161 lines
5.2 KiB
YAML
161 lines
5.2 KiB
YAML
name: Build Offline FluxCD Installer
|
|
|
|
on:
|
|
push:
|
|
paths:
|
|
- '.github/workflows/offline-package-fluxcd-installer.yaml'
|
|
workflow_dispatch:
|
|
inputs:
|
|
tag:
|
|
description: "Release tag to use/sync (e.g., v2.2.0). Leave empty to use offline-fluxcd-<run_number>"
|
|
required: false
|
|
type: string
|
|
chart_version:
|
|
description: "Override Helm chart version for fluxcd-community/flux2. Leave empty to auto-resolve"
|
|
required: false
|
|
type: string
|
|
|
|
permissions:
|
|
contents: write
|
|
|
|
concurrency:
|
|
group: build-offline-fluxcd
|
|
cancel-in-progress: false
|
|
|
|
jobs:
|
|
build-offline-installer:
|
|
strategy:
|
|
matrix:
|
|
arch: [amd64, arm64]
|
|
runs-on: ubuntu-latest
|
|
env:
|
|
NERDCTL_VERSION: "2.0.3"
|
|
outputs:
|
|
chart_version: ${{ steps.resolve.outputs.chart_version }}
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Install deps (curl, jq, helm)
|
|
run: |
|
|
set -euo pipefail
|
|
sudo apt-get update -y
|
|
sudo apt-get install -y curl jq
|
|
curl -fsSL https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
|
|
helm version
|
|
|
|
- name: Add helm repo
|
|
run: |
|
|
set -euo pipefail
|
|
helm repo add fluxcd-community https://fluxcd-community.github.io/helm-charts --force-update
|
|
helm repo update
|
|
|
|
- name: Resolve chart version
|
|
id: resolve
|
|
env:
|
|
OVERRIDE_CHART_VERSION: ${{ github.event.inputs.chart_version }}
|
|
run: |
|
|
set -euo pipefail
|
|
if [ -n "${OVERRIDE_CHART_VERSION}" ]; then
|
|
CHART_VERSION="${OVERRIDE_CHART_VERSION}"
|
|
else
|
|
CHART_VERSION=$(helm search repo fluxcd-community/flux2 --versions | awk 'NR==2{print $2}')
|
|
fi
|
|
echo "chart_version=${CHART_VERSION}" >> "$GITHUB_OUTPUT"
|
|
|
|
- name: Prepare directories
|
|
run: |
|
|
set -euo pipefail
|
|
rm -rf offline-installer
|
|
mkdir -p offline-installer/{images,charts,scripts,metadata}
|
|
|
|
- name: Stage installer script
|
|
env:
|
|
CHART_VERSION: ${{ steps.resolve.outputs.chart_version }}
|
|
run: |
|
|
set -euo pipefail
|
|
cat <<'SCRIPT' > offline-installer/scripts/install-fluxcd.sh
|
|
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
|
|
CHART_DIR="${ROOT_DIR}/charts/flux2"
|
|
IMAGES_DIR="${ROOT_DIR}/images"
|
|
RELEASE_NAME="${RELEASE_NAME:-flux-system}"
|
|
NAMESPACE="${NAMESPACE:-flux-system}"
|
|
|
|
if command -v nerdctl >/dev/null 2>&1; then
|
|
LOADER="nerdctl"
|
|
elif command -v docker >/dev/null 2>&1; then
|
|
LOADER="docker"
|
|
else
|
|
echo "Either docker or nerdctl is required to load images." >&2
|
|
exit 1
|
|
fi
|
|
|
|
for tar in "${IMAGES_DIR}"/*.tar; do
|
|
[ -f "$tar" ] || continue
|
|
echo "Loading image: $tar"
|
|
"$LOADER" load -i "$tar"
|
|
done
|
|
|
|
echo "Installing/Upgrading FluxCD release ${RELEASE_NAME} in namespace ${NAMESPACE}"
|
|
helm upgrade --install "${RELEASE_NAME}" "${CHART_DIR}" \
|
|
--namespace "${NAMESPACE}" \
|
|
--create-namespace \
|
|
"$@"
|
|
SCRIPT
|
|
chmod +x offline-installer/scripts/install-fluxcd.sh
|
|
cat <<EOFMETA > offline-installer/metadata/INFO
|
|
chart: fluxcd-community/flux2
|
|
chart_version: ${CHART_VERSION}
|
|
created_at: $(date -u +%Y-%m-%dT%H:%M:%SZ)
|
|
EOFMETA
|
|
|
|
- name: Download nerdctl binary for ${{ matrix.arch }}
|
|
run: |
|
|
set -euo pipefail
|
|
wget https://github.com/containerd/nerdctl/releases/download/v${NERDCTL_VERSION}/nerdctl-${NERDCTL_VERSION}-linux-${{ matrix.arch }}.tar.gz \
|
|
-O offline-installer/nerdctl.tar.gz
|
|
|
|
- name: Pull & export required images
|
|
env:
|
|
CHART_VERSION: ${{ steps.resolve.outputs.chart_version }}
|
|
run: |
|
|
set -euo pipefail
|
|
PLATFORM="linux/${{ matrix.arch }}"
|
|
helm template flux fluxcd-community/flux2 --version "${CHART_VERSION}" > manifest.yaml
|
|
mapfile -t images < <(grep -oP 'image:\s*"?\K([^"\s]+)' manifest.yaml | sort -u || true)
|
|
rm -f manifest.yaml
|
|
for img in "${images[@]}"; do
|
|
[ -n "$img" ] || continue
|
|
if [[ "$img" == *"{{"* ]]; then
|
|
continue
|
|
fi
|
|
echo "Pulling $img for ${PLATFORM}"
|
|
if ! docker pull --platform "${PLATFORM}" "$img"; then
|
|
echo "::warning::Failed to pull $img for ${PLATFORM}, skipping" >&2
|
|
continue
|
|
fi
|
|
safe=$(echo "$img" | tr '/:' '-_')
|
|
docker save "$img" -o "offline-installer/images/${safe}.tar"
|
|
done
|
|
|
|
- name: Download Helm chart
|
|
env:
|
|
CHART_VERSION: ${{ steps.resolve.outputs.chart_version }}
|
|
run: |
|
|
set -euo pipefail
|
|
helm pull fluxcd-community/flux2 --version "${CHART_VERSION}" --untar --untardir offline-installer/charts
|
|
|
|
- name: Package offline installer
|
|
run: |
|
|
set -euo pipefail
|
|
tar -czf offline-setup-fluxcd-${{ matrix.arch }}.tar.gz -C offline-installer .
|
|
ls -lh offline-setup-fluxcd-${{ matrix.arch }}.tar.gz
|
|
|
|
- name: Upload artifact
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: offline-setup-fluxcd-${{ matrix.arch }}
|
|
path: offline-setup-fluxcd-${{ matrix.arch }}.tar.gz
|