fix(ci): add autoreleaser

.gitea/workflows/auto-release.yaml

@@ -0,0 +1,71 @@
+name: Auto release
+
+on:
+  push:
+    branches: [ "master" ]
+    paths:
+    - Makefile
+
+env:
+  GIT_EMAIL: noreply@cryptic.systems
+  GIT_USER: CSRBot
+
+jobs:
+  tag_on_change:
+    permissions:
+      contents: write
+
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v5.0.0
+        with:
+          fetch-depth: 0
+
+      - name: Check if HELM_VERSION line changed
+        id: check_change
+        run: |
+          echo "changed=false" >> $GITHUB_OUTPUT
+
+          for file in Makefile; do
+            if git diff HEAD~1 HEAD -- "${file}" | grep --quiet '^[+-]HELM_VERSION'; then
+              echo "HELM_VERSION line changed."
+              echo "changed=true" >> $GITHUB_OUTPUT
+              break
+            fi
+          done
+
+      - name: Stop if no change detected
+        if: steps.check_change.outputs.changed == 'false'
+        run: echo "No HELM_VERSION change. Exiting..."
+
+      - name: Create and push new tag
+        id: create_tag
+        if: steps.check_change.outputs.changed == 'true'
+        run: |
+          defined_tag="$(grep --only-matching --perl-regexp 'HELM_VERSION\?=v?[\d]*(\.[\d]*){0,2}' Makefile | cut --delimiter='=' --fields=2)"
+
+          echo "defined_tag=${defined_tag}" >> $GITHUB_OUTPUT
+          echo "New tag: ${defined_tag}"
+
+          git config --local user.name "${GIT_USER}"
+          git config --local user.email "${GIT_EMAIL}"
+          git tag -a "${defined_tag}" -m "${defined_tag}"
+          git push origin "${defined_tag}"
+
+      - name: Trigger "Push tagged images" workflow
+        uses: actions/github-script@v8.0.0
+        with:
+          script: |
+            const workflowFileName = 'release.yaml';
+            const defaultBranch = context.payload.repository.default_branch;
+            const definedTag = '${{ steps.create_tag.outputs.defined_tag }}';
+
+            await github.rest.actions.createWorkflowDispatch({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                workflow_id: workflowFileName,
+                ref: defaultBranch,
+                inputs: {
+                  tag: definedTag
+                }
+            });

.gitea/workflows/markdown-linters.yaml

@@ -13,8 +13,7 @@ on:
 
 jobs:
   markdown-lint:
-    runs-on:
+    runs-on: ubuntu-latest
-    - ubuntu-latest
     steps:
     - uses: actions/checkout@v5.0.0
     - uses: DavidAnson/markdownlint-cli2-action@v20.0.0

.gitea/workflows/release.yaml

@@ -4,12 +4,34 @@ on:
   push:
     tags:
     - "**"
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: "Tag which should be released"
+        type: string
+        required: true
 
 jobs:
   push-arm64:
     runs-on: ubuntu-latest-arm64
     steps:
+      - id: version_extraction
+        name: Extract git tag
+        run: |
+          VERSION="${{ inputs.tag || github.ref_name }}"
+          VERSION="${VERSION#refs/*/}"
+
+          echo "Version (raw):      ${VERSION}"
+          echo "Version (cleaned):  ${VERSION/v/}"
+
+          echo "version_raw=${VERSION}" >> $GITHUB_OUTPUT
+          echo "version_cleaned=${VERSION/v/}" >> $GITHUB_OUTPUT
+
       - uses: actions/checkout@v5.0.0
+        with:
+          fetch-tags: true
+          ref: "${{ steps.version_extraction.outputs.version_raw }}"
+
       - uses: docker/setup-qemu-action@v3.6.0
       - uses: docker/setup-buildx-action@v3.11.1
 
@@ -21,21 +43,35 @@ jobs:
 
       - name: Build and push image
         run: |
-          TAG=$(echo ${{ github.ref_name }} | sed 's/v//gm')
-
           docker buildx build \
             --build-arg HELM_VERSION=${{ github.ref_name }} \
             --file Dockerfile \
             --platform linux/arm64 \
             --provenance false \
             --push \
-            --tag git.cryptic.systems/volker.raschek/helm:${TAG}-arm64 \
+            --tag git.cryptic.systems/volker.raschek/helm:${{ steps.version_extraction.outputs.version_cleaned }}-arm64 \
             .
 
   push-amd64:
     runs-on: ubuntu-latest-amd64
     steps:
+      - id: version_extraction
+        name: Extract git tag
+        run: |
+          VERSION="${{ inputs.tag || github.ref_name }}"
+          VERSION="${VERSION#refs/*/}"
+
+          echo "Version (raw):      ${VERSION}"
+          echo "Version (cleaned):  ${VERSION/v/}"
+
+          echo "version_raw=${VERSION}" >> $GITHUB_OUTPUT
+          echo "version_cleaned=${VERSION/v/}" >> $GITHUB_OUTPUT
+
       - uses: actions/checkout@v5.0.0
+        with:
+          fetch-tags: true
+          ref: "${{ steps.version_extraction.outputs.version_raw }}"
+
       - uses: docker/setup-qemu-action@v3.6.0
       - uses: docker/setup-buildx-action@v3.11.1
 
@@ -47,15 +83,13 @@ jobs:
 
       - name: Build and push image
         run: |
-          TAG=$(echo ${{ github.ref_name }} | sed 's/v//gm')
-
           docker buildx build \
             --build-arg HELM_VERSION=${{ github.ref_name }} \
             --file Dockerfile \
             --platform linux/amd64 \
             --provenance false \
             --push \
-            --tag git.cryptic.systems/volker.raschek/helm:${TAG}-amd64 \
+            --tag git.cryptic.systems/volker.raschek/helm:${{ steps.version_extraction.outputs.version_cleaned }}-amd64 \
             .
 
   push-manifest:
@@ -64,6 +98,18 @@ jobs:
     - push-arm64
     - push-amd64
     steps:
+      - id: version_extraction
+        name: Extract git tag
+        run: |
+          VERSION="${{ inputs.tag || github.ref_name }}"
+          VERSION="${VERSION#refs/*/}"
+
+          echo "Version (raw):      ${VERSION}"
+          echo "Version (cleaned):  ${VERSION/v/}"
+
+          echo "version_raw=${VERSION}" >> $GITHUB_OUTPUT
+          echo "version_cleaned=${VERSION/v/}" >> $GITHUB_OUTPUT
+
       - uses: docker/login-action@v3.6.0
         with:
           registry: git.cryptic.systems
@@ -72,30 +118,38 @@ jobs:
 
       - name: Create and push manifest
         run: |
-          TAG=$(echo ${{ github.ref_name }} | sed 's/v//gm')
+          docker manifest create git.cryptic.systems/volker.raschek/helm:${{ steps.version_extraction.outputs.version_cleaned }} \
+            --amend git.cryptic.systems/volker.raschek/helm:${{ steps.version_extraction.outputs.version_cleaned }}-amd64 \
+            --amend git.cryptic.systems/volker.raschek/helm:${{ steps.version_extraction.outputs.version_cleaned }}-arm64
 
-          docker manifest create git.cryptic.systems/volker.raschek/helm:${TAG} \
+          docker manifest push git.cryptic.systems/volker.raschek/helm:${{ steps.version_extraction.outputs.version_cleaned }}
-            --amend git.cryptic.systems/volker.raschek/helm:${TAG}-amd64 \
-            --amend git.cryptic.systems/volker.raschek/helm:${TAG}-arm64
-
-          docker manifest push git.cryptic.systems/volker.raschek/helm:${TAG}
 
   sync-to-hub-docker-io:
     needs:
     - push-manifest
     runs-on: ubuntu-latest
     steps:
-    - name: Copy images to docker.io
+      - id: version_extraction
-      run: |
+        name: Extract git tag
-        TAG=$(echo ${{ github.ref_name }} | sed 's/v//gm')
+        run: |
+          VERSION="${{ inputs.tag || github.ref_name }}"
+          VERSION="${VERSION#refs/*/}"
 
-        apt-get update --yes
+          echo "Version (raw):      ${VERSION}"
-        apt-get install --yes skopeo
+          echo "Version (cleaned):  ${VERSION/v/}"
-        skopeo copy \
+
-          --all \
+          echo "version_raw=${VERSION}" >> $GITHUB_OUTPUT
-          --dest-password ${{ secrets.DOCKER_IO_PASSWORD }} \
+          echo "version_cleaned=${VERSION/v/}" >> $GITHUB_OUTPUT
-          --dest-username ${{ secrets.DOCKER_IO_USERNAME }} \
+
-          --src-password ${{ secrets.GIT_CRYPTIC_SYSTEMS_PACKAGE_REGISTRY_TOKEN }} \
+      - name: Copy images to docker.io
-          --src-username volker.raschek \
+        run: |
-            docker://git.cryptic.systems/volker.raschek/helm:${TAG} \
+          apt-get update --yes
-            docker://docker.io/volkerraschek/helm:${TAG}
+          apt-get install --yes skopeo
+          skopeo copy \
+            --all \
+            --dest-password ${{ secrets.DOCKER_IO_PASSWORD }} \
+            --dest-username ${{ secrets.DOCKER_IO_USERNAME }} \
+            --src-password ${{ secrets.GIT_CRYPTIC_SYSTEMS_PACKAGE_REGISTRY_TOKEN }} \
+            --src-username volker.raschek \
+              docker://git.cryptic.systems/volker.raschek/helm:${{ steps.version_extraction.outputs.version_cleaned }} \
+              docker://docker.io/volkerraschek/helm:${{ steps.version_extraction.outputs.version_cleaned }}

.gitea/workflows/update-docker-hub-description.yaml

@@ -19,4 +19,4 @@ jobs:
         username: ${{ secrets.DOCKER_IO_USERNAME }}
         password: ${{ secrets.DOCKER_IO_PASSWORD }}
         repository: volkerraschek/helm
-        readme-filepath: README.md
+        readme-filepath: README.md

renovate.json

@@ -1,5 +1,19 @@
 {
   "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "customManagers": [
+    {
+      "customType": "regex",
+      "fileMatch": [
+        "^README\\.md$"
+      ],
+      "matchStrings": [
+        "IMAGE_VERSION=(?<currentValue>.*)"
+      ],
+      "datasourceTemplate": "github-releases",
+      "depNameTemplate": "helm/helm",
+      "versioningTemplate": "semver"
+    }
+  ],
   "extends": [
     "local>volker.raschek/renovate-config:default#master",
     "local>volker.raschek/renovate-config:container#master",
@@ -8,9 +22,16 @@
   ],
   "packageRules": [
     {
-      "automerge": false,
+      "addLabels": [
-      "matchPackageNames": [ "helm" ],
+        "renovate/automerge"
-      "matchManagers": [ "regex" ]
+      ],
+      "automerge": true,
+      "matchPackageNames": [
+        "helm/helm"
+      ],
+      "matchManagers": [
+        "regex"
+      ]
     }
   ]
 }