Rework helm release process

This was mostly me working around a limitation in chart-releaser where it does not allow for uploading a chart to an existing release.

.github/workflows/helm-release.yaml

@@ -1,43 +0,0 @@
----
-name: helm-release
-
-on:
-  release:
-    types: [published]
-
-jobs:
-  release:
-    runs-on: ubuntu-latest
-    steps:
-
-      - name: Checkout
-        uses: actions/checkout@v2
-        with:
-          fetch-depth: 0
-
-      - name: Configure Git
-        run: |
-          git config user.name "$GITHUB_ACTOR"
-          git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
-
-      - name: Install Helm
-        uses: azure/setup-helm@v1
-        with:
-          version: v3.7.1
-
-      - name: Create Helm chart
-        run: |
-          echo VERSION: $VERSION
-          make helm-chart
-        env:
-          VERSION: ${{ github.ref_name }}
-
-      # Reinventing the wheel if/until https://github.com/helm/chart-releaser-action/pull/96 is merged
-      - name: Release Helm chart
-        run: |
-          echo VERSION: $VERSION
-          make helm-release
-        env:
-          VERSION: ${{ github.ref_name }}
-          CR_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          GH_REPO_OWNER: ${{ github.repository_owner }}

.github/workflows/promote.yaml

@@ -8,6 +8,8 @@ jobs:
   promote:
     runs-on: ubuntu-latest
     steps:
+      - uses: actions/checkout@v2
+
       - name: Log in to GHCR
         run: |
           echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin
@@ -23,3 +25,16 @@ jobs:
           docker tag ghcr.io/${{ github.repository }}:${{ github.event.release.tag_name }} quay.io/${{ github.repository }}:latest
           docker push quay.io/${{ github.repository }}:${{ github.event.release.tag_name }}
           docker push quay.io/${{ github.repository }}:latest
+
+      - name: Configure git
+        run: |
+          git config user.name "$GITHUB_ACTOR"
+          git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
+
+      - name: Release Helm chart
+        run: |
+          ansible-playbook ansible/helm-release.yml -v \
+            -e operator_image=quay.io/${{ github.repository }} \
+            -e chart_owner=${{ github.repository_owner }} \
+            -e tag=${{ github.event.release.tag_name }} \
+            -e gh_token=${{ secrets.GITHUB_TOKEN }}

.gitignore

@@ -4,3 +4,5 @@
 /bundle
 /bundle_tmp*
 /bundle.Dockerfile
+/charts
+/.cr-release-packages

Makefile

@@ -265,8 +265,11 @@ CR = $(shell which cr)
 endif
 endif
 
+charts:
+	mkdir -p $@
+
 .PHONY: helm-chart
-helm-chart: kustomize helm kubectl-slice yq
+helm-chart: kustomize helm kubectl-slice yq charts
 	@echo "== KUSTOMIZE (image and namespace) =="
 	cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG}
 	cd config/default && $(KUSTOMIZE) edit set namespace ${NAMESPACE}
@@ -285,27 +288,25 @@ helm-chart: kustomize helm kubectl-slice yq
 	cd config/default && $(KUSTOMIZE) edit set annotation helm.sh/chart:$(CHART_NAME)-$(VERSION)
 
 	@echo "== SLICE =="
-	$(KUSTOMIZE) build config/default | \
+	$(KUSTOMIZE) build --load-restrictor LoadRestrictionsNone config/default | \
 		$(KUBECTL_SLICE) --input-file=- \
 			--output-dir=charts/$(CHART_NAME)/templates \
 			--sort-by-kind
 	@echo "Helm Chart $(VERSION)" > charts/$(CHART_NAME)/templates/NOTES.txt
 
-.PHONY: helm-release
-helm-release: cr helm-chart
-	$(CR) version
+
+.PHONY: helm-package
+helm-package: cr helm-chart
 	@echo "== CHART RELEASER (package) =="
 	$(CR) package ./charts/awx-operator
-	@echo "== CHART RELEASER (upload) =="
-	$(CR) upload \
-		--owner "$(CHART_OWNER)" \
-		--git-repo "$(CHART_REPO)" \
-		--token "$(CR_TOKEN)" \
-		--skip-existing
 
+# The actual release happens in ansible/helm-release.yml
+# until https://github.com/helm/chart-releaser/issues/122 happens
+.PHONY: helm-index
+helm-index: cr helm-chart
 	@echo "== CHART RELEASER (httpsorigin) =="
 	git remote add httpsorigin "https://github.com/$(CHART_OWNER)/$(CHART_REPO).git"
-	git fetch --all
+	git fetch httpsorigin
 
 	@echo "== CHART RELEASER (index) =="
 	$(CR) index \
@@ -316,4 +317,5 @@ helm-release: cr helm-chart
 		--index-path "./charts/$(CHART_INDEX)" \
 		--charts-repo "https://$(CHART_OWNER).github.io/$(CHART_REPO)/$(CHART_INDEX)" \
 		--remote httpsorigin \
+		--release-name-template="{{ .Version }}" \
 		--push

README.md

@@ -1084,9 +1084,10 @@ The first step is to create a draft release. Typically this will happen in the [
 
 If you need to do an independent release of the operator, you can run the [Stage Release](https://github.com/ansible/awx-operator/blob/devel/.github/workflows/stage.yml) in the awx-operator repo. Both of these workflows will run smoke tests, so there is no need to do this manually.
 
-After the draft release is created, publish it and the [Promote AWX Operator image](https://github.com/ansible/awx-operator/blob/devel/.github/workflows/promote.yaml) will run, publishing the image to Quay.
+After the draft release is created, publish it and the [Promote AWX Operator image](https://github.com/ansible/awx-operator/blob/devel/.github/workflows/promote.yaml) will run, which will:
 
-The [Helm release](https://github.com/ansible/awx-operator/blob/devel/.github/workflows/helm-release.yaml) workflow will create and publish a release for every tag.
+- Publish image to Quay
+- Release Helm chart
 
 ## Author
 

ansible/helm-release.yml

@@ -0,0 +1,47 @@
+---
+- hosts: localhost
+  vars:
+    chart_repo: awx-operator
+  tasks:
+    - name: Look up release
+      uri:
+        url: "https://api.github.com/repos/{{ chart_owner }}/{{ chart_repo }}/releases/tags/{{ tag }}"
+      register: release
+      ignore_errors: yes
+
+    - fail:
+        msg: |
+          Release must exist before running this playbook
+      when: release is not success
+
+    - name: Build and package helm chart
+      command: |
+        make helm-chart helm-package
+      environment:
+        VERSION: "{{ tag }}"
+        IMAGE_TAG_BASE: "{{ operator_image }}"
+      args:
+        chdir: "{{ playbook_dir }}/../"
+
+    # Move to chart releaser after https://github.com/helm/chart-releaser/issues/122 exists
+    - name: Upload helm chart
+      uri:
+        url: "https://uploads.github.com/repos/{{ chart_owner }}/{{ chart_repo }}/releases/{{ release.json.id }}/assets?name=awx-operator-{{ tag }}.tgz"
+        src: "{{ playbook_dir }}/../.cr-release-packages/awx-operator-{{ tag }}.tgz"
+        headers:
+          Authorization: "token {{ gh_token }}"
+          Content-Type: "application/octet-stream"
+        status_code:
+          - 200
+          - 201
+      register: asset_upload
+      changed_when: asset_upload.json.state == "uploaded"
+
+    - name: Publish helm index
+      command: |
+        make helm-index
+      environment:
+        CHART_OWNER: "{{ chart_owner }}"
+        CR_TOKEN: "{{ gh_token }}"
+      args:
+        chdir: "{{ playbook_dir }}/../"