mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-01-11 15:39:33 -05:00
ci: publish s3proxy chart during release
This commit is contained in:
parent
8ebd813480
commit
b0ee39a96d
46
.github/actions/publish_helmchart/action.yml
vendored
Normal file
46
.github/actions/publish_helmchart/action.yml
vendored
Normal file
@ -0,0 +1,46 @@
|
||||
name: Release Helm Chart
|
||||
description: "Creates a PR in edgelesssys/helm to publish a new Chart."
|
||||
|
||||
inputs:
|
||||
chartPath:
|
||||
description: "Path to chart that should be published"
|
||||
required: true
|
||||
githubToken:
|
||||
description: "GitHub token"
|
||||
required: true
|
||||
|
||||
runs:
|
||||
using: "composite"
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
||||
with:
|
||||
repository: edgelesssys/helm
|
||||
ref: main
|
||||
path: helm
|
||||
|
||||
- name: Update s3proxy Chart version
|
||||
id: update-chart-version
|
||||
shell: bash
|
||||
run: |
|
||||
helm package ${{ inputs.chartPath }} --destination helm/stable
|
||||
cd helm
|
||||
helm repo index stable --url https://helm.edgeless.systems/stable
|
||||
echo version=$(yq eval ".version" ${{ inputs.chartPath }}/Chart.yaml) | tee -a $GITHUB_OUTPUT
|
||||
|
||||
- name: Create pull request
|
||||
uses: peter-evans/create-pull-request@153407881ec5c347639a548ade7d8ad1d6740e38 # v5.0.2
|
||||
with:
|
||||
path: helm
|
||||
branch: "release/s3proxy/${{ steps.update-chart-version.outputs.version }}"
|
||||
base: main
|
||||
title: "s3proxy: release version ${{ steps.update-chart-version.outputs.version }}"
|
||||
body: |
|
||||
:robot: *This is an automated PR.* :robot:
|
||||
|
||||
This PR is triggered as part of the Constellation [release pipeline](https://github.com/edgelesssys/constellation/actions/runs/${{ github.run_id }}).
|
||||
It adds a new packaged chart to the repo's stable stream.
|
||||
commit-message: "s3proxy: release version ${{ steps.update-chart-version.outputs.version }}"
|
||||
committer: edgelessci <edgelessci@users.noreply.github.com>
|
||||
# We need to push changes using a token, otherwise triggers like on:push and on:pull_request won't work.
|
||||
token: ${{ !github.event.pull_request.head.repo.fork && inputs.githubToken || '' }}
|
6
.github/workflows/release.yml
vendored
6
.github/workflows/release.yml
vendored
@ -194,6 +194,12 @@ jobs:
|
||||
git push
|
||||
fi
|
||||
|
||||
- name: Publish s3proxy
|
||||
uses: ./.github/actions/publish_helmchart
|
||||
with:
|
||||
chartPath: ${{ github.workspace }}/s3proxy/deploy/s3proxy
|
||||
githubToken: ${{ secrets.CI_GITHUB_REPOSITORY }}
|
||||
|
||||
os-image:
|
||||
name: Build OS image
|
||||
needs: [verify-inputs, update-versions]
|
||||
|
@ -41,10 +41,11 @@ Releases should be performed using [the automated release pipeline](https://gith
|
||||
```
|
||||
|
||||
3. wait for the pipeline to finish
|
||||
4. while in editing mode for the release, clear the textbox, select the last patch release for the current release branch and click "Generate release notes".
|
||||
5. look over the autogenerated draft release. When fixing the changelog, prioritize updating the PR title/labels/description and regenerating the changelog over fixing things in the final changelog. The changelog should be primarily aimed at users. Rule of thumb: first part of the sentence should describe what changed for the user, second part can describe what has been changed to achieve this.
|
||||
6. in the GitHub release UI, set the tag to create on publish to `$ver`.
|
||||
7. publish.
|
||||
4. Check the s3proxy PR in the [helm chart repository](https://github.com/edgelesssys/helm/pull/) and approve it if things (esp. the version) look correct. Correct example for reference: https://github.com/edgelesssys/helm/pull/19/files
|
||||
5. while in editing mode for the release, clear the textbox, select the last patch release for the current release branch and click "Generate release notes".
|
||||
6. look over the autogenerated draft release. When fixing the changelog, prioritize updating the PR title/labels/description and regenerating the changelog over fixing things in the final changelog. The changelog should be primarily aimed at users. Rule of thumb: first part of the sentence should describe what changed for the user, second part can describe what has been changed to achieve this.
|
||||
7. in the GitHub release UI, set the tag to create on publish to `$ver`.
|
||||
8. publish.
|
||||
|
||||
### Minor release
|
||||
|
||||
@ -71,10 +72,11 @@ Releases should be performed using [the automated release pipeline](https://gith
|
||||
./constellation status
|
||||
```
|
||||
|
||||
5. while in editing mode for the release, clear the textbox, select the last minor release and click "Generate release notes".
|
||||
6. look over the autogenerated draft release. When fixing the changelog, prioritize updating the PR title/labels/description and regenerating the changelog over fixing things in the final changelog. The changelog should be primarily aimed at users. Rule of thumb: first part of the sentence should describe what changed for the user, second part can describe what has been changed to achieve this.
|
||||
7. in the GitHub release UI, set the tag to create on publish to `$ver`.
|
||||
8. publish.
|
||||
5. Check the s3proxy PR in the [helm chart repository](https://github.com/edgelesssys/helm/pull/) and approve it if things (esp. the version) look correct. Correct example for reference: https://github.com/edgelesssys/helm/pull/19/files
|
||||
6. while in editing mode for the release, clear the textbox, select the last minor release and click "Generate release notes".
|
||||
7. look over the autogenerated draft release. When fixing the changelog, prioritize updating the PR title/labels/description and regenerating the changelog over fixing things in the final changelog. The changelog should be primarily aimed at users. Rule of thumb: first part of the sentence should describe what changed for the user, second part can describe what has been changed to achieve this.
|
||||
8. in the GitHub release UI, set the tag to create on publish to `$ver`.
|
||||
9. publish.
|
||||
|
||||
## Post release steps
|
||||
|
||||
|
@ -18,14 +18,15 @@ If you want to use s3proxy but these limitations stop you from doing so, conside
|
||||
## Deployment
|
||||
|
||||
You can add the s3proxy to your Constellation cluster as follows:
|
||||
1. Download the deployment manifest:
|
||||
1. Add the Edgeless Systems chart repository:
|
||||
```bash
|
||||
git clone --depth=1 git@github.com:edgelesssys/constellation.git
|
||||
helm repo add edgeless https://helm.edgeless.systems/stable
|
||||
helm repo update
|
||||
```
|
||||
2. Set AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY to valid credentials you want s3proxy to use to interact with S3. Inspect `constellation/s3proxy/deploy/s3proxy/values.yaml` to learn about available deployment options.
|
||||
2. Set ACCESS_KEY and ACCESS_SECRET to valid credentials you want s3proxy to use to interact with S3.
|
||||
3. Deploy s3proxy:
|
||||
```bash
|
||||
helm install s3proxy --set awsAccessKeyID="$AWS_ACCESS_KEY_ID" --set awsSecretAccessKey="$AWS_SECRET_ACCESS_KEY" ./constellation/s3proxy/deploy/s3proxy
|
||||
helm install s3proxy edgeless/s3proxy --set awsAccessKeyID="$ACCESS_KEY" --set awsSecretAccessKey="$ACCESS_SECRET"
|
||||
```
|
||||
|
||||
If you want to run a demo application, check out the [Filestash with s3proxy](../getting-started/examples/filestash-s3proxy.md) example.
|
||||
|
@ -18,14 +18,15 @@ If you want to use s3proxy but these limitations stop you from doing so, conside
|
||||
## Deployment
|
||||
|
||||
You can add the s3proxy to your Constellation cluster as follows:
|
||||
1. Download the deployment manifest:
|
||||
1. Add the Edgeless Systems chart repository:
|
||||
```bash
|
||||
wget https://raw.githubusercontent.com/edgelesssys/constellation/main/s3proxy/deploy/deployment-s3proxy.yaml
|
||||
helm repo add edgeless https://helm.edgeless.systems/stable
|
||||
helm repo update
|
||||
```
|
||||
2. Replace the values named `replaceme` in `deployment-s3proxy.yaml` with valid AWS credentials. These credentials are used by s3proxy to access your S3 buckets.
|
||||
2. Set ACCESS_KEY and ACCESS_SECRET to valid credentials you want s3proxy to use to interact with S3.
|
||||
3. Deploy s3proxy:
|
||||
```bash
|
||||
kubectl apply -f deployment-s3proxy.yaml
|
||||
helm install s3proxy edgeless/s3proxy --set awsAccessKeyID="$ACCESS_KEY" --set awsSecretAccessKey="$ACCESS_SECRET"
|
||||
```
|
||||
|
||||
If you want to run a demo application, check out the [Filestash with s3proxy](../getting-started/examples/filestash-s3proxy.md) example.
|
||||
|
Loading…
Reference in New Issue
Block a user