
            const fs = require('fs');
            const path = require('path');

            const result = /refs\/tags\/(.*)-v[0-9.]+/.exec(context.ref)
            if (result && result.length >= 2) {
              const releaseName = result[1];
              core.setOutput("released", fs.existsSync(path.join(releaseName, 'Chart.yaml')));
              core.setOutput("release_name", releaseName);
            } else {
              core.setOutput("released", false);
            }
    outputs:
      chart_released: ${{ steps.chart_released.outputs.released }}
      release_name: ${{ steps.chart_released.outputs.release_name }}
  release:
     if: ${{ needs.check-chart-released.outputs.chart_released == 'true' }}
     needs:
       - check-chart-released
-    runs-on: [ARM64, self-hosted, Linux]
+    runs-on: ARM64
     steps:
       - name: Parse Tag
         id: parse_tag

diff --git a/.github/workflows/conventional-commits.yml b/.github/workflows/conventional-commits.yml
@@ -14,6 +14,6 @@
   cancel-in-progress: true
 jobs:
   conventional_commit_title:
-    runs-on: [ARM64, self-hosted, Linux]
+    runs-on: ARM64
     steps:
       - uses: chanzuckerberg/github-actions/.github/actions/conventional-commits@v1.4.0
diff --git a/.github/workflows/generate-schemas.yaml b/.github/workflows/generate-schemas.yaml
@@ -7,45 +7,45 @@
 
 jobs:
   update_schema_and_readme:
-    runs-on: [ARM64, self-hosted, Linux]
+    runs-on: ARM64
     steps:
       - name: Checkout
         uses: actions/checkout@v4
      - uses: dorny/paths-filter@v3
        id: filter
        with:
          initial-fetch-depth: '1'
          list-files: json
          filters: |
            changed:
              - added|modified: '**'
      - uses: actions/github-script@v7
        id: changed_charts
        with:
          script: |
            const fs = require('fs');
            const path = require("path");
            const changedFiles = ${{ steps.filter.outputs.changed_files }}
            const changedDirs = changedFiles.map(f => path.dirname(f)).filter(dir => fs.existsSync(path.join(dir, 'Chart.yaml')));
            const uniqueChangedDirs = [...new Set(changedDirs)];
            console.log(`Found the following changed charts: ${JSON.stringify(uniqueChangedDirs, null, 2)}\n OG: ${JSON.stringify(changedFiles, null, 2)} `)
            core.setOutput('changed_chart_dirs', uniqueChangedDirs)
            core.setOutput('changed_chart_dirs_bash', uniqueChangedDirs.join(' '));

      - uses: actions/setup-node@v4
        with:
          node-version: '20'
      - name: Install readme-generator-for-helm
        run: npm install -g @bitnami/readme-generator-for-helm
      - name: Update Readme
        run: |
          for chart in ${{ steps.changed_charts.outputs.changed_chart_dirs_bash }}
          do
            echo "Updating README.md for ${chart}"
            readme-generator --values ${chart}/values.yaml --readme ${chart}/README.md --schema ${chart}/values.schema.json
          done
      - name: Commit changes
        uses: EndBug/add-and-commit@v9
        with:
          add: -A
          message: 'chore: Update README/Schema for changed charts'
diff --git a/.github/workflows/release-please.yaml b/.github/workflows/release-please.yaml
@@ -8,19 +8,19 @@
 name: release-please
 jobs:
   release-please:
-    runs-on: [ARM64, self-hosted, Linux]
+    runs-on: ARM64
     steps:
       # See https://docs.github.com/en/actions/security-guides/automatic-token-authentication#using-the-github_token-in-a-workflow
       # For why we need to generate a token and not use the default
      - name: Generate token
        id: generate_token
        uses: tibdex/github-app-token@v2
        with:
          app_id: ${{ secrets.CZI_RELEASE_PLEASE_APP_ID }}
          private_key: ${{ secrets.CZI_RELEASE_PLEASE_PK }}

      - name: release please
        uses: google-github-actions/release-please-action@v4
        id: release
        with:
          token: ${{ steps.generate_token.outputs.token }}