Skip to content

Add config extraCredentials.googleServiceAccountKey #242

Add config extraCredentials.googleServiceAccountKey

Add config extraCredentials.googleServiceAccountKey #242

Workflow file for this run

# This is a GitHub workflow defining a set of jobs with a set of steps.
# ref: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
#
name: Release
on:
pull_request:
paths-ignore:
- "docs/**"
- "**.md"
- ".github/workflows/*"
- "!.github/workflows/release.yaml"
push:
paths-ignore:
- "docs/**"
- "**.md"
- ".github/workflows/*"
- "!.github/workflows/release.yaml"
branches-ignore:
- "dependabot/**"
- "pre-commit-ci-update-config"
- "update-*"
tags:
- "**"
jobs:
# Builds and pushes docker images to quay.io and packages the Helm chart and
# publishes it at 2i2c-org/binderhub-service@gh-pages which is a Helm chart
# repository with a index.yaml file and packaged Helm charts.
#
# ref: https://2i2c.org/binderhub-service/index.yaml
#
release:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
with:
# chartpress needs git history
fetch-depth: 0
- uses: actions/setup-python@v5
with:
python-version: "3.11"
- name: Decide to publish or not
id: publishing
shell: python
run: |
import os
repo = "${{ github.repository }}"
event = "${{ github.event_name }}"
ref = "${{ github.event.ref }}"
publishing = ""
if (
repo == "2i2c-org/binderhub-service"
and event == "push"
and (
ref.startswith("refs/tags/")
or ref == "refs/heads/main"
)
):
publishing = "true"
print("Publishing chart")
with open(os.environ["GITHUB_OUTPUT"], "a") as f:
f.write(f"publishing={publishing}\n")
- name: Set up QEMU (for docker buildx)
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx (for chartpress multi-arch builds)
uses: docker/setup-buildx-action@v3
- name: Install chart publishing dependencies (chartpress, pyyaml, helm)
run: |
# FIXME: remove this pin, and the one in dev-requirements.txt
pip install requests==2.31.0
pip install chartpress pyyaml
pip list
# helm is already installed
helm version
- name: Generate values.schema.json from values.schema.yaml
run: ./tools/generate-json-schema.py
# chartpress will make a commit when pushing to gh-pages, so we need to
# configure a git user.
- name: Configure a git user
run: |
git config --global user.email "github-actions@example.local"
git config --global user.name "GitHub Actions user"
- name: Setup push rights to Helm chart repository's git repo
# This was setup by...
#
# 1. Generating a private/public key pair:
# ssh-keygen -t ed25519 -C "2i2c-org/binderhub-service" -f /tmp/id_ed25519
#
# 2. Registering the private key (/tmp/id_ed25519) as a secret for this
# repo: https://github.com/2i2c-org/binderhub-service/settings/secrets/actions
#
# 3. Registering the public key (/tmp/id_ed25519.pub) as a deploy key
# with push rights for the Helm chart repository's git repo:
# https://github.com/2i2c-org/binderhub-service/settings/keys
#
if: steps.publishing.outputs.publishing
run: |
mkdir -p ~/.ssh
ssh-keyscan github.com >> ~/.ssh/known_hosts
echo "${{ secrets.HELM_CHART_REPO_DEPLOY_KEY }}" > ~/.ssh/id_ed25519
chmod 600 ~/.ssh/id_ed25519
- name: Setup docker push rights to quay.io
if: steps.publishing.outputs.publishing
run: docker login -u "${{ secrets.DOCKER_USERNAME }}" -p "${{ secrets.DOCKER_PASSWORD }}" quay.io
- name: Publish images and chart with chartpress
if: steps.publishing.outputs.publishing
run: ./ci/publish
env:
GITHUB_REPOSITORY: "${{ github.repository }}"
- name: Package chart for actions/upload-artifact
if: steps.publishing.outputs.publishing == ''
run: helm package binderhub-service
# ref: https://github.com/actions/upload-artifact
- uses: actions/upload-artifact@v4
if: steps.publishing.outputs.publishing == ''
with:
name: binderhub-service-${{ github.sha }}
path: "binderhub-service-*.tgz"
if-no-files-found: error