Copied from proxy-pipeline

.github/workflows/release.yml

@@ -5,7 +5,7 @@ on:
       - master
 env:
   AWS_ACCESS_KEY_ID: ${{ secrets.CI_AWS_CLIENT_ID }}
-  AWS_DEFAULT_REGION: "eu-west-1"
+  AWS_DEFAULT_REGION: 'eu-west-1'
   AWS_SECRET_ACCESS_KEY: ${{ secrets.CI_AWS_CLIENT_SECRET }}
   NDLA_AWS_ECR_REPO: ${{ secrets.NDLA_AWS_ECR_REPO }}
   CI_RELEASE_ROLE: ${{ secrets.CI_RELEASE_ROLE }}
@@ -23,78 +23,81 @@ env:
   GPG_KEY: ${{ secrets.DEPLOY_BLACKBOX_GPG_KEY_B64 }}
 jobs:
   release:
-    name: "Release and push to registry"
+    name: Release and push to registry
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           path: ndla/${{ github.event.repository.name }}
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           repository: NDLANO/deploy
           token: ${{ secrets.CI_GITHUB_TOKEN }}
           path: ndla/deploy
       - uses: actions/setup-python@v4
         with:
-          python-version: "3.11"
-      - name: "Setup ~/bin directory"
+          python-version: '3.11'
+      - uses: abatilo/actions-poetry@v2
+        with:
+          poetry-version: '1.6.1'
+      - name: Setup ~/bin directory
         run: |
-         mkdir -p /home/runner/bin
-         echo "/home/runner/bin" >> $GITHUB_PATH
-      - name: "Login to ECR repo"
-        run: RES=$(aws sts assume-role --role-arn $CI_RELEASE_ROLE --role-session-name github-actions-ecr-login)
+          mkdir -p /home/runner/bin
+          echo "/home/runner/bin" >> $GITHUB_PATH
+      - name: Login to ECR repo
+        run:
+          RES=$(aws sts assume-role --role-arn $CI_RELEASE_ROLE --role-session-name github-actions-ecr-login)
           AWS_ACCESS_KEY_ID=$(echo $RES | jq -r .Credentials.AccessKeyId)
           AWS_SECRET_ACCESS_KEY=$(echo $RES | jq -r .Credentials.SecretAccessKey)
           AWS_SESSION_TOKEN=$(echo $RES | jq -r .Credentials.SessionToken)
           aws ecr get-login-password --region eu-central-1 | docker login --username AWS --password-stdin $NDLA_AWS_ECR_REPO
-      - name: "Login to dockerhub"
+      - name: Login to dockerhub
         run: echo $DOCKER_HUB_PASSWORD | docker login --username $DOCKER_HUB_USERNAME --password-stdin
-      - name: "Cache pip"
+      - name: Cache pip
         uses: actions/cache@v3
         with:
-          path: ~/.cache/pip
-          key: ${{ runner.os }}-pip-${{ hashFiles('ndla/deploy/scripts/pyshare/requirements.txt') }}
+          path: ndla/deploy/.venv
+          key: ${{ runner.os }}-pip-${{ hashFiles('ndla/deploy/poetry.lock') }}
           restore-keys: |
             ${{ runner.os }}-pip-
             ${{ runner.os }}-
-      - name: "Install python dependencies"
+      - name: Install python dependencies
         run: |
-          python -m pip install --upgrade pip
-          PIP_CONSTRAINT=ndla/deploy/scripts/pyshare/constraints.txt python -m pip install -r ndla/deploy/scripts/pyshare/requirements.txt
-      - name: "Download blackbox"
+          # Setup the virtualenv in the repo to make caching of dependencies easier
+          poetry config virtualenvs.create true --local
+          poetry config virtualenvs.in-project true --local
+
+          # Install the deps!
+          poetry --directory $NDLA_DEPLOY install
+      - name: Download blackbox
         uses: actions/checkout@v3
         with:
           repository: StackExchange/blackbox
           path: blackbox
-      - name: "Install Blackbox and key"
+      - name: Install Blackbox and key
         run: |
           # Move binaries to path
           sudo mv blackbox/bin/* /home/runner/bin/
           echo -n "$GPG_KEY" | base64 --decode | gpg --import
-      - name: "Install kubectl"
+      - name: Install kubectl
         run: |
           curl -L https://storage.googleapis.com/kubernetes-release/release/v1.21.11/bin/linux/amd64/kubectl > kubectl
           sudo mv kubectl /home/runner/bin/kubectl
           sudo chmod +x /home/runner/bin/kubectl
           mkdir -p ~/.kube
-      - name: "Install aws-iam-authenticator"
+      - name: Install aws-iam-authenticator
         run: |
           sudo curl -L https://amazon-eks.s3-us-west-2.amazonaws.com/1.12.7/2019-03-27/bin/linux/amd64/aws-iam-authenticator > aws-iam-authenticator
           sudo mv aws-iam-authenticator /home/runner/bin/aws-iam-authenticator
           sudo chmod +x /home/runner/bin/aws-iam-authenticator
-      - name: "Install helm /w push-plugin"
+      - name: Install helm /w push-plugin
         run: |
           curl -L https://get.helm.sh/helm-v3.2.0-linux-amd64.tar.gz > /tmp/helm.tar.gz
           tar xvzf /tmp/helm.tar.gz -C /tmp/
           sudo mv /tmp/linux-amd64/helm /home/runner/bin/
           sudo chmod +x /home/runner/bin/helm
-          helm plugin install https://github.com/chartmuseum/helm-push.git --version 0.9.0
       - name: Build kubernetes config
-        run: |
-          eval "$($NDLA_DEPLOY/scripts/bin/ndla init -)"
-          _ndla_wrapper env kubeconfig test
-      - name: "Do release"
+        run: poetry -C $NDLA_DEPLOY run ndla env kubeconfig test
+      - name: Do release
         shell: bash
-        run: |
-          eval "$($NDLA_DEPLOY/scripts/bin/ndla init -)"
-          _ndla_wrapper release $COMPONENT --update-chart
+        run: poetry -C $NDLA_DEPLOY run ndla release $COMPONENT --update-chart