Skip to content

debug CI WIF

debug CI WIF #10

Workflow file for this run

name: Release Charts
on: [pull_request]
# on:
# push:
# # tags:
# # - "[0-9]+.[0-9]+.[0-9]+"
# branches:
# - main
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
env:
CHART_NAME: ${{vars.CHART_NAME}}
CHART_VERSION: ${{ github.ref_name }}
jobs:
release:
runs-on: ubuntu-latest
environment: production
permissions:
contents: read
id-token: "write" # needed for using open id token to authenticate with GCP services
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install Helm
uses: azure/setup-helm@v4
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
- name: auth github actions to GCP
id: auth
uses: google-github-actions/auth@v2
with:
token_format: access_token
project_id: ${{ vars.GCP_PROJECT_ID }}
workload_identity_provider: ${{ vars.WORKLOAD_IDENTITY_PROVIDER_ID }}
service_account: ${{ vars.SERVICE_ACCOUNT_EMAIL}}
- name: "Set up Cloud SDK"
uses: "google-github-actions/setup-gcloud@v2"
with:
version: ">= 363.0.0"
- name: Login to artifact registry
run: |
cd kubernetes
echo "${{ steps.auth.outputs.access_token }}" | helm registry login -u oauth2accesstoken --password-stdin ${{vars.ARTIFACT_REGISTRY_HOST_NAME}}
- name: Prepare YQ
uses: dcarbone/install-yq-action@v1.1.1
with:
version: "v4.44.3"
download-compressed: "false"
force: "false"
- name: Update dependencies
run: |
cd kubernetes
make update_dependencies
- name: Helm package
run: |
cd kubernetes
make pack
- name: Helm push
run: |
cd kubernetes
helm push $CHART_NAME-${{ github.ref_name }}.tgz oci://${{vars.ARTIFACT_REGISTRY_HOST_NAME}}/${{vars.INFRA_PROJECT_ID}}/${{vars.ARTIFACT_REGISTRY_REPOSITORY}}