docs: autodeploy docs on GH (#2194)

* Create release_helm_charts.yml

* fix: add automation

* Update index.yaml

* test: releaseing a new chart

* Revert "test: releaseing a new chart"

This reverts commit f028446.

* fix: clean up tgz

* ci: add dependency run

Former-commit-id: c063116

.github/workflows/backport.yml

@@ -0,0 +1,52 @@
+name: Backport
+on:
+  pull_request_target:
+    types: [closed, labeled]
+    branches: [main, release-*]
+
+# WARNING:
+# When extending this action, be aware that $GITHUB_TOKEN allows write access to
+# the GitHub repository. This means that it should not evaluate user input in a
+# way that allows code injection.
+
+jobs:
+  backport:
+    name: Backport Pull Request
+    # Run the action if a PR is merged with backport labels
+    # OR
+    # when already merged PR is labeled with backport labels
+    if: >
+      github.event.pull_request.merged
+      && (
+        github.event.action == 'closed'
+        || (
+          github.event.action == 'labeled'
+          && startsWith(github.event.label.name, 'backport/')
+        )
+      )
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          # required to find all branches
+          fetch-depth: 0
+          token: ${{ secrets.MOAUTO_WORKFLOW_TOKEN }}
+          ref: ${{ github.event.pull_request.head.sha }}
+      - name: Create backport PRs
+        # should be kept in sync with `version`
+        uses: zeebe-io/backport-action@v0.0.8
+        with:
+          # Config README: https://github.com/zeebe-io/backport-action#backport-action
+          github_token: ${{ secrets.MOAUTO_WORKFLOW_TOKEN }}
+          github_workspace: ${{ github.workspace }}
+          # should be kept in sync with `uses`
+          version: v0.0.8
+
+          # Regex pattern to match GitHub labels
+          # The capture group catches the target branch
+          # i.e. label backport/v1.0.0 will create backport PR for branch v1.0.0
+          label_pattern: ^backport\/([^ ]+)$
+
+          pull_description: |-
+            Automated backport to `${target_branch}`, triggered by a label in #${pull_number}.
+            See ${issue_refs}.

.github/workflows/build-docs.yml

@@ -0,0 +1,119 @@
+name: Publish docs via GitHub Pages
+on:
+  push:
+    branches:
+      - main
+  release:
+    types:
+      - published
+
+jobs:
+  build:
+    env:
+      GH_TOKEN: ${{ secrets.GIT_AUTHOR_MKDOCS_DEPLOY }}
+    name: Deploy docs
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Set up Python 3.9
+        uses: actions/setup-python@v4
+        with:
+          python-version: 3.9
+          cache: pip
+          cache-dependency-path: docs/requirements.txt
+
+      - name: Install dependencies
+        run: |
+          pip install --require-hashes -r docs/requirements.txt
+
+      - name: Generate docs
+        run: echo "Something should happen here"
+
+      - name: git config
+        run: |
+          git config --local user.email "action@github.com"
+          git config --local user.name "GitHub Action"
+
+      # This deploys the current docs into gh-pages/head on merges to main
+      # The old "main" gets deleted if it exists, head is more descriptive
+      - name: mike deploy head
+        if: contains(github.ref, 'refs/heads/main')
+        run: |
+          mike deploy --push head
+
+      # If a release has been published, deploy it as a new version
+      - name: mike deploy new version
+        if: >-
+          github.event_name == 'release' &&
+          github.event.action == 'published' &&
+          !github.event.release.draft &&
+          !github.event.release.prerelease
+        env:
+          VERSION: ${{ github.event.release.tag_name }}
+        run: |
+          mike deploy --push "$VERSION"
+
+      - name: Update mike version aliases
+        id: set_versions
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          TAGS=$(gh release list -L 1000 -R ${{ github.repository }} | grep -o '^\v.*'| grep -v Draft | cut -f 1 | sed '/-/!{s/$/_/}' | sort -V | sed 's/_$//')
+          LATEST=$(echo "${TAGS}" | tail -1)
+          STABLE=$(echo "${TAGS}" | grep -v -- "-" | tail -1)
+          mike alias -u head main
+          mike alias -u "${STABLE}" stable
+          mike set-default --push stable
+          echo ::set-output name=LATEST::${LATEST}
+          echo ::set-output name=STABLE::${STABLE}
+
+      # Ensures the current branch is gh-pages,
+      # Creates / updates the "stable" and "latest" plain text files with the corresponding versions
+      # Commits if the files were changed
+      # Finally pushes if there are unpushed commits
+      - name: Create version files
+        run: |
+          LATEST=${{ steps.set_versions.outputs.LATEST }}
+          STABLE=${{ steps.set_versions.outputs.STABLE }}
+          git checkout gh-pages
+          echo "${STABLE}" > stable.txt
+          git add stable.txt && git update-index --refresh
+          git diff-index --quiet HEAD -- || git commit -m "Set stable to ${STABLE}"
+          echo "${LATEST}" > latest.txt
+          git add latest.txt && git update-index --refresh
+          git diff-index --quiet HEAD -- || git commit -m "Set latest to ${LATEST}"
+          git push origin gh-pages
+
+  # Because the output of the index.yaml is also in gh-pages we want to ensure the jobs run after each other
+  # This releases the helm chart
+  release-helm-chart:
+    # depending on default permission settings for your org (contents being read-only or read-write for workloads), you will have to add permissions
+    # see: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#modifying-the-permissions-for-the-github_token
+    needs: build
+    permissions:
+      contents: write
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Configure Git
+        run: |
+          git config user.name "$GITHUB_ACTOR"
+          git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
+
+      - name: Install Helm
+        uses: azure/setup-helm@v1
+        with:
+          version: v3.8.1
+
+      - name: Run chart-releaser
+        uses: helm/chart-releaser-action@v1.4.0
+        env:
+          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"

.github/workflows/docs.yml

@@ -96,3 +96,21 @@ jobs:
             exit 1
           fi
           
+
+  lint_docs:
+    env:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Markdown linter
+        continue-on-error: true
+        run: |
+          sudo apt-get install rubygems -y
+          sudo gem install mdl
+          mdl docs/
+

.github/workflows/release.yaml

@@ -2,43 +2,44 @@ name: release
 on:
   workflow_dispatch:
 jobs:
-  release-chart-pr:
-    if: contains(github.event.head_commit.message, 'Release-As:') || github.event_name == 'workflow_dispatch'
-    runs-on: ubuntu-latest
-    strategy:
-      #max-parallel: 1
-      fail-fast: false
-      matrix:
-        charts: [ "charts/janssen" ]
-    steps:
-    - name: Checkout
-      uses: actions/checkout@v3
-      with:
-        fetch-depth: 0
-
-    - name: Import GPG key
-      id: import_gpg
-      uses: crazy-max/ghaction-import-gpg@v5
-      with:
-        gpg_private_key: ${{ secrets.MOAUTO_GPG_PRIVATE_KEY }}
-        passphrase: ${{ secrets.MOAUTO_GPG_PRIVATE_KEY_PASSPHRASE }}
-        git_user_signingkey: true
-        git_commit_gpgsign: true
-
-    - name: Configure Git
-      run: |
-        git config user.name "mo-auto"
-        git config user.email "54212639+mo-auto@users.noreply.github.com"
-        git config --global user.signingkey "${{ steps.import_gpg.outputs.keyid }}"
-
-    - uses: google-github-actions/release-please-action@v3.3
-      id: release-please
-      with:
-         path: ${{ matrix.charts }}
-         token: ${{ secrets.MOAUTO_WORKFLOW_TOKEN }}
-         release-type: helm
-         package-name: ${{ matrix.charts }}
-         monorepo-tags: true
+# Currently the release of that charts is being handled by the build-docs.yml workflow
+#  release-chart-pr:
+#    if: contains(github.event.head_commit.message, 'Release-As:') || github.event_name == 'workflow_dispatch'
+#    runs-on: ubuntu-latest
+#    strategy:
+#      #max-parallel: 1
+#      fail-fast: false
+#      matrix:
+#        charts: [ "charts/janssen" ]
+#    steps:
+#    - name: Checkout
+#      uses: actions/checkout@v3
+#      with:
+#        fetch-depth: 0
+#
+#    - name: Import GPG key
+#      id: import_gpg
+#      uses: crazy-max/ghaction-import-gpg@v5
+#      with:
+#        gpg_private_key: ${{ secrets.MOAUTO_GPG_PRIVATE_KEY }}
+#        passphrase: ${{ secrets.MOAUTO_GPG_PRIVATE_KEY_PASSPHRASE }}
+#        git_user_signingkey: true
+#        git_commit_gpgsign: true
+#
+#    - name: Configure Git
+#      run: |
+#        git config user.name "mo-auto"
+#        git config user.email "54212639+mo-auto@users.noreply.github.com"
+#        git config --global user.signingkey "${{ steps.import_gpg.outputs.keyid }}"
+#
+#    - uses: google-github-actions/release-please-action@v3.3
+#      id: release-please
+#      with:
+#         path: ${{ matrix.charts }}
+#         token: ${{ secrets.MOAUTO_WORKFLOW_TOKEN }}
+#         release-type: helm
+#         package-name: ${{ matrix.charts }}
+#        monorepo-tags: true
   release-simple-pr:
     needs: release-chart-pr
     runs-on: ubuntu-latest

automation/github-labels/labels-schema.json

@@ -53,6 +53,15 @@
       "title-prefixes": []
     }
   },
+  "backport/v1.0.0": {
+    "color": "E86DDD",
+    "description": "Backport to version 1.0.0",
+    "auto-label": {
+      "branch": "",
+      "paths": [],
+      "title-prefixes": []
+    }
+  },
   "comp-charts-jans": {
     "color": "0052CC",
     "description": "Touching folder /charts",