-
Notifications
You must be signed in to change notification settings - Fork 1
105 lines (87 loc) · 3.32 KB
/
ci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
name: Lint and Test Charts
on:
pull_request:
branches: [master]
# https://stackoverflow.com/a/72408109
concurrency:
cancel-in-progress: true
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
# Declare default permissions as read only.
permissions: read-all
jobs:
lint:
runs-on: ubuntu-24.04
container: ghcr.io/chgl/kube-powertools:v2.3.37@sha256:8cf87bcc6326e63a35d1cd43a831677023c7d9a94b0661b19c4f18edac691659
steps:
- name: Add workspace as safe directory
run: |
git config --global --add safe.directory /__w/charts/charts
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- name: Check if documentation is up-to-date
run: |
generate-docs.sh
if git diff --exit-code HEAD; then
echo -e "\033[0;32mDocumentation up to date\033[0m ✔"
else
echo -e "\033[0;31mDocumentation outdated! Please run generate-docs.sh locally and push the changes.\033[0m ❌"
git diff --color
exit 1
fi
- name: Update dependencies
run: find charts/ ! -path charts/ -maxdepth 1 -type d -exec helm dependency update {} \;
- name: Run YAML lint
run: yamllint .
- name: Run chart-testing (lint)
run: ct lint --config .github/ct/ct.yaml
- name: Run Powerlint
env:
KUBERNETES_VERSIONS: "1.28.0 1.29.0 1.30.0 1.31.0"
run: chart-powerlint.sh
# used to test whether the changelog generation process works
- name: Generate changelogs (test)
run: generate-chart-changelog.sh
test:
runs-on: ubuntu-24.04
needs:
- lint
strategy:
matrix:
k8s-version: [1.28.13, 1.29.8, 1.30.4, 1.31.0]
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit # change to 'egress-policy: block' after couple of runs
disable-sudo: true
disable-telemetry: true
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- name: Set up chart-testing
uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1
- name: Run chart-testing (list-changed)
id: list-changed
run: |
changed=$(ct list-changed)
if [[ -n "$changed" ]]; then
echo "changed=true" >> "${GITHUB_OUTPUT}"
fi
- name: Create k8s Kind Cluster
uses: helm/kind-action@ae94020eaf628e9b9b9f341a10cc0cdcf5c018fb # v1.11.0
if: ${{ steps.list-changed.outputs.changed == 'true' }}
with:
cluster_name: kind-cluster-k8s-${{ matrix.k8s-version }}
node_image: kindest/node:v${{ matrix.k8s-version }}
- name: Install test fixtures chart
if: ${{ steps.list-changed.outputs.changed == 'true' }}
run: |
helm dependency build hack/test-fixtures/
helm upgrade --install test-fixtures hack/test-fixtures/ \
--namespace=fixtures \
--create-namespace
- name: Run chart-testing (install)
run: ct install --config .github/ct/install.yaml