ingress-nginx-helm/.github/workflows/helm.yaml

name: Helm

on:
  push:
    branches:
      - main

permissions:
  contents: read

jobs:

  changes:
    permissions:
      contents: read  # for dorny/paths-filter to fetch a list of changed files
      pull-requests: read  # for dorny/paths-filter to read pull requests
    runs-on: ubuntu-latest
    if: |
      (github.repository == 'kubernetes/ingress-nginx')
    outputs:
      docs: ${{ steps.filter.outputs.docs }}
      charts: ${{ steps.filter.outputs.charts }}

    steps:
      - name: Checkout
        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2

      - name: Run Artifact Hub lint
        run: |
          wget https://github.com/artifacthub/hub/releases/download/v1.5.0/ah_1.5.0_linux_amd64.tar.gz
          echo 'ad0e44c6ea058ab6b85dbf582e88bad9fdbc64ded0d1dd4edbac65133e5c87da *ah_1.5.0_linux_amd64.tar.gz' | shasum -c
          tar -xzvf ah_1.5.0_linux_amd64.tar.gz ah
          ./ah lint -p charts/ingress-nginx || exit 1
          rm -f ./ah ./ah_1.5.0_linux_amd64.tar.gz

      - name: Lint
        run: |
          ./build/run-in-docker.sh ./hack/verify-chart-lint.sh

      - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
        id: filter
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
          filters: |
            charts:
              - 'charts/ingress-nginx/Chart.yaml'
              - 'charts/ingress-nginx/values.yaml'

  chart:
    name: Release Chart
    runs-on: ubuntu-latest

    permissions:
      contents: write # needed to write releases

    needs:
      - changes
    if: |
      (github.repository == 'kubernetes/ingress-nginx') &&
      (needs.changes.outputs.charts == 'true')

    steps:
      - name: Checkout master
        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
        with:
          # Fetch entire history. Required for chart-releaser; see https://github.com/helm/chart-releaser-action/issues/13#issuecomment-602063896
          fetch-depth: 0

      - name: Setup
        shell: bash
        run: |
          git config --global user.name "$GITHUB_ACTOR"
          git config --global user.email "$GITHUB_ACTOR@users.noreply.github.com"

      - name: Helm Chart Releaser
        uses: helm/chart-releaser-action@a917fd15b20e8b64b94d9158ad54cd6345335584 # v1.6.0
        env:
          CR_SKIP_EXISTING: true
          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
          CR_RELEASE_NAME_TEMPLATE: "helm-chart-{{ .Version }}"
        with:
          charts_dir: charts