Add OCI detection to workflow

peinser · Dec 13, 2023 · 06ac072 · 06ac072
1 parent 4c40ed2
commit 06ac072
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 58 deletions.
diff --git a/.github/workflows/index.yaml b/.github/workflows/index.yaml
@@ -10,14 +10,16 @@ on:
     - charts/**
 
 jobs:
+
   package:
     runs-on: ubuntu-latest
 
     steps:
 
     - name: 'Git Checkout'
       uses: actions/checkout@v3
-
+      with:
+        fetch-depth: 0
 
     - name: 'Configure & Install Helm'
       uses: azure/setup-helm@v3
@@ -38,25 +40,28 @@ jobs:
 
     steps:
 
-    - name: 'Git Checkout'
+    - if: ${{ vars.HELM_OCI_REGISTRY != '' }}
+      name: 'Git Checkout'
       uses: actions/checkout@v3
       with:
         fetch-depth: 0
 
-    - name: 'Configure & Install Helm'
+    - if: ${{ vars.HELM_OCI_REGISTRY != '' }}
+      name: 'Configure & Install Helm'
       uses: azure/setup-helm@v3
 
-    - name: 'Authorize Helm with remote container registry'
+    - if: ${{ vars.HELM_OCI_REGISTRY != '' }}
+      name: 'Authorize Helm with remote container registry'
       run: |
-        echo "TODO"
+        echo ${{ secrets.HELM_OCI_SECRET }} | helm registry login -u ${{ vars.HELM_OCI_USERNAME }} --password-stdin ${{ vars.HELM_OCI_REGISTRY }}
 
-    - name: 'Push modified Helm packages to the container registry'
+    - if: ${{ vars.HELM_OCI_REGISTRY != '' }}
+      name: 'Push modified Helm packages to the container registry'
       env:
         HELM_EXPERIMENTAL_OCI: '1'
       run: |
         git pull origin main  # Pull latest changes from main.
         git diff --name-only -r HEAD^1 HEAD | grep .tgz | while read line || [[ -n $line ]];
         do
-            echo " > Pushing chart $line"
-            helm push $line oci://nexus.global.dns:8443/charts/charts
+            helm push $line oci://${{ vars.HELM_OCI_REGISTRY }}
         done
diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml
diff --git a/README.md b/README.md
@@ -9,8 +9,26 @@ A template repository for managing Helm charts specific to a single project.
 
 ## Configuration
 
-## Changelogs
+### GitHub
+
+#### HTTP
+
+```bash
+helm repo add reponame https://raw.githubusercontent.com/peinser/template-helm/main/repo
+```
+
+The above only works for public repositories. Otherwise, registry credentials such as SSH keys or a PAT are required.
 
+#### OCI Artifact
+
+Alternatively, it is possible to configure an OCI compatible container registry to manage Helm charts. To enable
+this behaviour, the following variables (and secret) have to be defined:
+
+- `HELM_OCI_REGISTRY`
+- `HELM_OCI_USERNAME`
+- `HELM_OCI_SECRET`
+
+## Changelogs
 
 ## Conventions