Use docker build from CI for helm publish

- Remove chartpress usages in workflow

.github/workflows/build-publish-docker-helm.yml

@@ -5,11 +5,12 @@ on:
   # and on every tag push
   push:
     branches:
-    - develop
-    - master
-    - project/*
+      - develop
+      - master
+      - project/*
+      - chore/*
     tags:
-    - "**"
+      - "**"
 
 permissions:
   packages: write
@@ -18,6 +19,8 @@ jobs:
   ci:
     name: CI
     uses: ./.github/workflows/ci.yml
+    with:
+      push_docker_image: true
 
   build:
     name: Publish Helm
@@ -28,54 +31,56 @@ jobs:
     - name: Checkout code
       uses: actions/checkout@v4
 
-    - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v3
-
     - name: Login to GitHub Container Registry
       uses: docker/login-action@v3
       with:
         registry: ghcr.io
         username: ${{ github.actor }}
         password: ${{ secrets.GITHUB_TOKEN }}
 
-    - name: Install chart publishing dependencies (chartpress, helm)
+    - name: 🐳 Helm dependency
+      working-directory: deploy/helm/ifrcgo-helm
       run: |
-        python3 -m venv venv
-        source venv/bin/activate
-        pip install chartpress
-        pip list
-
-        helm version
+        yq --indent 0 '.dependencies | map(["helm", "repo", "add", .name, .repository] | join(" ")) | .[]' ./helm/Chart.lock  | sh --
+        helm dependency build ./
 
-    - name: Build and push Docker image. Update the image tag, chart version etc as needed
+    - name: Tag docker image in Helm Chart values.yaml
+      working-directory: deploy/helm/ifrcgo-helm
+      env:
+        IMAGE_NAME: ${{ needs.ci.outputs.docker_image_name }}
+        IMAGE_TAG: ${{ needs.ci.outputs.docker_image_tag }}
       run: |
-        source venv/bin/activate
-        cd deploy/helm
-        # hack to push the image to ghcr.io. We will update chartpress.yaml when we move to separate deploy repo
-        if [[ "$GITHUB_REF_NAME" == "project/"* ]]; then
-          # NOTE: Using seperate package registry for alpha
-          python -c "import re; data=open('chartpress.yaml').read(); open('chartpress.yaml', 'w').write(re.sub(r'ifrcgoacr.azurecr.io/ifrcgo-', 'ghcr.io/ifrcgo/alpha-go-', data))"
-        else
-          python -c "import re; data=open('chartpress.yaml').read(); open('chartpress.yaml', 'w').write(re.sub(r'ifrcgoacr.azurecr.io/ifrcgo-', 'ghcr.io/ifrcgo/go-', data))"
-        fi
-        chartpress --push
-
-    - name: Get the version
-      id: get_version
-      run: echo ::set-output name=VERSION::$(cat deploy/helm/ifrcgo-helm/Chart.yaml | grep version | awk '{print $2}')
+        # Update values.yaml with latest docker image
+        sed -i "s|SET-BY-CICD-IMAGE|$IMAGE_NAME|" ./values.yaml
+        sed -i "s/SET-BY-CICD-TAG/$IMAGE_TAG/" ./values.yaml
 
     - name: Package Helm Chart
+      working-directory: deploy/helm/ifrcgo-helm
+      id: set-variables
+      env:
+        IMAGE_TAG: ${{ needs.ci.outputs.docker_image_tag }}
       run: |
-        if [[ "$GITHUB_REF_NAME" == "project/"* ]]; then
-          # NOTE: Using seperate package registry for alpha
-          sed -i 's/^name: \(.*\)/name: alpha-\1/' deploy/helm/ifrcgo-helm/Chart.yaml
+        # XXX: Check if there is a slash in the BRANCH_NAME eg: project/add-docker
+        if [[ "$GITHUB_REF_NAME" == *"/"* ]]; then
+            # XXX: Change the helm chart to <chart-name>-alpha
+            sed -i 's/^name: \(.*\)/name: \1-alpha/' ./Chart.yaml
         fi
-        helm package deploy/helm/ifrcgo-helm -d .helm-charts
+
+        helm package ./ -d .helm-charts
 
     - name: Push Helm Chart
+      env:
+        IMAGE: ${{ needs.ci.outputs.docker_image }}
+        OCI_REPO: oci://ghcr.io/${{ github.repository }}
       run: |
-        if [[ "$GITHUB_REF_NAME" == "project/"* ]]; then
-          helm push ".helm-charts/alpha-ifrcgo-helm-${{ steps.get_version.outputs.VERSION }}.tgz" oci://ghcr.io/ifrcgo/go-api
-        else
-          helm push ".helm-charts/ifrcgo-helm-${{ steps.get_version.outputs.VERSION }}.tgz" oci://ghcr.io/ifrcgo/go-api
-        fi
+        OCI_REPO=$(echo $OCI_REPO | tr '[:upper:]' '[:lower:]')
+        PACKAGE_FILE=$(ls .helm-charts/*.tgz | head -n 1)
+        echo "# Helm Chart" >> $GITHUB_STEP_SUMMARY
+        echo "" >> $GITHUB_STEP_SUMMARY
+        echo "Tagged Image: **$IMAGE**" >> $GITHUB_STEP_SUMMARY
+        echo "" >> $GITHUB_STEP_SUMMARY
+        echo "Helm push output" >> $GITHUB_STEP_SUMMARY
+        echo "" >> $GITHUB_STEP_SUMMARY
+        echo '```bash' >> $GITHUB_STEP_SUMMARY
+        helm push "$PACKAGE_FILE" $OCI_REPO >> $GITHUB_STEP_SUMMARY
+        echo '```' >> $GITHUB_STEP_SUMMARY

.github/workflows/ci.yml

@@ -2,6 +2,20 @@ name: CI
 
 on:
   workflow_call:
+    inputs:
+      push_docker_image:
+        type: string  # true or false
+        default: "false"
+    outputs:
+      docker_image_name:
+        description: "Only docker image name"
+        value: ${{ jobs.test.outputs.docker_image_name }}
+      docker_image_tag:
+        description: "Only docker image tag"
+        value: ${{ jobs.test.outputs.docker_image_tag }}
+      docker_image:
+        description: "docker image with tag"
+        value: ${{ jobs.test.outputs.docker_image }}
   pull_request:
   # NOTE: For develop & master, they are run through helm github action ./build-publish-docker-helm.yml
 
@@ -25,9 +39,44 @@ jobs:
     name: 🚴 Checks & Test 🚴
     runs-on: ubuntu-latest
 
+    outputs:
+      docker_image_name: ${{ steps.prep.outputs.tagged_image_name }}
+      docker_image_tag: ${{ steps.prep.outputs.tag }}
+      docker_image: ${{ steps.prep.outputs.tagged_image }}
+
     steps:
       - uses: actions/checkout@main
 
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        if: ${{ inputs.push_docker_image }}
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: 🐳 Prepare Docker
+        id: prep
+        env:
+          IMAGE_NAME: ghcr.io/${{ github.repository }}
+        run: |
+          BRANCH_NAME=$(echo $GITHUB_REF_NAME | sed 's|:|-|' | tr '[:upper:]' '[:lower:]' | sed 's/_/-/g' | cut -c1-100 | sed 's/-*$//')
+
+          # XXX: Check if there is a slash in the BRANCH_NAME eg: project/add-docker
+          if [[ "$BRANCH_NAME" == *"/"* ]]; then
+              # XXX: Change the docker image package to -alpha
+              IMAGE_NAME="$IMAGE_NAME-alpha"
+              TAG="$(echo "$BRANCH_NAME" | sed 's|/|-|g').$(echo $GITHUB_SHA | head -c7)"
+          else
+              TAG="$BRANCH_NAME.$(echo $GITHUB_SHA | head -c7)"
+          fi
+
+          IMAGE_NAME=$(echo $IMAGE_NAME | tr '[:upper:]' '[:lower:]')
+          echo "tagged_image_name=${IMAGE_NAME}" >> $GITHUB_OUTPUT
+          echo "tag=${TAG}" >> $GITHUB_OUTPUT
+          echo "tagged_image=${IMAGE_NAME}:${TAG}" >> $GITHUB_OUTPUT
+          echo "::notice::Tagged docker image: ${IMAGE_NAME}:${TAG}"
+
       - name: 🐳 Set up Docker Buildx
         id: buildx
         uses: docker/setup-buildx-action@v3
@@ -39,7 +88,7 @@ jobs:
           file: Dockerfile
           push: false
           load: true
-          tags: ifrcgo/go-api:latest
+          tags: ${{ steps.prep.outputs.tagged_image }}
           cache-from: type=gha
           cache-to: type=gha,mode=max
 
@@ -68,6 +117,13 @@ jobs:
       - name: 🤞 Run Test 🧪
         run: docker compose run --rm serve pytest --reuse-db --durations=10
 
+      - name: 🐳 Docker push
+        if: ${{ inputs.push_docker_image }}
+        uses: docker/build-push-action@v6
+        with:
+          tags: ${{ steps.prep.outputs.tagged_image }}
+          push: true
+
   validate_helm:
     name: 🚴 Validate Helm 🚴
     runs-on: ubuntu-latest

Dockerfile

@@ -1,5 +1,7 @@
 FROM python:3.11-bullseye
 
+LABEL org.opencontainers.image.source="https://github.com/IFRCGo/go-api"
+
 ENV PYTHONUNBUFFERED=1
 EXPOSE 80
 EXPOSE 443

deploy/helm/ifrcgo-helm/.gitignore

@@ -0,0 +1,2 @@
+values-local.yaml
+.helm-charts

deploy/helm/ifrcgo-helm/Chart.yaml

@@ -1,4 +1,7 @@
 apiVersion: v1
 description: "Helm Chart to deploy the IFRC GO Infrastructure"
 name: ifrcgo-helm
-version: 0.0.2-chartpress.replace
+version: 0.0.2-SET-BY-CICD
+
+sources:
+  - https://github.com/IFRCGo/go-api

deploy/helm/ifrcgo-helm/values.yaml

@@ -93,8 +93,8 @@ api:
   replicaCount: 1
   containerPort: 80
   image:
-    name: 'SET-BY-CHARTPRESS'
-    tag: 'set-by-chartpress'
+    name: 'SET-BY-CICD-IMAGE'
+    tag: 'SET-BY-CICD-TAG'
   resources:
     requests:
       cpu: "2"