fix: fix helm-update-chart workflow to transfer missing crd updates

.github/workflows/ci.yml

@@ -9,7 +9,7 @@ on:
 
 permissions:
   contents: read
-  pull-requests: read
+  pull-requests: write
 
 
 jobs:
@@ -130,5 +130,54 @@ jobs:
           go mod tidy
           make test-e2e
 
+  helm-chart-reminder:
+    name: Helm Chart Update Reminder
+    runs-on: ubuntu-latest
+    if: github.event_name == 'pull_request'
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v6
+        with:
+          fetch-depth: 0
 
+      - name: Check for Helm-relevant changes
+        id: changes
+        run: |
+          DIFF="$(git diff origin/${{ github.base_ref }}...HEAD)"
+          REASONS=""
+          if echo "$DIFF" | grep -qE '^\+.*\+kubebuilder:rbac'; then
+            REASONS="${REASONS}\n- RBAC markers (\`+kubebuilder:rbac\`) were added or modified → update RBAC template"
+          fi
+          if echo "$DIFF" | grep -qE '^\+.*\+kubebuilder:webhook'; then
+            REASONS="${REASONS}\n- Webhook markers (\`+kubebuilder:webhook\`) were added or modified → update webhook configuration template"
+          fi
+          if git diff --name-only origin/${{ github.base_ref }}...HEAD | grep -q 'config/manager/manager.yaml'; then
+            REASONS="${REASONS}\n- \`config/manager/manager.yaml\` was modified → update deployment template (env vars, args, ports, volumes)"
+          fi
+          if [[ -n "$REASONS" ]]; then
+            echo "changed=true" >> "$GITHUB_OUTPUT"
+            # Use delimiter for multiline output
+            echo "reasons<<EOF" >> "$GITHUB_OUTPUT"
+            echo -e "$REASONS" >> "$GITHUB_OUTPUT"
+            echo "EOF" >> "$GITHUB_OUTPUT"
+          else
+            echo "changed=false" >> "$GITHUB_OUTPUT"
+          fi
+
+      - name: Comment on PR about Helm chart changes
+        if: steps.changes.outputs.changed == 'true'
+        env:
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          COMMENT_MARKER="<!-- helm-chart-reminder -->"
+          EXISTING=$(gh pr view ${{ github.event.pull_request.number }} --json comments --jq '[.comments[].body | select(contains("'"$COMMENT_MARKER"'"))] | length')
+          if [[ "$EXISTING" == "0" ]]; then
+            gh pr comment ${{ github.event.pull_request.number }} --body "${COMMENT_MARKER}
+          ⚠️ **Helm Chart Update Required**
+
+          This PR contains changes that likely require a matching update in [git-hubby-helm](https://github.com/Interhyp/git-hubby-helm):
 
+          ${{ steps.changes.outputs.reasons }}
+
+          After merging, run \`make manifests\` and compare the generated output in \`config/\` with the corresponding Helm chart templates."
+          fi

.github/workflows/helm-chart-update.yml

@@ -14,10 +14,11 @@ env:
   REGISTRY: ghcr.io
   IMAGE_NAME: ${{ github.repository }}
   HELM_REPO: Interhyp/git-hubby-helm
+  CHART_DIR: helm-chart
 
 jobs:
   update-helm-chart:
-    name: Update Helm Chart
+    name: Update Helm Chart CRDs
     runs-on: ubuntu-latest
     if: ${{ github.event_name == 'workflow_dispatch' || github.event.workflow_run.conclusion == 'success' }}
     steps:
@@ -43,9 +44,6 @@ jobs:
         with:
           go-version-file: go.mod
 
-      - name: Lowercase image name
-        run: echo "IMAGE_NAME=${IMAGE_NAME,,}" >> "$GITHUB_ENV"
-
       - name: Determine image version
         id: version
         run: |
@@ -66,69 +64,78 @@ jobs:
           echo "version=${VERSION}" >> "$GITHUB_OUTPUT"
           echo "Image version: ${VERSION}"
 
+      - name: Generate CRDs
+        run: make manifests
+
+      - name: Generate GitHub App token
+        id: app-token
+        uses: actions/create-github-app-token@v2
+        with:
+          app-id: ${{ secrets.HELM_APP_ID }}
+          private-key: ${{ secrets.HELM_APP_PRIVATE_KEY }}
+          owner: Interhyp
+          repositories: git-hubby-helm
+
       - name: Checkout Helm chart repository
         uses: actions/checkout@v6
         with:
           repository: ${{ env.HELM_REPO }}
-          token: ${{ secrets.HELM_CHART_PAT }}
-          path: helm-repo
-
-      - name: Generate Helm chart
-        run: make helm CHART_DIR=helm-repo/chart
-
-      - name: Update image tag in Helm chart
-        run: |
-          if [[ -f helm-repo/chart/values.yaml ]]; then
-            sed -i "s|tag:.*|tag: \"${{ steps.version.outputs.version }}\"|" helm-repo/chart/values.yaml
-            sed -i "s|repository:.*|repository: ${REGISTRY}/${IMAGE_NAME}|" helm-repo/chart/values.yaml
-          fi
-          if [[ -f helm-repo/chart/Chart.yaml ]]; then
-            sed -i "s|^appVersion:.*|appVersion: \"${{ steps.version.outputs.version }}\"|" helm-repo/chart/Chart.yaml
-          fi
+          token: ${{ steps.app-token.outputs.token }}
+          path: ${{ env.CHART_DIR }}
 
       - name: Determine target branch
         id: branch
         run: |
           if [[ "${{ steps.source.outputs.branch }}" == "main" ]]; then
-            echo "name=update/v${{ steps.version.outputs.version }}" >> "$GITHUB_OUTPUT"
+            echo "name=crd-update/v${{ steps.version.outputs.version }}" >> "$GITHUB_OUTPUT"
           else
-            BRANCH="$(echo '${{ steps.source.outputs.branch }}' | sed 's|[^a-zA-Z0-9._-]|-|g' | cut -c1-50)"
-            echo "name=snapshot/${BRANCH}" >> "$GITHUB_OUTPUT"
+            echo "name=crd-update/${{ steps.source.outputs.branch }}" >> "$GITHUB_OUTPUT"
           fi
 
+      - name: Checkout or create target branch
+        working-directory: ${{ env.CHART_DIR }}
+        run: |
+          git fetch origin "${{ steps.branch.outputs.name }}" 2>/dev/null && \
+            git checkout "${{ steps.branch.outputs.name }}" || \
+            git checkout -b "${{ steps.branch.outputs.name }}"
+
+      - name: Update CRDs in Helm chart
+        run: cp config/crd/bases/*.yaml ${{ env.CHART_DIR }}/crds/
+
+      - name: Update appVersion in Helm chart
+        run: |
+          if [[ -f ${{ env.CHART_DIR }}/Chart.yaml ]]; then
+            sed -i "s|^appVersion:.*|appVersion: \"${{ steps.version.outputs.version }}\"|" ${{ env.CHART_DIR }}/Chart.yaml
+          fi
 
       - name: Commit and push changes
-        working-directory: helm-repo
+        working-directory: ${{ env.CHART_DIR }}
         run: |
           git config user.name "github-actions[bot]"
           git config user.email "github-actions[bot]@users.noreply.github.com"
-          git checkout -b "${{ steps.branch.outputs.name }}"
           git add -A
           git diff --cached --quiet && echo "No changes to commit" && exit 0
-          git commit -m "chore: update helm chart to version ${{ steps.version.outputs.version }}"
-          git push --force origin "${{ steps.branch.outputs.name }}"
+          git commit -m "feat: update CRDs to version ${{ steps.version.outputs.version }}"
+          git push origin "${{ steps.branch.outputs.name }}"
 
       - name: Create Pull Request for main branch
         if: steps.source.outputs.branch == 'main'
         env:
-          GH_TOKEN: ${{ secrets.HELM_CHART_PAT }}
+          GH_TOKEN: ${{ steps.app-token.outputs.token }}
         run: |
-          cd helm-repo
+          cd ${{ env.CHART_DIR }}
           EXISTING_PR=$(gh pr list --head "${{ steps.branch.outputs.name }}" --json number --jq '.[0].number' 2>/dev/null || true)
           if [[ -n "$EXISTING_PR" ]]; then
             echo "PR #${EXISTING_PR} already exists, updating..."
             gh pr edit "$EXISTING_PR" \
-              --title "chore: update helm chart to v${{ steps.version.outputs.version }}" \
-              --body "Automated Helm chart update from [git-hubby release v${{ steps.version.outputs.version }}](https://github.com/${{ github.repository }}/releases/tag/v${{ steps.version.outputs.version }})"
+              --title "feat: update CRDs to v${{ steps.version.outputs.version }}" \
+              --body "Automated CRD update from [git-hubby release v${{ steps.version.outputs.version }}](https://github.com/${{ github.repository }}/releases/tag/v${{ steps.version.outputs.version }})"
           else
             gh pr create \
               --repo "${{ env.HELM_REPO }}" \
               --head "${{ steps.branch.outputs.name }}" \
               --base main \
-              --title "chore: update helm chart to v${{ steps.version.outputs.version }}" \
-              --body "Automated Helm chart update from [git-hubby release v${{ steps.version.outputs.version }}](https://github.com/${{ github.repository }}/releases/tag/v${{ steps.version.outputs.version }})" \
-              --label "automatic-update" \
-              --draft
+              --title "feat: update CRDs to v${{ steps.version.outputs.version }}" \
+              --body "Automated CRD update from [git-hubby release v${{ steps.version.outputs.version }}](https://github.com/${{ github.repository }}/releases/tag/v${{ steps.version.outputs.version }})" \
+              --label "automatic-update"
           fi
-
-

.gitignore

@@ -68,9 +68,3 @@ build-output/
 
 node_modules/
 
-# Generated Helm chart (output of make helm)
-chart/
-
-# post-helmify binary (built by go build ./hack/post-helmify/)
-/post-helmify
-

CONTRIBUTING.md

@@ -79,7 +79,6 @@ Run `make help` for the full list. The most important targets are:
 | `make lint-fix` | Lint with auto-fix |
 | `make generate` | Regenerate deepcopy and apply-configuration code |
 | `make manifests` | Regenerate CRDs and RBAC from kubebuilder markers |
-| `make helm` | Regenerate Helm chart from Kustomize manifests |
 | `make install` | Install CRDs into the current cluster |
 | `make deploy IMG=<image>` | Deploy the operator to the current cluster |
 | `make undeploy` | Remove the operator from the current cluster |
@@ -135,7 +134,6 @@ kubebuilder create webhook --group github --version v1alpha1 --kind <Kind> --def
 │   ├── conditions/            Status condition helpers
 │   └── logging/               Log mapping utilities
 ├── config/                    Kustomize manifests (mostly auto-generated)
-├── chart/                     Helm chart (generated via helmify)
 └── test/                      E2E and integration tests
 ```
 
@@ -280,18 +278,21 @@ make manifests generate crd-docs
 
 ### Helm Chart Update
 
-The **Update Helm Chart** workflow manages the Helm chart in [Interhyp/git-hubby-helm](https://github.com/Interhyp/git-hubby-helm):
+The **Update Helm Chart** workflow manages CRD updates in [Interhyp/git-hubby-helm](https://github.com/Interhyp/git-hubby-helm):
 
-- **Automatic (main only)**: After a successful release on `main`, the workflow regenerates the Helm chart, updates the image tag to the released version, pushes a branch to `git-hubby-helm`, and creates a draft PR labeled `automatic-update`.
-- **Manual (any branch)**: You can trigger the workflow manually via `workflow_dispatch` to test Helm chart generation from your feature branch. The result is pushed to a `snapshot/<branch>` branch in `git-hubby-helm` (no PR is created).
+- **Automatic (after release)**: After a successful "Build & Release" workflow, CRDs are copied to the helm chart repo with an updated `appVersion`, and a draft PR is created (main only) labeled `automatic-update`.
+- **Manual (any branch)**: You can trigger the workflow manually via `workflow_dispatch` to test CRD updates from your feature branch. The result is pushed to a `snapshot/<branch>` branch in `git-hubby-helm` (no PR is created).
 
 To manually trigger from your branch:
 
 ```bash
 gh workflow run "Update Helm Chart" --ref <your-branch-name>
 ```
 
-This lets you verify Helm chart changes before merging to `main`.
+> **Note**: Only CRDs are updated automatically. The Helm chart's other templates (deployment, RBAC, webhooks) are maintained manually. The CI workflow will comment on your PR if it detects changes that require a matching Helm chart update:
+> - `+kubebuilder:rbac` markers → RBAC template
+> - `+kubebuilder:webhook` markers → webhook configuration template
+> - `config/manager/manager.yaml` → deployment template (env vars, args, ports, volumes)
 
 ### Commit Message Format
 

Makefile

@@ -285,22 +285,6 @@ ginkgo: $(GINKGO) ## Download ginkgo CLI locally if necessary.
 $(GINKGO): $(LOCALBIN)
 	$(call go-install-tool,$(GINKGO),github.com/onsi/ginkgo/v2/ginkgo,$(GINKGO_VERSION))
 
-# Generate helm chart from kustomize using helmify
-
-HELMIFY ?= $(LOCALBIN)/helmify
-
-.PHONY: helmify
-helmify: $(HELMIFY) ## Download helmify locally if necessary.
-$(HELMIFY): $(LOCALBIN)
-	test -s $(LOCALBIN)/helmify || GOBIN=$(LOCALBIN) go install github.com/arttor/helmify/cmd/helmify@latest
-
-CHART_DIR ?= chart
-
-.PHONY: helm
-helm: manifests generate kustomize crd-docs helmify
-	$(KUSTOMIZE) build config/default | $(HELMIFY) -crd-dir $(CHART_DIR) && \
-	go run ./hack/post-helmify $(CHART_DIR)
-
 # Generate CRD Documentation using crd-ref-docs
 
 CRD_REF_DOCS ?= $(LOCALBIN)/crd-ref-docs