GitHub Actions: Add Release workflow

.github/workflows/helm.yaml

@@ -0,0 +1,51 @@
+# Copyright 2024 NVIDIA CORPORATION
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Run this workflow on new tags
+name: Publish Helm Chart
+
+on:
+  release:
+    types:
+      - published
+
+jobs:
+  update-helm-charts:
+    name: Update gh-pages branch helm charts and index
+    runs-on: ubuntu-latest
+    env:
+      HELM_REPO_PATH: releases/helm-${{ github.event.release.tag_name }}/
+    steps:
+    - name: Install Helm
+      uses: azure/setup-helm@v4.2.0
+      with:
+        version: 3.14.4
+
+    - name: Check out repo
+      uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+
+    - name: Update helm index
+      env:
+        VERSION: ${{ github.event.release.tag_name }}
+        DOWNLOAD_URL: ${{ join(github.event.release.assets.*.browser_download_url, ' ') }}
+      run: |
+        git config user.name "Github Actions"
+        git config user.email "no-reply@github.com"
+        ./hack/update-helm-index.sh --helm-repo-path $HELM_REPO_PATH $DOWNLOAD_URL
+
+    - name: Push updated Helm charts and index to gh-pages branch
+      run: |
+        git -C $HELM_REPO_PATH push https://${GITHUB_ACTOR}:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }} gh-pages

.github/workflows/release.yaml

@@ -0,0 +1,65 @@
+# Copyright 2024 NVIDIA CORPORATION
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Run this workflow on new tags
+name: Release
+
+on:
+  push:
+    tags:
+      - v*
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        name: Check out code
+
+      - name: Create Draft Release
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          OWNER: ${{ github.repository_owner }}
+          REPO: ${{ github.event.repository.name }}
+        run: |
+          PRERELEASE_FLAG=""
+          if [[ ${{ github.ref_name }} == v*-rc.* ]]; then
+            PRERELEASE_FLAG="--prerelease"
+          fi
+          gh release create ${{ github.ref_name }} \
+            --draft \
+            -t ${{ github.ref_name	}} \
+            -n $(./hack/generate-changelog.sh --version ${{ github.ref_name }}) \
+            -R $OWNER/$REPO \
+            --verify-tag \
+            $PRERELEASE_FLAG
+
+      - name: Install Helm
+        uses: azure/setup-helm@v4.2.0
+        with:
+          version: 3.14.4
+
+      - name: Generate Helm Charts
+        run: |
+          ./hack/package-helm-charts.sh ${{ github.ref_name }}
+
+      - name: Upload Release Artifacts
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          OWNER: ${{ github.repository_owner }}
+          REPO: ${{ github.event.repository.name }}
+        run: |
+          HELM_PACKAGE_VERSION=${GITHUB_REF_NAME#v}
+          gh release upload ${{ github.ref_name }} ./nvidia-device-plugin-${HELM_PACKAGE_VERSION}.tgz -R $OWNER/$REPO
+          gh release upload ${{ github.ref_name }} ./gpu-feature-discovery-${HELM_PACKAGE_VERSION}.tgz -R $OWNER/$REPO

RELEASE.md

@@ -5,16 +5,22 @@ The device plugin consists in two artifacts:
 - The Device Plugin helm chart
 
 Publishing the container is automated through gitlab-ci and only requires one to tag the commit and push it to gitlab.
-Publishing the helm chart is currently manual, and we should move to an automated process ASAP
 
 # Release Process Checklist
 - [ ] Run the `./hack/prepare-release.sh` script to update the version in all the needed files
 - [ ] Run the `./hack/package-helm-charts.sh` script to generate the helm charts
 - [ ] Run the `./hack/generate-changelog.sh` script to generate the a draft changelog
 - [ ] Update the CHANGELOG.md file with the generated changelog
 - [ ] Commit, Tag and Push to Gitlab
-- [ ] Switch to the `gh-pages` branch and move the newly generated package to the `stable` helm repo
-- [ ] While on the `gh-pages` branch, run the `./build-index.sh` script to rebuild the indices for each repo
-- [ ] Commit and push the `gh-pages` branch to GitHub
-- [ ] Wait for the [CI job associated with your tag] (https://gitlab.com/nvidia/kubernetes/device-plugin/-/pipelines) to complete
-- [ ] Create a [new release](https://github.com/NVIDIA/k8s-device-plugin/releases) on Github with the changelog
+- [ ] Wait for the `Release` GitHub Action to complete
+- [ ] Publish the [draft release](https://github.com/NVIDIA/k8s-device-plugin/releases) created by the GitHub Action
+- [ ] Wait for the `Publish Helm Chart` GitHub Action to complete
+
+## Troubleshooting
+- If the `Release` GitHub Action fails:
+    - check the logs for the error first.
+    - Manually run the `Release` GitHub Action locally with the same inputs.
+    - If the action fails, manually run `./hack/package-helm-charts.sh` and upload the generated charts to the release assets.
+- If the `Publish Helm Chart` GitHub Action fails:
+    - Check the logs for the error.
+    - Manually run `./hack/update-helm-index.sh` with the generated charts from the `Release` GitHub Action or the `./hack/package-helm-charts.sh` script.

hack/generate-changelog.sh

@@ -77,4 +77,4 @@ echo ""
 echo "### Version $VERSION"
 
 # Iterate over the commit messages and ignore the ones that start with "Merge" or "Bump"
-git log --pretty=format:"%s" $REFERENCE..@ | grep -Ev "(^Merge )|(^Bump)" |  sed 's/^\(.*\)/- \1/g'
+git log --pretty=format:"%s" $REFERENCE..@ | grep -Ev "(^Merge )|(^Bump)|(no-relnote)" |  sed 's/^\(.*\)/- \1/g'

hack/package-helm-charts.sh

@@ -16,6 +16,14 @@
 
 set -o pipefail
 
+# if arg1 is set, it will be used as the version number
+if [ -z "$1" ]; then
+  VERSION=$(awk -F= '/^VERSION/ { print $2 }' versions.mk | tr -d '[:space:]')
+else
+  VERSION=$1
+fi
+VERSION=${VERSION#v}
+
 # Create temporary directory for GFD Helm chart
 rm -rf deployments/helm/gpu-feature-discovery
 mkdir -p deployments/helm/gpu-feature-discovery
@@ -24,5 +32,5 @@ yq e -i '.devicePlugin.enabled = false | .gfd.enabled = true'  deployments/helm/
 yq e -i '.name = "gpu-feature-discovery" | .description = "A Helm chart for gpu-feature-discovery on Kubernetes"' deployments/helm/gpu-feature-discovery/Chart.yaml
 
 # Create release assets to be uploaded
-helm package deployments/helm/gpu-feature-discovery/
-helm package deployments/helm/nvidia-device-plugin/
+helm package deployments/helm/gpu-feature-discovery/ --version $VERSION --app-version $VERSION
+helm package deployments/helm/nvidia-device-plugin/ --version $VERSION --app-version $VERSION

hack/prepare-release.sh

@@ -28,7 +28,7 @@ Options:
 
 Example:
 
-  $this v0.15.0
+  $this {{ VERSION }}
 
 EOF
 }

hack/update-helm-index.sh

@@ -0,0 +1,139 @@
+#!/bin/bash -e
+
+# Copyright (c) 2024, NVIDIA CORPORATION.  All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -o pipefail
+
+this=`basename $0`
+
+usage () {
+cat << EOF
+Usage: $this [-h]
+
+Options:
+  --helm-repo-path      specify the path to the Helm repo (defaults to HELM_REPO_PATH)
+  --help/-h             show help for this command and exit
+
+Example:
+  - from a local path:
+	$this /path/to/nvidia-device-plugin-{{ VERSION }}.tgz
+  - from a URL:
+    $this https://github.com/NVIDIA/k8s-device-plugin/archive/refs/tags/nvidia-device-plugin-{{ VERSION }}.tgz
+
+EOF
+}
+
+#
+# Parse command line
+#
+while [[ $# -gt 0 ]]; do
+	key="$1"
+	case $key in
+		--helm-repo-path)
+			HELM_REPO_PATH="$2"
+			shift 2
+			break
+			;;
+		--help/h) usage
+			exit 0
+			;;
+	esac
+done
+
+if [ -z "${HELM_REPO_PATH}" ]; then
+	echo "helm repo path not specified"
+	usage
+	exit 1
+fi
+
+# now we take the input from the user and check if is a path or url http/https
+asset_path="$@"
+
+if [ -z "$asset_path" ]; then
+	echo "No assets provided"
+	usage
+	exit 1
+fi
+
+if [[ $asset_path =~ ^https?:// ]]; then
+	asset_urls=$asset_path
+else
+	asset_local=$asset_path
+fi
+
+GH_REPO_PULL_URL="https://github.com/NVIDIA/k8s-device-plugin.git"
+git clone --depth=1 --branch=gh-pages ${GH_REPO_PULL_URL} ${HELM_REPO_PATH}
+mkdir -p ${HELM_REPO_PATH}/stable
+
+# Charts are local, no need to download
+if [ -n "$asset_local" ]; then
+	echo "Copying $asset_local..."
+	cp -f $asset_local $HELM_REPO_PATH/stable
+else
+	# Download charts from release assets
+	for asset_url in $asset_urls; do
+		if ! echo "$asset_url" | grep -q '.*tgz$'; then
+			echo "Skipping $asset_url, does not look like a Helm chart archive"
+			continue
+		fi
+		echo "Downloading $asset_url..."
+		curl -sSfLO -o $HELM_REPO_PATH/stable/$(basename $asset_url) $asset_url
+		# We rely on all release assets having the same baseurl
+		download_baseurl=`dirname $HELM_REPO_PATH/stable/$(basename $asset_url)`
+	done
+	if [ -z "$download_baseurl" ]; then
+		echo "No Helm chart release assets found"
+		exit 0
+	fi
+fi
+
+echo "Updating helm index"
+helm repo index $HELM_REPO_PATH/stable --merge $HELM_REPO_PATH/stable/index.yaml --url https://nvidia.github.io/k8s-device-plugin/stable
+cp -f $HELM_REPO_PATH/stable/index.yaml $HELM_REPO_PATH/index.yaml
+
+changes=$( git -C $HELM_REPO_PATH status --short )
+
+# Check if there were any changes in the repo
+if [ -z "${changes}" ]; then
+    echo "No changes in Helm repo index, gh-pages branch already up-to-date"
+    exit 0
+fi
+
+VERSION=$( echo "${changes}" | grep -v index | grep -oE "\-[0-9\.]+(\-[\-\.rc0-9]+)?.tgz" | sort -u )
+VERSION=${VERSION#-}
+VERSION=${VERSION%.tgz}
+
+if [ -z "${VERSION}" ]; then
+	echo "Could not extract version information"
+	exit 1
+fi
+
+VERSION="v$VERSION"
+
+# Create a new commit
+echo "Committing changes..."
+git -C $HELM_REPO_PATH add index.yaml stable
+
+cat <<EOF | git -C $HELM_REPO_PATH commit --signoff -F -
+Add packages for ${VERSION} release
+
+This adds the following packages to the NVIDIA GPU Device Plugin Helm repo:
+$( git -C $HELM_REPO_PATH diff HEAD --name-only | grep -v index | sed 's#stable/#* #g' | sort -r )
+
+Note: This is an automated commit.
+
+EOF
+
+echo "gh-pages branch successfully updated"