diff --git a/.github/actions/publish_helmchart/action.yml b/.github/actions/publish_helmchart/action.yml new file mode 100644 index 00000000000..8e527cf959f --- /dev/null +++ b/.github/actions/publish_helmchart/action.yml @@ -0,0 +1,46 @@ +name: Release Helm Chart +description: "Creates a PR in edgelesssys/helm to publish a new Chart." + +inputs: + chartPath: + description: "Path to chart that should be published" + required: true + githubToken: + description: "GitHub token" + required: true + +runs: + using: "composite" + steps: + - name: Checkout + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + with: + repository: edgelesssys/helm + ref: main + path: helm + + - name: Update s3proxy Chart version + id: update-chart-version + shell: bash + run: | + helm package ${{ inputs.chartPath }} --destination helm/stable + cd helm + helm repo index stable --url https://helm.edgeless.systems/stable + echo version=$(yq eval ".version" ${{ inputs.chartPath }}/Chart.yaml) | tee -a $GITHUB_OUTPUT + + - name: Create pull request + uses: peter-evans/create-pull-request@153407881ec5c347639a548ade7d8ad1d6740e38 # v5.0.2 + with: + path: helm + branch: "release/s3proxy/${{ steps.update-chart-version.outputs.version }}" + base: main + title: "s3proxy: release version ${{ steps.update-chart-version.outputs.version }}" + body: | + :robot: *This is an automated PR.* :robot: + + This PR is triggered as part of the Constellation [release pipeline](https://github.com/edgelesssys/constellation/actions/runs/${{ github.run_id }}). + It adds a new packaged chart to the repo's stable stream. + commit-message: "s3proxy: release version ${{ steps.update-chart-version.outputs.version }}" + committer: edgelessci + # We need to push changes using a token, otherwise triggers like on:push and on:pull_request won't work. + token: ${{ !github.event.pull_request.head.repo.fork && inputs.githubToken || '' }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 59ebec4ede1..03c1e3921de 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -194,6 +194,12 @@ jobs: git push fi + - name: Publish s3proxy + uses: ./.github/actions/publish_helmchart + with: + chartPath: ${{ github.workspace }}/s3proxy/deploy/s3proxy + githubToken: ${{ secrets.CI_GITHUB_REPOSITORY }} + os-image: name: Build OS image needs: [verify-inputs, update-versions] diff --git a/dev-docs/workflows/release.md b/dev-docs/workflows/release.md index 0d0ae00d7cd..9eca1b9fc48 100644 --- a/dev-docs/workflows/release.md +++ b/dev-docs/workflows/release.md @@ -41,10 +41,11 @@ Releases should be performed using [the automated release pipeline](https://gith ``` 3. wait for the pipeline to finish -4. while in editing mode for the release, clear the textbox, select the last patch release for the current release branch and click "Generate release notes". -5. look over the autogenerated draft release. When fixing the changelog, prioritize updating the PR title/labels/description and regenerating the changelog over fixing things in the final changelog. The changelog should be primarily aimed at users. Rule of thumb: first part of the sentence should describe what changed for the user, second part can describe what has been changed to achieve this. -6. in the GitHub release UI, set the tag to create on publish to `$ver`. -7. publish. +4. Check the s3proxy PR in the [helm chart repository](https://github.com/edgelesssys/helm/pull/) and approve it if things (esp. the version) look correct. Correct example for reference: https://github.com/edgelesssys/helm/pull/19/files +5. while in editing mode for the release, clear the textbox, select the last patch release for the current release branch and click "Generate release notes". +6. look over the autogenerated draft release. When fixing the changelog, prioritize updating the PR title/labels/description and regenerating the changelog over fixing things in the final changelog. The changelog should be primarily aimed at users. Rule of thumb: first part of the sentence should describe what changed for the user, second part can describe what has been changed to achieve this. +7. in the GitHub release UI, set the tag to create on publish to `$ver`. +8. publish. ### Minor release @@ -71,10 +72,11 @@ Releases should be performed using [the automated release pipeline](https://gith ./constellation status ``` -5. while in editing mode for the release, clear the textbox, select the last minor release and click "Generate release notes". -6. look over the autogenerated draft release. When fixing the changelog, prioritize updating the PR title/labels/description and regenerating the changelog over fixing things in the final changelog. The changelog should be primarily aimed at users. Rule of thumb: first part of the sentence should describe what changed for the user, second part can describe what has been changed to achieve this. -7. in the GitHub release UI, set the tag to create on publish to `$ver`. -8. publish. +5. Check the s3proxy PR in the [helm chart repository](https://github.com/edgelesssys/helm/pull/) and approve it if things (esp. the version) look correct. Correct example for reference: https://github.com/edgelesssys/helm/pull/19/files +6. while in editing mode for the release, clear the textbox, select the last minor release and click "Generate release notes". +7. look over the autogenerated draft release. When fixing the changelog, prioritize updating the PR title/labels/description and regenerating the changelog over fixing things in the final changelog. The changelog should be primarily aimed at users. Rule of thumb: first part of the sentence should describe what changed for the user, second part can describe what has been changed to achieve this. +8. in the GitHub release UI, set the tag to create on publish to `$ver`. +9. publish. ## Post release steps diff --git a/docs/docs/workflows/s3proxy.md b/docs/docs/workflows/s3proxy.md index 32edcaf42c7..121e8a46122 100644 --- a/docs/docs/workflows/s3proxy.md +++ b/docs/docs/workflows/s3proxy.md @@ -18,14 +18,15 @@ If you want to use s3proxy but these limitations stop you from doing so, conside ## Deployment You can add the s3proxy to your Constellation cluster as follows: -1. Download the deployment manifest: +1. Add the Edgeless Systems chart repository: ```bash - git clone --depth=1 git@github.com:edgelesssys/constellation.git + helm repo add edgeless https://helm.edgeless.systems/stable + helm repo update ``` -2. Set AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY to valid credentials you want s3proxy to use to interact with S3. Inspect `constellation/s3proxy/deploy/s3proxy/values.yaml` to learn about available deployment options. +2. Set ACCESS_KEY and ACCESS_SECRET to valid credentials you want s3proxy to use to interact with S3. 3. Deploy s3proxy: ```bash - helm install s3proxy --set awsAccessKeyID="$AWS_ACCESS_KEY_ID" --set awsSecretAccessKey="$AWS_SECRET_ACCESS_KEY" ./constellation/s3proxy/deploy/s3proxy + helm install s3proxy edgeless/s3proxy --set awsAccessKeyID="$ACCESS_KEY" --set awsSecretAccessKey="$ACCESS_SECRET" ``` If you want to run a demo application, check out the [Filestash with s3proxy](../getting-started/examples/filestash-s3proxy.md) example.