Skip to content

feat(ci): add automatic chart version bump workflow #411

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
pierluigilenoci wants to merge 4 commits into
base: main
Choose a base branch
from
+233 −0
Draft

feat(ci): add automatic chart version bump workflow #411

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
ab67679
feat(ci): add automatic chart version bump workflow
pierluigilenoci Jun 5, 2026
a9c9f2d
fix(ci): pin action SHAs, use custom parser for Chart.yaml changelog
pierluigilenoci Jun 5, 2026
b75ed91
fix(scripts): fix changelog splice and add inline examples
pierluigilenoci Jun 5, 2026
a29ffc8
refactor(scripts): rewrite chart-version-parser as pure Python
pierluigilenoci Jun 6, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
37 changes: 37 additions & 0 deletions .github/workflows/bump-version.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
name: Bump Chart Version

on:
push:
branches:
- main

permissions:
contents: read

jobs:
bump-version:
if: "!contains(github.actor, 'oauth2-proxy-bot')"
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Checkout
uses: actions/checkout@v4
Comment thread
pierluigilenoci marked this conversation as resolved.
Outdated
with:
ssh-key: "${{ secrets.PUSH_KEY }}"
fetch-depth: 0

- name: Configure Git
run: |
git config user.name "oauth2-proxy-bot"
git config user.email "oauth2-proxy-bot@users.noreply.github.com"

- name: Bump Chart Version
uses: GarnerCorp/build-actions/bump-version@main
Comment thread
pierluigilenoci marked this conversation as resolved.
Outdated
with:
version-type: raw
version-file-path: helm/oauth2-proxy/Chart.yaml
Copy link
Copy Markdown

@jsoref jsoref Jun 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You'd probably want to do a bit more magic so that you can update this section:

manifests/helm/oauth2-proxy/Chart.yaml

Line 32 in 529c2f6

artifacthub.io/changes: |

We weren't actively maintaining helm charts, so it wasn't something I was worried about, but I'm starting to do more work with helm charts, so I might add that support myself...

Copy link
Copy Markdown
Member Author

@pierluigilenoci pierluigilenoci Jun 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point! I added scripts/chart-version-parser.sh as a custom version-parser for the action. It handles both version: and the artifacthub.io/changes block — it reads the commit-log produced by next-version, extracts the kind (added/changed) and description from each changelog file, and rewrites the annotation in place.

Would love your thoughts on whether the approach is sound — especially the changelog parsing logic. Happy to iterate!

Copy link
Copy Markdown

@jsoref jsoref Jun 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's pretty much what I envisioned when I designed this. Beyond this, I'd need some sample inputs and outputs to test it, but it feels about right.

Copy link
Copy Markdown
Member Author

@pierluigilenoci pierluigilenoci Jun 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great to hear — thanks for the validation! I'll add a few example inputs/outputs to the script's header comments to make it easier to test and reason about. Will update the PR shortly.

Copy link
Copy Markdown
Member Author

@pierluigilenoci pierluigilenoci Jun 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just pushed a fix and added the inline examples you mentioned. The script now has 5 documented test cases in the header (parse, update without log, two minor entries with PR refs, breaking change detection, no PR ref), and the changelog splice was rewritten in a single Python pass to avoid awk issues with multi-line strings containing slashes (URLs).

Tested locally — all 5 cases produce the expected output. Happy to add a proper bats test file if you think that's worth it.

git-name: "oauth2-proxy-bot"
git-email: "oauth2-proxy-bot@users.noreply.github.com"
major: changelogs/major
minor: changelogs/minor
10 changes: 10 additions & 0 deletions .github/workflows/lint-test.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,16 @@ jobs:
- name: Set up chart-testing
uses: helm/chart-testing-action@v2.8.0

- name: Check changelog entry
run: |
if git diff --name-only origin/main...HEAD | grep -q '^helm/'; then
if ! git diff --name-only origin/main...HEAD | grep -qE '^changelogs/(major|minor)/[^.]+$'; then
echo "::error::Chart files changed but no changelog entry found."
echo "Add a file to changelogs/minor/ (new feature) or changelogs/major/ (breaking change)."
exit 1
fi
fi

- name: Run chart-testing (list-changed)
id: list-changed
run: |
Expand Down
33 changes: 33 additions & 0 deletions changelogs/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
# Changelogs

This directory drives the automatic version bump workflow.

When a PR modifies the Helm chart, include a file in the appropriate subdirectory:

- `minor/` — new feature (bumps `x.Y.0`)
- `major/` — breaking change (bumps `X.0.0`)
- No file needed for patch-only changes (CI fixes, doc tweaks) — the workflow defaults to patch

## Filename

Use a descriptive name matching your PR, e.g.:
- `minor/add-runtimeclassname`
- `major/breaking-tpl-extrainitcontainers`

## File content

Write a short description of the change. This becomes part of the version bump commit message.

Example (`minor/add-runtimeclassname`):
```
Add optional runtimeClassName field to the Deployment spec, enabling
users to run oauth2-proxy under alternative container runtimes such as
gVisor or Kata Containers.
```

## How it works

On merge to `main`, the `bump-version` workflow reads files from these
directories, determines the bump type (major > minor > patch), updates
`version:` in `helm/oauth2-proxy/Chart.yaml`, commits, and pushes.
The changelog files are deleted as part of that commit.
Empty file added changelogs/major/.gitkeep
View file
Open in desktop
Empty file.
Empty file added changelogs/minor/.gitkeep
View file
Open in desktop
Empty file.
Loading