diff --git a/.github/workflows/helm-release.yml b/.github/workflows/helm-release.yml new file mode 100644 index 00000000..65090d17 --- /dev/null +++ b/.github/workflows/helm-release.yml @@ -0,0 +1,52 @@ +name: Release Helm Chart + +on: + release: + types: [published] + +permissions: + contents: write + pages: write + +jobs: + release-helm: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v6 + with: + fetch-depth: 0 + + - name: Configure Git + run: | + git config user.name "$GITHUB_ACTOR" + git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + + - name: Set chart version from release tag + env: + REF_NAME: ${{ github.ref }} + run: | + VERSION="${REF_NAME#refs/tags/v}" + sed -i "s/^version:.*/version: $VERSION/" helm/vectorizer/Chart.yaml + sed -i "s/^appVersion:.*/appVersion: \"$VERSION\"/" helm/vectorizer/Chart.yaml + + - name: Update Helm values with GHCR image + env: + REPO: ${{ github.repository }} + REF_NAME: ${{ github.ref }} + run: | + sed -i "s|repository:.*|repository: ghcr.io/$REPO|" helm/vectorizer/values.yaml + VERSION="${REF_NAME#refs/tags/v}" + sed -i "s|tag:.*|tag: \"$VERSION\"|" helm/vectorizer/values.yaml + + - name: Install Helm + uses: azure/setup-helm@v4 + with: + version: v3.17.0 + + - name: Run chart-releaser + uses: helm/chart-releaser-action@v1.7.0 + with: + charts_dir: helm + env: + CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/release-artifacts.yml b/.github/workflows/release-artifacts.yml index e5f59b04..a3cd36c4 100755 --- a/.github/workflows/release-artifacts.yml +++ b/.github/workflows/release-artifacts.yml @@ -1,6 +1,7 @@ name: Build and publish release packages permissions: contents: write + packages: write on: release: # 'published' is triggered when publishing draft release, 'created' is not @@ -255,9 +256,8 @@ jobs: bin: vectorizer-cli token: ${{ secrets.GITHUB_TOKEN }} - # Docker só roda após dashboard + binários para Docker + build do backend (release) ok. - # Uma tag (version + latest), manifesto multi-plataforma (linux/amd64 + linux/arm64). - # Requer secrets: DOCKERHUB_USERNAME, DOCKERHUB_TOKEN. + # Docker: multi-platform image pushed to GitHub Container Registry (ghcr.io). + # Zero secrets — usa GITHUB_TOKEN automático. publish-docker: needs: - build-dashboard @@ -285,12 +285,22 @@ jobs: uses: docker/setup-buildx-action@v3 - name: Set version from tag id: version - run: echo "VERSION=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT - - name: Login to Docker Hub + run: echo "VERSION=${GITHUB_REF#refs/tags/}" >> "$GITHUB_OUTPUT" + - name: Login to GitHub Container Registry uses: docker/login-action@v3 with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Docker metadata (tags + labels) + id: meta + uses: docker/metadata-action@v5 + with: + images: ghcr.io/${{ github.repository }} + tags: | + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=raw,value=latest,enable={{is_default_branch}} - name: Build and push Docker image (from artifacts) uses: docker/build-push-action@v6 with: @@ -298,9 +308,8 @@ jobs: file: ./Dockerfile.artifacts push: true platforms: linux/amd64,linux/arm64 - tags: | - ${{ secrets.DOCKERHUB_USERNAME }}/vectorizer:${{ steps.version.outputs.VERSION }} - ${{ secrets.DOCKERHUB_USERNAME }}/vectorizer:latest + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} build-args: | GIT_COMMIT_ID=${{ steps.version.outputs.VERSION }} BUILD_DATE=${{ github.event.release.published_at }} diff --git a/helm/vectorizer/values.yaml b/helm/vectorizer/values.yaml index b67645f7..654299f9 100755 --- a/helm/vectorizer/values.yaml +++ b/helm/vectorizer/values.yaml @@ -2,7 +2,7 @@ replicaCount: 1 image: - repository: vectorizer + repository: ghcr.io/hivellm/vectorizer pullPolicy: IfNotPresent tag: "latest"