diff --git a/.github/workflows/release-prod.yml b/.github/workflows/release-prod.yml index a89a8e7..9ef7aef 100644 --- a/.github/workflows/release-prod.yml +++ b/.github/workflows/release-prod.yml @@ -79,27 +79,32 @@ jobs: push: true tags: ${{ secrets.DOCKERHUB_USERNAME }}/kubevoyage:${{ env.BRANCH_NAME }} - pulumi-deploy: - needs: build-docker + release: + # depending on default permission settings for your org (contents being read-only or read-write for workloads), you will have to add permissions + # see: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token + permissions: + contents: write runs-on: ubuntu-latest steps: - - name: Checkout code + - name: Checkout uses: actions/checkout@v3 - - run: npm install - working-directory: deploy - - name: Decode kubeconfig + with: + fetch-depth: 0 + + - name: Configure Git run: | - mkdir -p $HOME/.kube - echo "${{ secrets.KUBE_CONFIG }}" | base64 -d > $HOME/.kube/config - cat $HOME/.kube/config - shell: bash - - name: Deploy with Pulumi - uses: pulumi/actions@v4 + git config user.name "$GITHUB_ACTOR" + git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + + - name: Install Helm + uses: azure/setup-helm@v3 + + - name: Run chart-releaser + uses: helm/chart-releaser-action@v1.5.0 with: - command: up - stack-name: prod - work-dir: deploy - env: - PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} - registryImage: ${{ secrets.DOCKERHUB_USERNAME }}/kubevoyage - imageTag: ${{ github.head_ref || github.ref_name }} + charts_dir: deploy/charts + env: + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + registryImage: ${{ secrets.DOCKERHUB_USERNAME }}/kubevoyage + imageTag: ${{ github.head_ref || github.ref_name }} + CR_TOKEN: ${{ secrets.PAT }}