chore(deps): update actions/checkout action to v5

2025-08-11 13:14:57 +00:00
8 changed files with 90 additions and 191 deletions
--- a/.gitea/workflows/auto-release.yaml
+++ b/.gitea/workflows/auto-release.yaml
@@ -1,71 +0,0 @@
-name: Auto release
-
-on:
-  push:
-    branches: [ "master" ]
-    paths:
-    - Makefile
-
-env:
-  GIT_EMAIL: noreply@cryptic.systems
-  GIT_USER: CSRBot
-
-jobs:
-  tag_on_change:
-    permissions:
-      contents: write
-
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v5.0.0
-        with:
-          fetch-depth: 0
-
-      - name: Check if HELM_VERSION line changed
-        id: check_change
-        run: |
-          echo "changed=false" >> $GITHUB_OUTPUT
-
-          for file in Makefile; do
-            if git diff HEAD~1 HEAD -- "${file}" | grep --quiet '^[+-]HELM_VERSION'; then
-              echo "HELM_VERSION line changed."
-              echo "changed=true" >> $GITHUB_OUTPUT
-              break
-            fi
-          done
-
-      - name: Stop if no change detected
-        if: steps.check_change.outputs.changed == 'false'
-        run: echo "No HELM_VERSION change. Exiting..."
-
-      - name: Create and push new tag
-        id: create_tag
-        if: steps.check_change.outputs.changed == 'true'
-        run: |
-          defined_tag="$(grep --only-matching --perl-regexp 'HELM_VERSION\?=v?[\d]*(\.[\d]*){0,2}' Makefile | cut --delimiter='=' --fields=2)"
-
-          echo "defined_tag=${defined_tag}" >> $GITHUB_OUTPUT
-          echo "New tag: ${defined_tag}"
-
-          git config --local user.name "${GIT_USER}"
-          git config --local user.email "${GIT_EMAIL}"
-          git tag -a "${defined_tag}" -m "${defined_tag}"
-          git push origin "${defined_tag}"
-
-      - name: Trigger "Push tagged images" workflow
-        uses: actions/github-script@v8.0.0
-        with:
-          script: |
-            const workflowFileName = 'release.yaml';
-            const defaultBranch = context.payload.repository.default_branch;
-            const definedTag = '${{ steps.create_tag.outputs.defined_tag }}';
-
-            await github.rest.actions.createWorkflowDispatch({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                workflow_id: workflowFileName,
-                ref: defaultBranch,
-                inputs: {
-                  tag: definedTag
-                }
-            });
--- a/.gitea/workflows/markdown-linters.yaml
+++ b/.gitea/workflows/markdown-linters.yaml
@@ -13,7 +13,8 @@ on:

 jobs:
  markdown-lint:
-    runs-on: ubuntu-latest
+    runs-on:
+    - ubuntu-latest
    steps:
    - uses: actions/checkout@v5.0.0
    - uses: DavidAnson/markdownlint-cli2-action@v20.0.0
--- a/.gitea/workflows/release.yaml
+++ b/.gitea/workflows/release.yaml
@@ -4,38 +4,16 @@ on:
  push:
    tags:
    - "**"
-  workflow_dispatch:
-    inputs:
-      tag:
-        description: "Tag which should be released"
-        type: string
-        required: true

 jobs:
  push-arm64:
    runs-on: ubuntu-latest-arm64
    steps:
-      - id: version_extraction
-        name: Extract git tag
-        run: |
-          VERSION="${{ inputs.tag || github.ref_name }}"
-          VERSION="${VERSION#refs/*/}"
-
-          echo "Version (raw):      ${VERSION}"
-          echo "Version (cleaned):  ${VERSION/v/}"
-
-          echo "version_raw=${VERSION}" >> $GITHUB_OUTPUT
-          echo "version_cleaned=${VERSION/v/}" >> $GITHUB_OUTPUT
-
      - uses: actions/checkout@v5.0.0
-        with:
-          fetch-tags: true
-          ref: "${{ steps.version_extraction.outputs.version_raw }}"
-
      - uses: docker/setup-qemu-action@v3.6.0
      - uses: docker/setup-buildx-action@v3.11.1

-      - uses: docker/login-action@v3.6.0
+      - uses: docker/login-action@v3.5.0
        with:
          registry: git.cryptic.systems
          username: ${{ github.repository_owner }}
@@ -43,39 +21,25 @@ jobs:

      - name: Build and push image
        run: |
+          TAG=$(echo ${{ github.ref_name }} | sed 's/v//gm')
+
          docker buildx build \
            --build-arg HELM_VERSION=${{ github.ref_name }} \
            --file Dockerfile \
            --platform linux/arm64 \
            --provenance false \
            --push \
-            --tag git.cryptic.systems/volker.raschek/helm:${{ steps.version_extraction.outputs.version_cleaned }}-arm64 \
+            --tag git.cryptic.systems/volker.raschek/helm:${TAG}-arm64 \
            .

  push-amd64:
    runs-on: ubuntu-latest-amd64
    steps:
-      - id: version_extraction
-        name: Extract git tag
-        run: |
-          VERSION="${{ inputs.tag || github.ref_name }}"
-          VERSION="${VERSION#refs/*/}"
-
-          echo "Version (raw):      ${VERSION}"
-          echo "Version (cleaned):  ${VERSION/v/}"
-
-          echo "version_raw=${VERSION}" >> $GITHUB_OUTPUT
-          echo "version_cleaned=${VERSION/v/}" >> $GITHUB_OUTPUT
-
      - uses: actions/checkout@v5.0.0
-        with:
-          fetch-tags: true
-          ref: "${{ steps.version_extraction.outputs.version_raw }}"
-
      - uses: docker/setup-qemu-action@v3.6.0
      - uses: docker/setup-buildx-action@v3.11.1

-      - uses: docker/login-action@v3.6.0
+      - uses: docker/login-action@v3.5.0
        with:
          registry: git.cryptic.systems
          username: ${{ github.repository_owner }}
@@ -83,13 +47,15 @@ jobs:

      - name: Build and push image
        run: |
+          TAG=$(echo ${{ github.ref_name }} | sed 's/v//gm')
+
          docker buildx build \
            --build-arg HELM_VERSION=${{ github.ref_name }} \
            --file Dockerfile \
            --platform linux/amd64 \
            --provenance false \
            --push \
-            --tag git.cryptic.systems/volker.raschek/helm:${{ steps.version_extraction.outputs.version_cleaned }}-amd64 \
+            --tag git.cryptic.systems/volker.raschek/helm:${TAG}-amd64 \
            .

  push-manifest:
@@ -98,19 +64,7 @@ jobs:
    - push-arm64
    - push-amd64
    steps:
-      - id: version_extraction
-        name: Extract git tag
-        run: |
-          VERSION="${{ inputs.tag || github.ref_name }}"
-          VERSION="${VERSION#refs/*/}"
-
-          echo "Version (raw):      ${VERSION}"
-          echo "Version (cleaned):  ${VERSION/v/}"
-
-          echo "version_raw=${VERSION}" >> $GITHUB_OUTPUT
-          echo "version_cleaned=${VERSION/v/}" >> $GITHUB_OUTPUT
-
-      - uses: docker/login-action@v3.6.0
+      - uses: docker/login-action@v3.5.0
        with:
          registry: git.cryptic.systems
          username: ${{ github.repository_owner }}
@@ -118,38 +72,30 @@ jobs:

      - name: Create and push manifest
        run: |
-          docker manifest create git.cryptic.systems/volker.raschek/helm:${{ steps.version_extraction.outputs.version_cleaned }} \
-            --amend git.cryptic.systems/volker.raschek/helm:${{ steps.version_extraction.outputs.version_cleaned }}-amd64 \
-            --amend git.cryptic.systems/volker.raschek/helm:${{ steps.version_extraction.outputs.version_cleaned }}-arm64
+          TAG=$(echo ${{ github.ref_name }} | sed 's/v//gm')

-          docker manifest push git.cryptic.systems/volker.raschek/helm:${{ steps.version_extraction.outputs.version_cleaned }}
+          docker manifest create git.cryptic.systems/volker.raschek/helm:${TAG} \
+            --amend git.cryptic.systems/volker.raschek/helm:${TAG}-amd64 \
+            --amend git.cryptic.systems/volker.raschek/helm:${TAG}-arm64
+
+          docker manifest push git.cryptic.systems/volker.raschek/helm:${TAG}

  sync-to-hub-docker-io:
    needs:
    - push-manifest
    runs-on: ubuntu-latest
    steps:
-      - id: version_extraction
-        name: Extract git tag
-        run: |
-          VERSION="${{ inputs.tag || github.ref_name }}"
-          VERSION="${VERSION#refs/*/}"
+    - name: Copy images to docker.io
+      run: |
+        TAG=$(echo ${{ github.ref_name }} | sed 's/v//gm')

-          echo "Version (raw):      ${VERSION}"
-          echo "Version (cleaned):  ${VERSION/v/}"
-
-          echo "version_raw=${VERSION}" >> $GITHUB_OUTPUT
-          echo "version_cleaned=${VERSION/v/}" >> $GITHUB_OUTPUT
-
-      - name: Copy images to docker.io
-        run: |
-          apt-get update --yes
-          apt-get install --yes skopeo
-          skopeo copy \
-            --all \
-            --dest-password ${{ secrets.DOCKER_IO_PASSWORD }} \
-            --dest-username ${{ secrets.DOCKER_IO_USERNAME }} \
-            --src-password ${{ secrets.GIT_CRYPTIC_SYSTEMS_PACKAGE_REGISTRY_TOKEN }} \
-            --src-username volker.raschek \
-              docker://git.cryptic.systems/volker.raschek/helm:${{ steps.version_extraction.outputs.version_cleaned }} \
-              docker://docker.io/volkerraschek/helm:${{ steps.version_extraction.outputs.version_cleaned }}
+        apt-get update --yes
+        apt-get install --yes skopeo
+        skopeo copy \
+          --all \
+          --dest-password ${{ secrets.DOCKER_IO_PASSWORD }} \
+          --dest-username ${{ secrets.DOCKER_IO_USERNAME }} \
+          --src-password ${{ secrets.GIT_CRYPTIC_SYSTEMS_PACKAGE_REGISTRY_TOKEN }} \
+          --src-username volker.raschek \
+            docker://git.cryptic.systems/volker.raschek/helm:${TAG} \
+            docker://docker.io/volkerraschek/helm:${TAG}
--- a/.gitea/workflows/update-docker-hub-description.yaml
+++ b/.gitea/workflows/update-docker-hub-description.yaml
@@ -14,9 +14,9 @@ jobs:
    - ubuntu-latest
    steps:
    - uses: actions/checkout@v5.0.0
-    - uses: peter-evans/dockerhub-description@v5.0.0
+    - uses: peter-evans/dockerhub-description@v4.0.2
      with:
        username: ${{ secrets.DOCKER_IO_USERNAME }}
        password: ${{ secrets.DOCKER_IO_PASSWORD }}
        repository: volkerraschek/helm
-        readme-filepath: README.md
+        readme-filepath: README.md
--- a/2
+++ b/2
@@ -1,4 +1,4 @@
-FROM docker.io/library/alpine:3.22.2
+FROM docker.io/library/alpine:3.22.1

 ARG HELM_VERSION

--- a/2
+++ b/2
@@ -1,6 +1,6 @@
 # HELM_VERSION
 # Only required to install a specify version
-HELM_VERSION?=v3.19.0 # renovate: datasource=github-releases depName=helm/helm
+HELM_VERSION?=v3.18.4 # renovate: datasource=github-releases depName=helm/helm

 # CONTAINER_RUNTIME
 # The CONTAINER_RUNTIME variable will be used to specified the path to a
--- a/README.md
+++ b/README.md
@@ -3,15 +3,59 @@
 [![Docker Pulls](https://img.shields.io/docker/pulls/volkerraschek/helm)](https://hub.docker.com/r/volkerraschek/helm)

 This project contains all sources to build the container image `git.cryptic.systems/volker.raschek/helm`. The primary
-goal of this project is to package the binary `helm` as container image and provide the functionally for CI/CD workflows.
+goal of this project is to package the binary `helm` as container image to provide the functionally for CI/CD workflows.
 The source code of the binary can be found in the upstream project of [helm](github.com/helm/helm).

-```bash
-IMAGE_VERSION=3.19.0
-docker run \
-  --rm \
-  --volume "$(pwd):$(pwd)" \
-  --workdir "$(pwd)" \
-    "git.cryptic.systems/volker.raschek/helm:${IMAGE_VERSION}" \
-      version
+## drone
+
+Here is an example to lint, package and deploy a chart to chartmuseum via
+`git.cryptic.systems/volker.raschek/helm`.
+
+```yaml
+kind: pipeline
+type: kubernetes
+name: linter
+
+platform:
+  os: linux
+  arch: amd64
+
+steps:
+- name: helm lint
+  commands:
+  - helm lint
+  image: git.cryptic.systems/volker.raschek/helm:latest
+  resources:
+    limits:
+      cpu: 50
+      memory: 50M
+
+---
+kind: pipeline
+type: kubernetes
+name: release
+
+platform:
+  os: linux
+
+steps:
+- name: release-helm-chart
+  commands:
+  - helm plugin install https://github.com/chartmuseum/helm-push.git
+  - helm repo add myrepo https://charts.example.com/myrepo
+  - helm package --version ${DRONE_TAG} .
+  - helm cm-push ${DRONE_REPO_NAME}-${DRONE_TAG}.tgz myrepo
+  environment:
+    HELM_REPO_PASSWORD:
+      from_secret: helm_repo_password
+    HELM_REPO_USERNAME:
+      from_secret: helm_repo_username
+  image: git.cryptic.systems/volker.raschek/helm:latest
+  resources:
+    limits:
+      cpu: 50
+      memory: 50M
+trigger:
+  event:
+  - tag
 ```
--- a/renovate.json
+++ b/renovate.json
@@ -1,19 +1,5 @@
 {
  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-  "customManagers": [
-    {
-      "customType": "regex",
-      "fileMatch": [
-        "^README\\.md$"
-      ],
-      "matchStrings": [
-        "IMAGE_VERSION=(?<currentValue>.*)"
-      ],
-      "datasourceTemplate": "github-releases",
-      "depNameTemplate": "helm/helm",
-      "versioningTemplate": "semver"
-    }
-  ],
  "extends": [
    "local>volker.raschek/renovate-config:default#master",
    "local>volker.raschek/renovate-config:container#master",
@@ -22,16 +8,9 @@
  ],
  "packageRules": [
    {
-      "addLabels": [
-        "renovate/automerge"
-      ],
-      "automerge": true,
-      "matchPackageNames": [
-        "helm/helm"
-      ],
-      "matchManagers": [
-        "regex"
-      ]
+      "automerge": false,
+      "matchPackageNames": [ "helm" ],
+      "matchManagers": [ "regex" ]
    }
  ]
 }