Image Updater Action

A GitHub action to update values in an existing YAML or JSON file. Given key and the updated value for the key to be updated, this action writes the newly provided value for the given key. The action can update the value in the following two ways:
Update the file in the existing branch (which is generally main)
Create a new branch from the source branch (which is generally main), update the value for the given key, and raise the PR to the target branch.
Use Cases
Update manifests repo (Helm Chart) after building a new Docker image
Update the image version configuration inside helm values.yaml after building docker image.
Snippet
YAML
jobs:
  push:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3

      - name: Update Image Version in the related HelmChart values.yaml
        uses: opsverseio/image-updater-[email protected]
        with:
          valueFile: 'deployment/helm/values.yaml'
          propertyPath: 'backend.version'
          value: ${{ steps.image.outputs.version }}
          branch: deployment/${{ steps.image.outputs.version }}
          targetBranch: development
          createPR: true
          message: 'Update Image Version to ${{ steps.image.outputs.version }}'
jobs:
  push:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3

      - name: Update Image Version in the related HelmChart values.yaml
        uses: opsverseio/image-updater-action@0.1.0
        with:
          valueFile: 'deployment/helm/values.yaml'
          propertyPath: 'backend.version'
          value: ${{ steps.image.outputs.version }}
          branch: deployment/${{ steps.image.outputs.version }}
          targetBranch: development
          createPR: true
          message: 'Update Image Version to ${{ steps.image.outputs.version }}'
﻿
Input Arguments
Base Configurations
Argument
Description
Default
repository
Repository URL where the manifests are present
﻿
valueFile
relative path from the Workspace Directory
﻿
propertyPath
Path of the key for which the value should be updated
﻿
value
New value that should be updated for the propertyPath
﻿
branch
The updated YAML file will be committed to this branch, branch will be created if not exists
master
createPR
Create a PR from branch to targetBranch. Use true to enable it
true
message
Commit message
' '
token
GitHub Token which is used to create the PR.
NOTE: The token should have right permissions for the selected repository.
﻿
workDir
Relative location of the configured repository
.
masterBranchName
The branch name of the primary branch
master
targetBranch
The branch for which a PR gets created from branch 
NOTE: If this setting is enabled, it opens a PR from branch to targetBranch if createPR is set to true
master
force
Allows force pushes
false
updateFile
(deprecated) The updated content will be written into the actual file by default
false
commitUserName
Name used for the commit userName used for the commit user
﻿
github-actions[bot]
commitUserEmail
Email address used for the commit user
41898282+github-actions[bot]@users.noreply.github.com
Examples
Sync an Application
To sync an application in the DeployNow instance automatically (without any manual intervention), use the following example:
﻿
YAML
name: Sync ArgoCD App
on:
  push:
    branches:
      - main
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: "📝 Update Image tag Version in the DEV manifest file"
        uses: OpsVerseIO/image-updater-[email protected]
        with:
          repository: "opsverseio/deployment-manifests"
          valueFile: 'hello-world-api/helm/stage/values.yaml'
          propertyPath: 'helloworldapidotnet.image.tag'
          value: '${{ env.SHORT_SHA }}'
          branch: main
          createPR: false
          message: '[STAGE] Update Image tag of hello-world-api-dotnet'
          token: ${{ secrets.GITHUB_TOKEN }}
          workDir: main
          masterBranchName: main
          targetBranch: main
          force: true
          updateFile: true
name: Sync ArgoCD App
on:
  push:
    branches:
      - main
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: "📝 Update Image tag Version in the DEV manifest file"
        uses: OpsVerseIO/image-updater-action@0.1.0
        with:
          repository: "opsverseio/deployment-manifests"
          valueFile: 'hello-world-api/helm/stage/values.yaml'
          propertyPath: 'helloworldapidotnet.image.tag'
          value: '${{ env.SHORT_SHA }}'
          branch: main
          createPR: false
          message: '[STAGE] Update Image tag of hello-world-api-dotnet'
          token: ${{ secrets.GITHUB_TOKEN }}
          workDir: main
          masterBranchName: main
          targetBranch: main
          force: true
          updateFile: true
﻿
The aforementioned example commits the value of ${{ env.SHORT_SHA }}  to helloworldapi.image.tag key of the values.yaml file.
Here is the values.yaml file for reverence:
YAML
helloworldapi:
  image:
    repository: <docker_image_registry>
    tag: fec171b9
  imagePullSecrets:
    - name: regcred
  ingress:
    enabled: true
    annotations:
      kubernetes.io/ingress.class: nginx
      cert-manager.io/cluster-issuer: cluster-letsencrypt-prod
    hosts:
      - host: <hostname>
        paths:
          - path: /
            pathType: ImplementationSpecific
  service:
    port: 3000
helloworldapi:
  image:
    repository: <docker_image_registry>
    tag: fec171b9
  imagePullSecrets:
    - name: regcred
  ingress:
    enabled: true
    annotations:
      kubernetes.io/ingress.class: nginx
      cert-manager.io/cluster-issuer: cluster-letsencrypt-prod
    hosts:
      - host: <hostname>
        paths:
          - path: /
            pathType: ImplementationSpecific
  service:
    port: 3000
﻿
NOTE: SHORT_SHA will be set in the docker image build step.
It is recommended to give GITHUB_TOKEN as repo secrets. Directly committing the raw secrets to GitHub is not a good security measure.

Argument	Description	Default
repository	Repository URL where the manifests are present
valueFile	relative path from the Workspace Directory
propertyPath	Path of the key for which the value should be updated
value	New value that should be updated for the propertyPath
branch	The updated YAML file will be committed to this branch, branch will be created if not exists	master
createPR	Create a PR from branch to targetBranch. Use true to enable it	true
message	Commit message	' '
token	GitHub Token which is used to create the PR. NOTE: The token should have right permissions for the selected repository.
workDir	Relative location of the configured repository	.
masterBranchName	The branch name of the primary branch	master
targetBranch	The branch for which a PR gets created from branch NOTE: If this setting is enabled, it opens a PR from branch to targetBranch if createPR is set to true	master
force	Allows force pushes	false
updateFile	(deprecated) The updated content will be written into the actual file by default	false
commitUserName	Name used for the commit userName used for the commit user	github-actions[bot]
commitUserEmail	Email address used for the commit user	41898282+github-actions[bot]@users.noreply.github.com

OPA Policy Check Action

ArgoCD Sync Action