Skip to content

Publish Danswer Helm Chart #52

Publish Danswer Helm Chart

Publish Danswer Helm Chart #52

Workflow file for this run

name: Publish Danswer Helm Chart
on:
push:
workflow_dispatch:
jobs:
helm_chart_version_check:
runs-on: ubuntu-latest
outputs:
version_changed: ${{ steps.version_check.outputs.chart_version_changed }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
# We mark any builds on main branch as latest GH release
# so make sure we don't accidentally publiah a pre-release tag
# on main or a stable tag on a dev branch.
- name: Fail on semver pre-release chart version
run: yq .version deployment/helm/charts/danswer/Chart.yaml | grep -v '[a-zA-Z-]'
if: ${{ github.ref_name == 'main' }}
- name: Fail on stable semver chart version
run: yq .version deployment/helm/charts/danswer/Chart.yaml | grep '[a-zA-Z-]'
if: ${{ github.ref_name != 'main' }}
# To reduce resource usage images are built only on tag.
# To build a new set of images after committing and pushing
# new changes to GitHub, use:
# git tag <tag-name>
# git push --tags
- name: Fail if image tags don't exist
run: >-
curl -H "Authorization: Bearer $(echo ${{ secrets.GITHUB_TOKEN }} | base64)"
https://ghcr.io/v2/stackhpc/danswer/danswer-backend/tags/list
| jq .tags
| grep $( yq .appVersion deployment/helm/charts/danswer/Chart.yaml )-$( yq .tagSuffix deployment/helm/values.yaml )
&&
curl -H "Authorization: Bearer $(echo ${{ secrets.GITHUB_TOKEN }} | base64)"
https://ghcr.io/v2/stackhpc/danswer/danswer-web-server/tags/list
| jq .tags
| grep $( yq .appVersion deployment/helm/charts/danswer/Chart.yaml )-$( yq .tagSuffix deployment/helm/values.yaml )
# Check if current chart version exists in releases already
- name: Check for Helm chart version bump
id: version_check
run: |
set -xe
chart_version=$(yq .version deployment/helm/charts/danswer/Chart.yaml)
if [[ $(curl https://api.github.com/repos/stackhpc/danswer/releases | jq '.[].tag_name' | grep danswer-helm-$chart_version) ]]; then
echo chart_version_changed=false >> $GITHUB_OUTPUT
else
echo chart_version_changed=true >> $GITHUB_OUTPUT
fi
release:
# depending on default permission settings for your org (contents being read-only or read-write for workloads), you will have to add permissions
# see: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token
permissions:
contents: write
runs-on: ubuntu-latest
needs: helm_chart_version_check
if: ${{ needs.helm_chart_version_check.outputs.version_changed == 'true' }}
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "[email protected]"
- name: Install Helm
uses: azure/setup-helm@v4
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
- name: Build Helm dependencies
run: |
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo add vespa https://unoplat.github.io/vespa-helm-charts
helm dependency build deployment/helm
- name: Run chart-releaser
uses: helm/[email protected]
with:
charts_dir: deployment
pages_branch: helm-publish
mark_as_latest: ${{ github.ref_name == 'main' }}
env:
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
CR_RELEASE_NAME_TEMPLATE: "danswer-helm-{{ .Version }}"