You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
76 lines
3.1 KiB
76 lines
3.1 KiB
kind: pipeline
|
|
type: kubernetes
|
|
name: update-helm-charts
|
|
|
|
steps:
|
|
# Step 1: Lint all Helm charts
|
|
- name: lint-charts
|
|
image: alpine/helm:3.19.0
|
|
commands:
|
|
- find charts -maxdepth 2 -type d | grep "/v[0-9]\\+\\.[0-9]\\+\\.[0-9]\\+$" | xargs -I {} helm lint {}
|
|
|
|
# Step 2: Package only changed Helm charts
|
|
- name: package-all-charts
|
|
image: alpine/helm:3.19.0
|
|
commands:
|
|
- mkdir -p charts/dist
|
|
# Find all versioned chart directories
|
|
- ALL_CHARTS=$(find charts -maxdepth 2 -type d | grep "/v[0-9]\\+\\.[0-9]\\+\\.[0-9]\\+$")
|
|
- "echo \"Detected charts: $ALL_CHARTS\""
|
|
- if [ -n "$ALL_CHARTS" ]; then echo "$ALL_CHARTS" | xargs -I {} helm package {} --destination charts/dist; else echo "No charts found in repository"; exit 1; fi
|
|
depends_on:
|
|
- lint-charts
|
|
|
|
# Step 3: Push charts to Harbor
|
|
- name: push-to-harbor
|
|
image: alpine/helm:3.19.0
|
|
commands:
|
|
# Fail if credentials are missing
|
|
- "if [ -z \"$HARBOR_USERNAME\" ] || [ -z \"$HARBOR_PASSWORD\" ]; then echo \"Error: HARBOR_USERNAME or HARBOR_PASSWORD not set\"; exit 1; fi"
|
|
# Harbor registry host (OCI). Change if you want a different host or make it an environment variable.
|
|
- export HARBOR_REGISTRY="porto.interlegis.leg.br"
|
|
# Harbor project/repository to store charts (default: rancher-charts). Can be overridden by setting HARBOR_PROJECT env var in the pipeline.
|
|
- export HARBOR_PROJECT="${HARBOR_PROJECT:-rancher-charts}"
|
|
# Login to Harbor OCI registry
|
|
- helm registry login "$HARBOR_REGISTRY" --username "$HARBOR_USERNAME" --password "$HARBOR_PASSWORD"
|
|
# Save and push each packaged chart (.tgz) to Harbor using OCI (repository: <project>/<name>:<version>)
|
|
- |
|
|
if ls charts/dist/*.tgz >/dev/null 2>&1; then
|
|
for CHART in charts/dist/*.tgz; do
|
|
# Determine chart name and version from the packaged chart metadata (robust against dashes)
|
|
NAME=$(helm show chart "$CHART" 2>/dev/null | awk '/^name:/{print $2; exit}')
|
|
VERSION=$(helm show chart "$CHART" 2>/dev/null | awk '/^version:/{print $2; exit}')
|
|
if [ -z "$NAME" ] || [ -z "$VERSION" ]; then
|
|
echo "Failed to determine chart name/version for $CHART"
|
|
echo "helm show chart output for debugging:"
|
|
helm show chart "$CHART" || true
|
|
exit 1
|
|
fi
|
|
OCI_REF="oci://$HARBOR_REGISTRY/$HARBOR_PROJECT/$NAME:$VERSION"
|
|
OCI_REPO="oci://$HARBOR_REGISTRY/$HARBOR_PROJECT"
|
|
echo "Pushing $CHART as $OCI_REF"
|
|
helm push "$CHART" "$OCI_REPO"
|
|
if [ $? -eq 0 ]; then
|
|
echo "Successfully pushed $CHART to $OCI_REF"
|
|
continue
|
|
fi
|
|
done
|
|
else
|
|
echo "No .tgz files to push"
|
|
exit 0
|
|
fi
|
|
environment:
|
|
HARBOR_USERNAME:
|
|
from_secret: harbor_username
|
|
HARBOR_PASSWORD:
|
|
from_secret: harbor_password
|
|
when:
|
|
condition: ls charts/dist/*.tgz 2>/dev/null # Only run if there are new .tgz files
|
|
depends_on:
|
|
- package-all-charts
|
|
|
|
trigger:
|
|
branch:
|
|
- master
|
|
event:
|
|
- push
|