-
Notifications
You must be signed in to change notification settings - Fork 0
154 lines (136 loc) · 5.83 KB
/
commit-to-helm-chart.yml
File metadata and controls
154 lines (136 loc) · 5.83 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
# Use APPLICATION_NAME if you have a single image tag to commit, or APPLICATIONS_LIST if multiple.
# Use ARGO_APPS_VALUES_PATH to write tags into the centralised argo-apps values file instead of per-app files.
name: Deploy
on:
workflow_call:
inputs:
APPLICATION_NAME:
required: false
type: string
APPLICATIONS_LIST:
required: false
type: string
APPLICATIONS_PREFIX:
required: false
type: string
ENVIRONMENT:
required: true
type: string
HELM_CHART_PATH:
required: false
type: string
ARGO_APPS_VALUES_PATH:
required: false
type: string
description: >
Path to the argo-apps chart directory (e.g.
kubernetes/helm/infrastructure-charts/argo-apps). When set, image tags are
written to <path>/<ENVIRONMENT>-apps.values.yaml instead of per-app files.
INFRA_REPO:
required: true
type: string
INFRA_REPO_BRANCH:
required: true
type: string
REGISTRY_URL:
required: true
type: string
SUPPLIED_ENVS:
required: false
type: string
secrets:
INFRA_SSH_KEY:
required: true
jobs:
argocd:
runs-on: ubuntu-latest
steps:
- name: Check out application code
uses: actions/checkout@v4
- name: Git Commit - get commit author data
run: |-
echo "COMMIT_AUTHOR_NAME=$(git log --format='%an <%ae>' -n 1 HEAD | cut -d '<' -f 2 | cut -d '@' -f 1)" >> $GITHUB_ENV
echo "COMMIT_AUTHOR_EMAIL=$(git log --format='%an <%ae>' -n 1 HEAD | cut -d '<' -f 2 | cut -d '>' -f 1)" >> $GITHUB_ENV
echo "COMMIT_AUTHOR=$(git log --format='%an <%ae>' -n 1 HEAD)" >> $GITHUB_ENV
- name: Infrastructure repo checkout
uses: actions/checkout@v4
with:
repository: ${{ inputs.INFRA_REPO }}
ssh-key: ${{ secrets.INFRA_SSH_KEY }}
ref: ${{ inputs.INFRA_REPO_BRANCH }}
- name: Validate inputs
run: |
if [[ -z "${{ inputs.ARGO_APPS_VALUES_PATH }}" && -z "${{ inputs.HELM_CHART_PATH }}" ]]; then
echo "Error: HELM_CHART_PATH is required when ARGO_APPS_VALUES_PATH is not set."
exit 1
fi
if [[ -n "${{ inputs.ARGO_APPS_VALUES_PATH }}" && -n "${{ inputs.APPLICATION_NAME }}" && -z "${{ inputs.APPLICATIONS_LIST }}" ]]; then
echo "Error: ARGO_APPS_VALUES_PATH is set for a single-application deploy (APPLICATION_NAME provided) but APPLICATIONS_LIST is empty."
echo "This workflow currently supports argo-apps mode only when APPLICATIONS_LIST is provided."
exit 1
fi
- name: Set new tag
if: ${{ inputs.APPLICATION_NAME != '' && inputs.APPLICATIONS_LIST == '' && inputs.ARGO_APPS_VALUES_PATH == '' }}
run: |
yq -i ".standard-app.tag = \"$GITHUB_SHA\"" ${{ inputs.HELM_CHART_PATH }}/${{ inputs.APPLICATION_NAME }}/${{ inputs.ENVIRONMENT }}.values.yaml
- name: Set new tags
if: ${{ inputs.APPLICATION_NAME == '' && inputs.APPLICATIONS_LIST != '' && inputs.ARGO_APPS_VALUES_PATH == '' }}
run: |
input=${{ inputs.APPLICATIONS_LIST }}
input="${input#[}"
input="${input%]}"
# Set IFS to comma
IFS=','
# Read the input into an array
read -ra apps <<< "$input"
# Iterate over the array and process each app
for app in "${apps[@]}"; do
echo "Setting tag for app: $app"
yq -i ".standard-app.tag = \"$GITHUB_SHA\"" ${{ inputs.HELM_CHART_PATH }}/${{ inputs.APPLICATIONS_PREFIX }}-$app/${{ inputs.ENVIRONMENT }}.values.yaml
done
- name: Set new tags (argo-apps mode)
if: ${{ inputs.ARGO_APPS_VALUES_PATH != '' && inputs.APPLICATIONS_LIST != '' }}
run: |
input=${{ inputs.APPLICATIONS_LIST }}
input="${input#[}"
input="${input%]}"
IFS=','
read -ra apps <<< "$input"
values_file="${{ inputs.ARGO_APPS_VALUES_PATH }}/${{ inputs.ENVIRONMENT }}-apps.values.yaml"
for app in "${apps[@]}"; do
app_name="${{ inputs.APPLICATIONS_PREFIX }}-${app}"
echo "Setting tag for app: $app_name"
if ! yq e ".apps[] | select(.name == \"$app_name\") | .name" "$values_file" | grep -q .; then
echo "Error: app '$app_name' not found in $values_file"
exit 1
fi
yq -i "(.apps[] | select(.name == \"$app_name\") | .helmValues.standard-app.tag) = \"$GITHUB_SHA\"" "$values_file"
done
# This is an optional step to update envs during deploy. For now this is used by Conduithealth to update API_VERSION env with the deployed commit SHA
- name: Set supplied envs
if: ${{ inputs.SUPPLIED_ENVS != '' }}
run: |
input=${{ inputs.SUPPLIED_ENVS }}
input="${input#[}"
input="${input%]}"
IFS=','
read -ra envs <<< "$input"
for env in "${envs[@]}"; do
key=$(echo "$env" | cut -d '=' -f 1)
value=$(echo "$env" | cut -d '=' -f 2-)
echo "Setting .standard-app.env.$key = $value"
yq -i ".standard-app.env.\"$key\" = \"$value\"" ${{ inputs.HELM_CHART_PATH }}/${{ inputs.APPLICATION_NAME }}/${{ inputs.ENVIRONMENT }}.values.yaml
done
- name: Commit and push
shell: bash
run: |-
git config user.name ${{ env.COMMIT_AUTHOR_NAME }}
git config user.email ${{ env.COMMIT_AUTHOR_EMAIL }}
git add .
if git diff --cached --quiet; then
echo "No staged changes detected; skipping git commit and push."
exit 0
fi
git commit -m "Deploy $GITHUB_SHA
Author: ${{ env.COMMIT_AUTHOR }}"
git push origin ${{ inputs.INFRA_REPO_BRANCH }}