helm-actions/.gitea/workflows/release-version.yml

name: generate-chart

on:
  push:
    tags:
      - "*"

env:
  # renovate: datasource=docker depName=alpine/helm
  HELM_VERSION: "3.19.0"

jobs:
  generate-chart-publish:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v5
      - name: install tools
        run: |
          apt update -y
          apt install -y curl ca-certificates curl gnupg
          # helm
          curl -O https://get.helm.sh/helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz
          tar -xzf helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz
          mv linux-amd64/helm /usr/local/bin/
          rm -rf linux-amd64 helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz
          helm version
          # docker
          install -m 0755 -d /etc/apt/keyrings
          curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
          chmod a+r /etc/apt/keyrings/docker.gpg
          echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
          apt update -y
          apt install -y python3 python3-pip apt-transport-https docker-ce-cli
          pip install awscli --break-system-packages

      - name: Import GPG key
        id: import_gpg
        uses: https://github.com/crazy-max/ghaction-import-gpg@v6
        with:
          gpg_private_key: ${{ secrets.GPGSIGN_KEY }}
          passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
          fingerprint: CC64B1DB67ABBEECAB24B6455FC346329753F4B0

      # Using helm gpg plugin as 'helm package --sign' has issues with gpg2: https://github.com/helm/helm/issues/2843
      - name: package chart
        run: |
          echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | docker login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} --password-stdin
          # FIXME: use upstream after https://github.com/technosophos/helm-gpg/issues/1 is solved
          helm plugin install https://github.com/pat-s/helm-gpg
          helm dependency build
          helm package --version "${GITHUB_REF#refs/tags/v}" ./
          mkdir actions
          mv actions*.tgz actions/
          curl -s -L -o actions/index.yaml https://dl.gitea.com/charts/index.yaml
          helm repo index actions/ --url https://dl.gitea.com/charts --merge actions/index.yaml
          # push to dockerhub
          echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | helm registry login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} registry-1.docker.io --password-stdin
          helm push actions/actions-${GITHUB_REF#refs/tags/v}.tgz oci://registry-1.docker.io/giteacharts
          helm registry logout registry-1.docker.io

      - name: aws credential configure
        uses: https://github.com/aws-actions/configure-aws-credentials@v5
        with:
          aws-access-key-id: ${{ secrets.AWS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: ${{ secrets.AWS_REGION }}

      - name: Copy files to S3 and clear cache
        run: |
          aws s3 sync actions/ s3://${{ secrets.AWS_S3_BUCKET}}/charts/