docker-selenium/.github/workflows/helm-chart-release.yml at trunk · SeleniumHQ/docker-selenium · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
name: Release Charts
concurrency:
  group: ${{ github.workflow }}

on:
  push:
    branches:
      - trunk
    paths:
      - 'charts/selenium-grid/Chart.yaml'
  workflow_dispatch:
    inputs:
      release:
        description: 'Deploy a new release'
        required: false
        type: string
        default: 'false'
      skip-test:
        description: 'Skip the tests'
        required: false
        type: boolean
        default: false
      skip-commit:
        description: 'Skip the commit'
        required: false
        type: boolean
        default: false

permissions: write-all

env:
  GH_CLI_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GH_CLI_TOKEN_PR: ${{ secrets.TRIGGER_CI_TOKEN || secrets.GITHUB_TOKEN }}
  RUN_ID: ${{ github.run_id }}
  RERUN_FAILED_ONLY: ${{ github.event.inputs.rerunFailedOnly || true }}
  RUN_ATTEMPT: ${{ github.run_attempt }}
  FORCE_RELEASE: ${{ github.event.inputs.release == 'true' }}

jobs:
  helm-chart-test:
    if: github.event.inputs.skip-test != 'true' && contains(toJson(github.event.commits), '[skip test]') == false
    uses: ./.github/workflows/helm-chart-test.yml
    secrets: inherit
    with:
      release: ${{ github.event.inputs.release == 'true' }}

  release:
    needs:
      - helm-chart-test
    if: (!failure() && !cancelled())
    runs-on: ubuntu-24.04
    permissions: write-all
    env:
      NAME: ${{ vars.DOCKER_NAMESPACE || 'selenium' }}
    steps:
      - name: Checkout
        uses: actions/checkout@main
        with:
          persist-credentials: false
          fetch-depth: 0
      - name: Set up environment for building chart
        uses: nick-invision/retry@master
        with:
          timeout_minutes: 10
          max_attempts: 3
          command: make setup_dev_env
      - name: Build Helm chart
        uses: nick-invision/retry@master
        with:
          timeout_minutes: 5
          max_attempts: 3
          retry_wait_seconds: 10
          command: |
            SET_VERSION=false make chart_build
            echo "CHART_PACKAGE_PATH=$(cat /tmp/selenium_chart_version)" >> $GITHUB_ENV
            echo "CHART_FILE_NAME=$(basename $(cat /tmp/selenium_chart_version))" >> $GITHUB_ENV

      - name: Configure Git
        run: |
          git config user.name "$GITHUB_ACTOR"
          git config user.email "$GITHUB_ACTOR@users.noreply.github.com"

      - name: Get chart release notes (chart_release_notes.md)
        run: |
          ./generate_chart_changelog.sh
          if [ "${FORCE_RELEASE}" == "true" ]; then
            echo "IS_RELEASE=true" >> $GITHUB_ENV
          else
            echo "IS_RELEASE=$(cat /tmp/selenium_chart_release)" >> $GITHUB_ENV
          fi

      - name: Login Docker Hub
        run: helm registry login registry-1.docker.io -u "$DOCKER_USERNAME" -p "$DOCKER_PASSWORD"
        env:
          DOCKER_USERNAME: ${{secrets.DOCKER_USERNAME}}
          DOCKER_PASSWORD: ${{secrets.DOCKER_PASSWORD}}

      - name: Push Helm chart to registry
        uses: nick-invision/retry@master
        with:
          timeout_minutes: 20
          max_attempts: 3
          retry_wait_seconds: 120
          command: |
            make chart_release
            echo "LATEST_CHART_VERSION=$(cat /tmp/latest_chart_version)" >> $GITHUB_ENV

      - name: Run chart-releaser
        if: env.IS_RELEASE == 'true'
        uses: helm/chart-releaser-action@main
        with:
          mark_as_latest: false
          skip_existing: false
        env:
          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
          CR_RELEASE_NOTES_FILE: RELEASE_NOTES.md

      - name: Commit files
        if: github.event.inputs.skip-commit != 'true'
        run: |
          git config --local user.email "selenium-ci@users.noreply.github.com"
          git config --local user.name "Selenium CI Bot"
          git commit -m "[ci] Update chart ${LATEST_CHART_VERSION} changelog" -m "[skip ci]" -a || true
          git pull --rebase

      - name: Push changes
        if: github.event.inputs.skip-commit != 'true'
        uses: ad-m/github-push-action@master
        with:
          github_token: ${{ secrets.SELENIUM_CI_TOKEN || secrets.GITHUB_TOKEN }}
          branch: trunk

  rerun-workflow-when-failure:
    name: Rerun workflow when failure
    needs:
      - helm-chart-test
    if: failure() && ( github.run_attempt < 3 )
    runs-on: ubuntu-24.04
    steps:
      - name: Checkout code
        uses: actions/checkout@main
      - name: Install GitHub CLI
        run: |
          sudo apt update
          sudo apt install gh
      - name: Authenticate GitHub CLI for PR
        if: github.event_name == 'pull_request'
        run: |
          echo "$GH_CLI_TOKEN_PR" | gh auth login --with-token
      - name: Authenticate GitHub CLI
        if: github.event_name != 'pull_request'
        run: |
          echo "$GH_CLI_TOKEN" | gh auth login --with-token
      - name: Rerun workflow when failure
        run: |
          echo "Rerun workflow ID $RUN_ID in attempt #$(($RUN_ATTEMPT + 1))"
          gh workflow run rerun-failed.yml \
            --repo $GITHUB_REPOSITORY \
            --raw-field runId=$RUN_ID \
            --raw-field rerunFailedOnly=$RERUN_FAILED_ONLY