@@ -163,16 +163,6 @@ jobs:
163163 VERSION=${{ steps.meta.outputs.version }}
164164 REVISION=${{ github.sha }}
165165
166- name : Trigger test environment updates
167- run : |
168- curl -L \
169- -X POST \
170- -H "Accept: application/vnd.github+json" \
171- -H "Authorization: Bearer ${{secrets.PAT_TOKEN_EXTENSION_DEPLOYER}}" \
172- -H "X-GitHub-Api-Version: 2022-11-28" \
173- https://api.github.com/repos/steadybit/extension-deployer/actions/workflows/extension-restart.yml/dispatches \
174- -d '{"ref":"main","inputs":{"extension":"${{ github.repository }}","version":"${{ steps.meta.outputs.version }}","revision":"${{ github.sha }}"}}'
175-
176166snyk-test :
177167 name : " Snyk Test ${{ startsWith(github.ref, 'refs/tags/') && '- If this breaks for CVEs, you need to revoke the published image (and move latest tag)!' || '' }}"
178168 uses : steadybit/extension-kit/.github/workflows/reusable-snyk-scan.yml@main
@@ -182,7 +172,6 @@ jobs:
182172 container_image : ghcr.io/${{ github.repository }}:latest
183173 secrets :
184174 SNYK_TOKEN : ${{ secrets.SNYK_TOKEN }}
185- VERSION_BUMPER_SECRET : ${{ secrets.GH_APP_STEADYBIT_PRIVATE_KEY }}
186175
187176 snyk-monitor :
188177 name : " [Release] Snyk Monitor latest"
@@ -195,7 +184,6 @@ jobs:
195184 target_ref : latest
196185 secrets :
197186 SNYK_TOKEN : ${{ secrets.SNYK_TOKEN }}
198- VERSION_BUMPER_SECRET : ${{ secrets.GH_APP_STEADYBIT_PRIVATE_KEY }}
199187
200188 build-packages :
201189 name : Build Linux Packages
@@ -260,8 +248,7 @@ jobs:
260248test-helm-charts :
261249 name : " Test Helm Charts"
262250 runs-on : ubuntu-latest
263- needs :
264- - audit
251+ needs : [audit]
265252 steps :
266253 - name : Checkout
267254 uses : actions/checkout@v4
@@ -294,11 +281,40 @@ jobs:
294281 - name : Run chart-testing (lint)
295282 run : ct lint --config chartTesting.yaml
296283
284+ bump-chart-version :
285+ name : Bump Chart Patch Version on main branch
286+ needs : [build-images]
287+ if : needs.build-images.outputs.version_bump_available && startsWith(github.ref, 'refs/tags/')
288+ runs-on : ubuntu-latest
289+ timeout-minutes : 60
290+ permissions :
291+ contents : write
292+ steps :
293+ - uses : actions/create-github-app-token@v1
294+ id : app-token
295+ with :
296+ app-id : ${{ vars.GH_APP_STEADYBIT_APP_ID }}
297+ private-key : ${{ secrets.GH_APP_STEADYBIT_PRIVATE_KEY }}
298+
299+ - uses : actions/checkout@v4
300+ with :
301+ ref : main
302+ fetch-depth : 0
303+ token : ${{ steps.app-token.outputs.token }}
304+
305+ # this commit will effectively cause another run of the workflow which then actually performs the helm chart release
306+ - run : |
307+ npm install -g semver
308+ make chart-bump-version APP_VERSION="${{ needs.build-images.outputs.version }}"
309+ git config user.name "$GITHUB_ACTOR"
310+ git config user.email "[email protected] " 311+ git commit -am "chore: update helm chart version"
312+ git push
313+
297314release-helm-chart :
298315 name : " Release Helm Chart"
299316 runs-on : ubuntu-latest
300- needs :
301- - test-helm-charts
317+ needs : [test-helm-charts]
302318 if : github.ref == 'refs/heads/main'
303319
304320 permissions :
@@ -328,5 +344,22 @@ jobs:
328344329345 with :
330346 charts_dir : charts
347+ mark_as_latest : false
331348 env :
332349 CR_TOKEN : " ${{ secrets.GITHUB_TOKEN }}"
350+
351+ trigger-test-environment-updates :
352+ name : Trigger test environment updates
353+ if : needs.build-images.outputs.deployer_available
354+ needs : [build-images]
355+ runs-on : ubuntu-latest
356+ timeout-minutes : 60
357+ steps :
358+ - run : |
359+ curl -L \
360+ -X POST \
361+ -H "Accept: application/vnd.github+json" \
362+ -H "Authorization: Bearer ${{secrets.PAT_TOKEN_EXTENSION_DEPLOYER}}" \
363+ -H "X-GitHub-Api-Version: 2022-11-28" \
364+ https://api.github.com/repos/steadybit/extension-deployer/actions/workflows/extension-restart.yml/dispatches \
365+ -d '{"ref":"main","inputs":{"extension":"${{ github.repository }}","version":"${{ needs.build-images.outputs.version }}","revision":"${{ github.sha }}"}}'
0 commit comments