Release Prefect Server and Worker Helm Charts #204
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Release Prefect Server and Worker Helm Charts | |
"on": | |
workflow_dispatch: {} | |
permissions: {} | |
jobs: | |
release: | |
runs-on: ubuntu-latest | |
permissions: | |
# GitHub considers creating releases and uploading assets as writing contents. | |
contents: write | |
outputs: | |
releaseVersion: ${{ steps.output_version.outputs.releaseVersion }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
# We set the chart release version here - the version schema | |
# is a SemVer adherent date-based versioning scheme that looks like: | |
# 2024.2.9125019 | |
# which equates to a release on 2/9/24 at 12:50:19 | |
- name: Get the version tags | |
id: get_version | |
run: | | |
# Enable pipefail so git command failures do not result in null versions downstream | |
set -x | |
echo "RELEASE_VERSION=$(date +'%Y.%-m.%-d%H%M%S')" >> $GITHUB_ENV | |
echo "PREFECT_VERSION=$(\ | |
git ls-remote --tags --refs --sort="v:refname" \ | |
https://github.com/PrefectHQ/prefect.git '[3].*.[!rc]' | tail -n1 | sed 's/.*\///' \ | |
)" >> $GITHUB_ENV | |
- name: Output version as GitHub Output | |
id: output_version | |
run: | | |
echo "releaseVersion=$RELEASE_VERSION" >> $GITHUB_OUTPUT | |
- name: Copy Artifact Hub metadata | |
run: | | |
mkdir -p /tmp/chart | |
cp artifacthub-repo.yml /tmp/chart | |
- name: Configure Git | |
run: | | |
git config user.name "$GITHUB_ACTOR" | |
git config user.email "$GITHUB_ACTOR@users.noreply.github.com" | |
- name: Set up Helm | |
uses: azure/setup-helm@v4 | |
- name: Prepare GPG key for signing | |
run: | | |
gpg_dir=/tmp/.gpg | |
mkdir "$gpg_dir" | |
keyring="$gpg_dir/secring.gpg" | |
base64 -d <<< "$GPG_KEYRING_BASE64" > "$keyring" | |
passphrase_file="$gpg_dir/passphrase" | |
echo "$GPG_PASSPHRASE" > "$passphrase_file" | |
echo "SIGN_PASSPHRASE_FILE=$passphrase_file" >> $GITHUB_ENV | |
echo "SIGN_KEYRING=$keyring" >> $GITHUB_ENV | |
env: | |
GPG_KEYRING_BASE64: ${{ secrets.GPG_KEYRING_BASE64 }} | |
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
- name: Add dependency chart repos | |
run: | | |
helm repo add bitnami https://charts.bitnami.com/bitnami | |
- name: Package Worker helm chart | |
run: | | |
mkdir -p /tmp/chart | |
cd charts | |
# Update the prefect version tag in values.yaml | |
sed -i "s/prefectTag:.*$/prefectTag: $PREFECT_VERSION-python3.11-kubernetes/g" prefect-worker/values.yaml | |
helm package prefect-worker \ | |
--destination /tmp/chart \ | |
--dependency-update \ | |
--version $RELEASE_VERSION \ | |
--app-version $PREFECT_VERSION \ | |
--sign --key 'jamie@prefect.io' \ | |
--keyring $SIGN_KEYRING \ | |
--passphrase-file $SIGN_PASSPHRASE_FILE | |
- name: Package Server helm chart | |
run: | | |
mkdir -p /tmp/chart | |
cd charts | |
# Update the prefect version tag in values.yaml | |
sed -i "s/prefectTag:.*$/prefectTag: $PREFECT_VERSION-python3.11/g" prefect-server/values.yaml | |
helm package prefect-server \ | |
--destination /tmp/chart \ | |
--dependency-update \ | |
--version $RELEASE_VERSION \ | |
--app-version $PREFECT_VERSION \ | |
--sign --key 'jamie@prefect.io' \ | |
--keyring $SIGN_KEYRING \ | |
--passphrase-file $SIGN_PASSPHRASE_FILE | |
- name: Update chart index | |
run: | | |
git stash # Stash changes to the values.yaml so checkout doesn't complain | |
git checkout gh-pages | |
helm repo index /tmp/chart --url https://prefecthq.github.io/prefect-helm/charts --merge ./index.yaml | |
- name: Commit and push | |
run: | | |
cp /tmp/chart/artifacthub-repo.yml . | |
cp /tmp/chart/index.yaml . | |
cp /tmp/chart/prefect-server-$RELEASE_VERSION.* ./charts | |
cp /tmp/chart/prefect-worker-$RELEASE_VERSION.* ./charts | |
git add ./artifacthub-repo.yml ./index.yaml ./charts/prefect-server-$RELEASE_VERSION.* ./charts/prefect-worker-$RELEASE_VERSION.* | |
git commit -m "Release $RELEASE_VERSION" | |
git push origin gh-pages | |
- name: Create Github Release + Tag | |
run: | | |
gh release create $RELEASE_VERSION \ | |
--generate-notes \ | |
--notes "Packaged with Prefect version \ | |
[$PREFECT_VERSION](https://github.com/PrefectHQ/prefect/releases/tag/$PREFECT_VERSION)" | |
env: | |
GH_TOKEN: ${{ github.token }} | |
update_helm_chart_versions_downstream: | |
name: Update Helm Chart versions in `ops-cluster-deployment` | |
needs: release | |
runs-on: ubuntu-latest | |
steps: | |
- name: Run workflow | |
run: | | |
gh workflow run update-prefect-helm-chart-versions.yaml \ | |
--repo prefecthq/ops-cluster-deployment \ | |
--ref main \ | |
-f chart_version=${{ needs.release.outputs.releaseVersion }} \ | |
-f type=main | |
env: | |
GH_TOKEN: ${{ secrets.OPS_CLUSTER_DEPLOYMENT_ACTIONS_RW }} |