-
Notifications
You must be signed in to change notification settings - Fork 16
119 lines (106 loc) · 4.28 KB
/
call-lint-chart.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
name: Auto Chart Lint
env:
DEFAULT_BRANCH: main
on:
workflow_call:
inputs:
ref:
required: true
type: string
workflow_dispatch:
inputs:
ref:
description: 'sha, tag, branch'
required: true
default: main
pull_request:
paths:
- 'charts/**'
jobs:
chart-lint-test:
runs-on: ubuntu-latest
steps:
- name: prepare
id: prepare
run: |
if ${{ inputs.ref != '' }} ; then
echo "trigger by workflow_call"
echo "RUN_REF=${{ inputs.ref }}" >> $GITHUB_ENV
echo "RUN_JUST_LINT_CHART=false" >> $GITHUB_ENV
elif ${{ github.event_name == 'workflow_dispatch' }} ; then
echo "trigger by workflow_dispatch"
echo "RUN_REF=${{ github.event.inputs.ref }}" >> $GITHUB_ENV
echo "RUN_JUST_LINT_CHART=false" >> $GITHUB_ENV
elif ${{ github.event_name == 'pull_request' }} ; then
echo "trigger by pull_request"
echo "RUN_REF=${{ github.event.pull_request.head.sha }}" >> $GITHUB_ENV
echo "RUN_JUST_LINT_CHART=true" >> $GITHUB_ENV
else
echo "error, trigger by unknown event ${{ github.event_name }}"
exit 1
fi
# https://github.com/actions/checkout
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
ref: ${{ env.RUN_REF }}
- name: Install yq
run: |
YQ_VERSION=v4.33.1
YQ_BINARY="yq_$(uname | tr 'A-Z' 'a-z')_amd64"
wget https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/${YQ_BINARY}.tar.gz -O /tmp/yq.tar.gz
tar -xzf /tmp/yq.tar.gz -C /tmp
sudo mv /tmp/${YQ_BINARY} /usr/bin/yq
sudo chmod +x /usr/bin/yq
yq &>/dev/null || exit 1
- name: Lint Chart
run: |
make chart_package
# trivy
make lint_chart_trivy
# The cached helm binary path is prepended to the PATH environment variable as well as stored in the helm-path output variable
# https://github.com/Azure/setup-helm
- name: Set up Helm
if: ${{ env.RUN_JUST_LINT_CHART == 'false' }}
uses: azure/setup-helm@v4
# https://github.com/actions/setup-python
- name: Set up Python
if: ${{ env.RUN_JUST_LINT_CHART == 'false' }}
uses: actions/[email protected]
with:
python-version: 3.8
architecture: x64
# https://github.com/helm/chart-testing-action
# Pre-requisites: A GitHub repo containing a directory with your Helm charts (e.g: charts)
- name: Set up chart-testing
if: ${{ env.RUN_JUST_LINT_CHART == 'false' }}
uses: helm/[email protected]
- name: Run chart-testing (list-changed)
if: ${{ env.RUN_JUST_LINT_CHART == 'false' }}
id: list-changed
run: |
# https://github.com/helm/chart-testing-action/issues/25
# if the default branch is not master , the CLI exits with error
changed=$( ct list-changed --target-branch ${{ env.DEFAULT_BRANCH }} )
if [[ -n "$changed" ]]; then
echo "RUN_CHANGED=true" >> $GITHUB_ENV
fi
# version checking, YAML schema validation on 'Chart.yaml', YAML linting on 'Chart.yaml'
# and 'values.yaml', and maintainer validation
- name: Run chart-testing (lint)
if: ${{ env.RUN_JUST_LINT_CHART == 'false' }}
run: ct lint --debug --target-branch=${{ env.DEFAULT_BRANCH }} --check-version-increment=false
# https://github.com/helm/kind-action
- name: Create Kind cluster
if: ${{ env.RUN_CHANGED == 'true' && env.RUN_JUST_LINT_CHART == 'false' }}
uses: helm/[email protected]
with:
wait: 120s
#kubectl_version: ${{ env.K8S_VERSION }}
# It automatically detects charts changed
- name: Run chart-testing (install)
if: ${{ env.RUN_JUST_LINT_CHART == 'false' }}
run: ct install --debug --target-branch ${{ env.DEFAULT_BRANCH }}
# https://github.com/helm/helm/issues/8036 do below before ct install
# if [ -f "./Chart.lock" ]; then cat ./Chart.lock | grep repository | awk '{print $2}' | while read -r line ; do helm repo add $line $line; done; fi