fix(update-artifacts-file): artifacts.json will change in the remote helm-charts repo

.github/workflows/test-update-artifacts-file.yml

@@ -17,10 +17,9 @@ jobs:
       - name: Update artifacts.json
         uses: ./actions/update-artifacts-file
         with:
-          type: "docker"
-          context: actions/update-artifacts-file
-          domain: test
-          artifact_name: "sftpgo"
-          artifact_tag: "v2.0.4"
+          type: "helm"
+          domain: infra
+          artifact_name: "jenkins"
+          artifact_tag: "5.0.17"
           registry: ${{ secrets.ACR_URL }}
           github_token: ${{ secrets.GH_PAT }}

actions/update-artifacts-file/README.md

@@ -14,15 +14,15 @@ This GitHub Action builds and publishes a Helm chart to a specified registry and
 
 ## 🛠 Inputs
 
-| Name             | Description                                                                 | Required | Default         |
-|------------------|-----------------------------------------------------------------------------|----------|-----------------|
-| `scope`          | The directory name used as a logical scope for the artifact                | ✅ Yes   |             |
-| `context`        | Path to the directory containing the Helm chart and helper scripts         | ❌ No   | `./helm`        |
-| `registry`       | Registry URL the artifact is pushed to (e.g., ACR address)                 | ✅ Yes   |                |
-| `type`           | Type of artifact (`helm`, `docker`, etc.)                                  | ✅ Yes   |  |
-| `artifact_name`  | Name of the artifact (e.g. `sftpgo`, `minio`)                              | ✅ Yes   |                |
-| `artifact_tag`   | Tag or version of the artifact (e.g. `v1.2.3`, `latest`)                   | ✅ Yes   |                |
-| `github_token`   | GitHub token with permission to commit & push changes                      | ✅ Yes   |                |
+| Name             | Description                                                                 | Required | Default                      |
+|------------------|-----------------------------------------------------------------------------|----------|------------------------------|
+| `domain`         | Logical scope or namespace for the artifact (used as subdirectory name)     | ✅ Yes   |                              |
+| `artifact_name`  | Name of the artifact (e.g. `sftpgo`, `minio`)                               | ✅ Yes   |                              |
+| `artifact_tag`   | Tag or version of the artifact (e.g. `v1.2.3`, `latest`)                    | ✅ Yes   |                              |
+| `type`           | Type of artifact (`helm`, `docker`, etc.)                                   | ✅ Yes   |                              |
+| `registry`       | Registry URL the artifact is pushed to (e.g., ACR address)                  | ✅ Yes   |                              |
+| `github_token`   | GitHub token with permission to clone, commit & push to the target repo     | ✅ Yes   |                              |
+| `target_repo`    | Target GitHub repo where `artifacts.json` should be updated (e.g. `org/repo`)| ❌ No    | `mapcolonies/helm-charts`   |
 
 ---
 
@@ -34,9 +34,10 @@ This GitHub Action builds and publishes a Helm chart to a specified registry and
 - name: Update artifacts.json
   uses: MapColonies/shared-workflows/actions/update-artifacts-file@update-artifacts-file-v1.0.0
   with:
-    scope: infra
+    domain: infra
     artifact_name: "sftpgo"
     artifact_tag: "v2.0.2"
+    type: "docker"
     registry: ${{ secrets.ACR_URL }}
     github_token: ${{ secrets.GH_PAT }}
 ```

actions/update-artifacts-file/action.yaml

@@ -1,60 +1,74 @@
 name: "Update Artifacts File"
-description: "An action to update the artifacts file"
+description: "An action to update the artifacts file in a different repository"
+
+env:
+  TARGET_PATH: temp_repo
+
 inputs:
   domain:
-    description: "domain or namespace for the artifact."
+    description: "Domain or namespace for the artifact."
     required: true
   registry:
     description: "Registry to push the artifact to."
     required: true
-  context:
-    description: "Path to the helm directory."
-    required: false
-    default: "./helm"
   type:
-    description: "Artifact`s type"
-    type: string
+    description: "Artifact type"
     required: true
   artifact_name:
-    description: "Artifact`s name"
-    type: string
+    description: "Artifact name"
     required: true
   artifact_tag:
-    description: "Artifact`s tag"
-    type: string
+    description: "Artifact tag"
+    required: true
+  github_token:
+    description: "GitHub token with access to target repository"
     required: true
+  target_repo:
+    description: "Target GitHub repository"
+    required: false
+    default: "mapcolonies/helm-charts"
+
 runs:
   using: "composite"
   steps:
     - name: Checkout helm chart repository
       uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      with:
+        repository: ${{ inputs.target_repo }}
+        token: ${{ inputs.github_token }}
+        path: $TARGET_PATH
 
-    - name: Set Execute Permission
-      run: chmod +x ./modify_artifacts.sh
+    - name: Set execute permission on modify script
+      run: chmod +x actions/update-artifacts-file/modify_artifacts.sh
       shell: bash
-      working-directory: ${{ inputs.context }}
 
-    - name: Run modify artifacts Script
-      run: ${{ inputs.context }}/modify_artifacts.sh 
+    - name: Run modify artifacts script
+      run: actions/update-artifacts-file/modify_artifacts.sh
       shell: bash
       env:
         DOMAIN: ${{ inputs.domain }}
         ARTIFACT_NAME: ${{ inputs.artifact_name }}
         ARTIFACT_TAG: ${{ inputs.artifact_tag }}
         TYPE: ${{ inputs.type }}
         REGISTRY: ${{ inputs.registry }}
+        TARGET_DIR: $TARGET_PATH
 
-    - name: Set commit Permission
-      run: chmod +x ./commit_changes.sh
+    - name: Set execute permission on commit script
+      run: chmod +x actions/update-artifacts-file/commit_changes.sh
       shell: bash
-      working-directory: ${{ inputs.context }}
 
-    - name: Run commit changes script
-      run: ${{ inputs.context }}/commit_changes.sh
+    - name: Commit and push changes
+      run: actions/update-artifacts-file/commit_changes.sh
       shell: bash
       env:
         DOMAIN: ${{ inputs.domain }}
         ARTIFACT_NAME: ${{ inputs.artifact_name }}
         ARTIFACT_TAG: ${{ inputs.artifact_tag }}
         TYPE: ${{ inputs.type }}
         GITHUB_TOKEN: ${{ inputs.github_token }}
+        TARGET_REPO: ${{ inputs.target_repo }}
+        TARGET_DIR: $TARGET_PATH
+
+    - name: Clean up target repo folder
+      run: rm -rf $TARGET_PATH
+      shell: bash

actions/update-artifacts-file/commit_changes.sh

@@ -1,26 +1,27 @@
 #!/bin/bash
-cd $DOMAIN
-git config --global user.name "mapcolonies[bot]"
-git config --global user.email "devops[bot]@mapcolonies.com"
+cd "$TARGET_DIR"
 
-git add .
-# Add "|| true" for not failing on this line 1
-git commit -m "chore: update artifacts.json for $DOMAIN" -m "with $TYPE artifact: $ARTIFACT_NAME:$ARTIFACT_TAG" || true
+git config user.name "mapcolonies[bot]"
+git config user.email "devops[bot]@mapcolonies.com"
+
+git add "$DOMAIN/artifacts.json"
+git commit -m "chore: update artifacts.json for $DOMAIN" -m "with $TYPE artifact: $ARTIFACT_NAME:$ARTIFACT_TAG" || echo "Nothing to commit"
 
 success=false
 for ((i=1; i<=5; i++)); do
-  echo "Attempt number $i"
-  if GIT_ASKPASS=echo git push https://x-access-token:$GITHUB_TOKEN@github.com/$GITHUB_REPOSITORY.git; then
+  echo "Attempt $i to push changes..."
+  if git push https://x-access-token:$GITHUB_TOKEN@github.com/$TARGET_REPO.git; then
     success=true
+    echo "Push succeeded"
     break
   else
+    echo "Push failed, retrying after pull"
+    git pull origin master --ff-only || true
     sleep 5
-    # --ff for fast-forward
-    git pull origin master --ff
   fi
 done
 
 if [ "$success" = false ]; then
-  echo "Failed to push changes."
+  echo "Failed to push changes after 5 attempts."
   exit 1
 fi

actions/update-artifacts-file/modify_artifacts.sh

@@ -1,15 +1,21 @@
 #!/bin/bash
-# Check if the directory exists
-if [ -d "$DOMAIN" ]; then
-  path="$DOMAIN/artifacts.json"
-  # Create a default empty JSON if the file doesn't exist
-  [[ -f "$path" ]] || echo '{}' > "$path"
-  # Ensure nested structure and assign artifact tag
-  jq --arg type "$TYPE" \
-    --arg registry "$REGISTRY" \
-    --arg key "${DOMAIN}/$ARTIFACT_NAME" \
-    --arg tag "$ARTIFACT_TAG" \
-    '.[$type][$registry][$key] = $tag' "$path" > tmp.json && mv tmp.json "$path"
-else
-  echo "Directory $REGISTRY/$DOMAIN does not exist"
-fi
+ARTIFACTS_PATH="$TARGET_DIR/$DOMAIN/artifacts.json"
+
+# Make sure the directory exists
+mkdir -p "$(dirname "$ARTIFACTS_PATH")"
+
+# If the file doesn't exist, initialize it
+[[ -f "$ARTIFACTS_PATH" ]] || echo '{}' > "$ARTIFACTS_PATH"
+
+# Ensure nested structure and assign artifact tag
+tmp_file=$(mktemp)
+jq --arg type "$TYPE" \
+   --arg registry "$REGISTRY" \
+   --arg key "${DOMAIN}/${ARTIFACT_NAME}" \
+   --arg tag "$ARTIFACT_TAG" '
+   .[$type] += {} | 
+   .[$type][$registry] += {} | 
+   .[$type][$registry][$key] = $tag
+' "$ARTIFACTS_PATH" > "$tmp_file" && mv "$tmp_file" "$ARTIFACTS_PATH"
+
+echo "artifacts.json updated successfully at $ARTIFACTS_PATH"