feat(vc-authn-oidc): update acapy subchart, webhook url config #67
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish Release | |
| on: | |
| pull_request: | |
| types: [closed] | |
| branches: [ main ] | |
| workflow_dispatch: | |
| permissions: | |
| contents: write | |
| jobs: | |
| publish: | |
| if: github.event.pull_request.merged == true && startsWith(github.event.pull_request.head.ref, 'release/') | |
| runs-on: ubuntu-latest | |
| env: | |
| PR_HEAD_REF: ${{ github.event.pull_request.head.ref }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Configure git | |
| run: | | |
| git config user.email "41898282+github-actions[bot]@users.noreply.github.com" | |
| git config user.name "github-actions[bot]" | |
| - name: Extract chart & version | |
| id: info | |
| run: | | |
| ref="${PR_HEAD_REF}" # release/acapy-v1.2.3 | |
| base=$(echo "$ref" | cut -d/ -f2) | |
| chart=$(echo "$base" | sed -E 's/-v[0-9].*//') | |
| version=$(echo "$base" | sed -E 's/^.*-v//') | |
| echo "chart=$chart" >> "$GITHUB_OUTPUT" | |
| echo "version=$version" >> "$GITHUB_OUTPUT" | |
| echo "Publishing $chart $version" | |
| - name: Create and push tag | |
| run: | | |
| chart='${{ steps.info.outputs.chart }}' | |
| version='${{ steps.info.outputs.version }}' | |
| tag="${chart}-${version}" | |
| if git rev-parse -q --verify "refs/tags/$tag" >/dev/null; then | |
| echo "Tag $tag already exists" | |
| else | |
| echo "Creating tag $tag" | |
| git tag -a "$tag" -m "${chart} ${version}" | |
| git push origin "$tag" | |
| fi | |
| - name: Load version pins | |
| uses: ./.github/actions/load-pins | |
| - name: Cache Helm repositories | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.cache/helm/repository | |
| ~/.local/share/helm/repository | |
| key: ${{ runner.os }}-helm-publish-${{ steps.info.outputs.chart }}-${{ hashFiles('charts/${{ steps.info.outputs.chart }}/Chart.yaml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-helm-publish- | |
| ${{ runner.os }}-helm- | |
| - name: Setup Helm | |
| uses: azure/setup-helm@v4.3.1 | |
| with: | |
| version: v${{ env.HELM_VERSION }} | |
| - name: Install chart-releaser | |
| run: | | |
| curl -sSL -o cr.tar.gz "https://github.com/helm/chart-releaser/releases/download/v${CHART_RELEASER_VERSION}/chart-releaser_${CHART_RELEASER_VERSION}_linux_amd64.tar.gz" | |
| tar -xzf cr.tar.gz cr && sudo mv cr /usr/local/bin/cr | |
| - name: Build dependencies | |
| working-directory: ./charts | |
| run: | | |
| chart='${{ steps.info.outputs.chart }}' | |
| # Add Helm repos from chart dependencies (deduplicated) | |
| repos=$(yq '.dependencies // [] | .[] | .repository' "$chart/Chart.yaml" | sort -u) | |
| repos_added=0 | |
| for repo in $repos; do | |
| if [ -n "$repo" ] && [ "$repo" != "null" ]; then | |
| # Skip OCI registries - they don't use helm repo add | |
| if [[ "$repo" == oci://* ]]; then | |
| echo "Skipping OCI registry (handled by helm dependency build): $repo" | |
| continue | |
| fi | |
| # Generate deterministic name from URL hash (first 8 chars of sha256) | |
| repo_hash=$(echo -n "$repo" | sha256sum | cut -c1-8) | |
| repo_name="repo-${repo_hash}" | |
| echo "Adding Helm repo: $repo_name -> $repo" | |
| helm repo add "$repo_name" "$repo" || true | |
| repos_added=$((repos_added + 1)) | |
| fi | |
| done | |
| # Update repo index only if repos were added | |
| if [ $repos_added -gt 0 ]; then | |
| helm repo update | |
| fi | |
| # Build dependencies | |
| helm dependency build "$chart" || true | |
| - name: Package chart | |
| run: | | |
| mkdir -p .cr-release-packages | |
| helm package "charts/${{ steps.info.outputs.chart }}" --destination .cr-release-packages | |
| - name: Publish release | |
| env: | |
| CR_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| cr upload \ | |
| --owner "${GITHUB_REPOSITORY_OWNER}" \ | |
| --git-repo "${GITHUB_REPOSITORY#*/}" \ | |
| --package-path .cr-release-packages \ | |
| --skip-existing \ | |
| --release-name-template "{{ .Name }}-{{ .Version }}" \ | |
| --make-release-latest=false | |
| - name: Update index.yaml | |
| env: | |
| CR_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| # Create working directory for chart-releaser | |
| mkdir -p .cr-index | |
| cr index \ | |
| --owner "${GITHUB_REPOSITORY_OWNER}" \ | |
| --git-repo "${GITHUB_REPOSITORY#*/}" \ | |
| --pages-branch gh-pages \ | |
| --pages-index-path index.yaml \ | |
| --index-path .cr-index/index.yaml \ | |
| --package-path .cr-release-packages \ | |
| --push |