-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
ci(charts): add linting and publishing jobs
Signed-off-by: Massimiliano Giovagnoli <[email protected]>
- Loading branch information
Showing
6 changed files
with
243 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
remote: origin | ||
target-branch: main | ||
chart-dirs: | ||
- charts | ||
helm-extra-args: "--timeout 600s" | ||
validate-chart-schema: false | ||
validate-maintainers: false | ||
validate-yaml: true | ||
exclude-deprecated: true | ||
check-version-increment: false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
|
||
--- | ||
rules: | ||
braces: | ||
min-spaces-inside: 0 | ||
max-spaces-inside: 0 | ||
min-spaces-inside-empty: -1 | ||
max-spaces-inside-empty: -1 | ||
brackets: | ||
min-spaces-inside: 0 | ||
max-spaces-inside: 0 | ||
min-spaces-inside-empty: -1 | ||
max-spaces-inside-empty: -1 | ||
colons: | ||
max-spaces-before: 0 | ||
max-spaces-after: 1 | ||
commas: | ||
max-spaces-before: 0 | ||
min-spaces-after: 1 | ||
max-spaces-after: 1 | ||
comments: | ||
require-starting-space: true | ||
min-spaces-from-content: 1 | ||
document-end: disable | ||
document-start: disable # No --- to start a file | ||
empty-lines: | ||
max: 2 | ||
max-start: 0 | ||
max-end: 0 | ||
hyphens: | ||
max-spaces-after: 1 | ||
indentation: | ||
spaces: consistent | ||
indent-sequences: whatever # - list indentation will handle both indentation and without | ||
check-multi-line-strings: false | ||
key-duplicates: enable | ||
line-length: disable # Lines can be any length | ||
new-line-at-end-of-file: enable | ||
new-lines: | ||
type: unix | ||
trailing-spaces: enable | ||
truthy: | ||
level: warning |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
name: Lint charts | ||
permissions: {} | ||
|
||
on: | ||
pull_request: | ||
branches: [ "main" ] | ||
|
||
concurrency: | ||
group: ${{ github.workflow }}-${{ github.ref }} | ||
cancel-in-progress: true | ||
|
||
jobs: | ||
lint: | ||
runs-on: ubuntu-20.04 | ||
steps: | ||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
with: | ||
fetch-depth: 0 | ||
- uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3 | ||
- name: Linting Chart | ||
run: helm lint ./charts/capsule | ||
- name: Setup Chart Linting | ||
id: lint | ||
uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1 | ||
- name: Run chart-testing (list-changed) | ||
id: list-changed | ||
run: | | ||
changed=$(ct list-changed --config ./.github/configs/ct.yaml) | ||
if [[ -n "$changed" ]]; then | ||
echo "::set-output name=changed::true" | ||
fi | ||
- name: Run chart-testing (lint) | ||
run: ct lint --debug --config ./.github/configs/ct.yaml --lint-conf ./.github/configs/lintconf.yaml | ||
- name: Run docs-testing (helm-docs) | ||
id: helm-docs | ||
run: | | ||
make helm-docs | ||
if [[ $(git diff --stat) != '' ]]; then | ||
echo -e '\033[0;31mDocumentation outdated! (Run make helm-docs locally and commit)\033[0m ❌' | ||
git diff --color | ||
exit 1 | ||
else | ||
echo -e '\033[0;32mDocumentation up to date\033[0m ✔' | ||
fi | ||
- name: Run chart-testing (install) | ||
run: make helm-test | ||
if: steps.list-changed.outputs.changed == 'true' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,81 @@ | ||
name: Publish charts | ||
permissions: read-all | ||
on: | ||
push: | ||
tags: [ "helm-v*" ] | ||
|
||
concurrency: | ||
group: ${{ github.workflow }}-${{ github.ref }} | ||
cancel-in-progress: true | ||
|
||
env: | ||
CHART_NAME: capsule-addon-fluxcd | ||
|
||
jobs: | ||
publish-helm: | ||
# Skip this Release on forks | ||
if: github.repository_owner == 'maxgio92' | ||
runs-on: ubuntu-20.04 | ||
steps: | ||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
- name: "Extract Version" | ||
id: extract_version | ||
run: | | ||
GIT_TAG=${GITHUB_REF##*/} | ||
VERSION=${GIT_TAG##*v} | ||
echo "version=$(echo $VERSION)" >> $GITHUB_OUTPUT | ||
- name: Publish Helm chart | ||
uses: stefanprodan/helm-gh-pages@0ad2bb377311d61ac04ad9eb6f252fb68e207260 # v1.7.0 | ||
with: | ||
token: "${{ secrets.HELM_CHARTS_PUSH_TOKEN }}" | ||
linting: off | ||
chart_version: ${{ steps.extract_version.outputs.version }} | ||
charts_dir: charts | ||
charts_url: https://${{ github.repository_owner }}.github.io/charts | ||
owner: ${{ github.repository_owner }} | ||
repository: charts | ||
branch: gh-pages | ||
commit_username: ${{ github.actor }} | ||
publish-helm-oci: | ||
runs-on: ubuntu-20.04 | ||
permissions: | ||
contents: write | ||
id-token: write | ||
packages: write | ||
outputs: | ||
chart-digest: ${{ steps.helm_publish.outputs.digest }} | ||
steps: | ||
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | ||
- uses: sigstore/cosign-installer@1fc5bd396d372bee37d608f955b336615edf79c8 # v3.2.0 | ||
- name: "Extract Version" | ||
id: extract_version | ||
run: | | ||
GIT_TAG=${GITHUB_REF##*/} | ||
VERSION=${GIT_TAG##*v} | ||
echo "version=$(echo $VERSION)" >> $GITHUB_OUTPUT | ||
- name: Helm | Publish | ||
id: helm_publish | ||
uses: peak-scale/github-actions/helm-oci-chart@38322faabccd75abfa581c435e367d446b6d2c3b # v0.1.0 | ||
with: | ||
registry: ghcr.io | ||
repository: ${{ github.repository_owner }}/charts | ||
name: $CHART_NAME | ||
version: ${{ steps.extract_version.outputs.version }} | ||
registry-username: ${{ github.actor }} | ||
registry-password: ${{ secrets.GITHUB_TOKEN }} | ||
update-dependencies: 'true' # Defaults to false | ||
sign-image: 'true' | ||
signature-repository: ghcr.io/${{ github.repository_owner }}/charts/$CHART_NAME | ||
helm-provenance: | ||
needs: publish-helm-oci | ||
permissions: | ||
id-token: write # To sign the provenance. | ||
packages: write # To upload assets to release. | ||
actions: read # To read the workflow path. | ||
uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected] | ||
with: | ||
image: ghcr.io/${{ github.repository_owner }}/charts/$CHART_NAME | ||
digest: "${{ needs.publish-helm-oci.outputs.chart-digest }}" | ||
registry-username: ${{ github.actor }} | ||
secrets: | ||
registry-password: ${{ secrets.GITHUB_TOKEN }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,5 @@ | ||
SRC_ROOT = $(shell git rev-parse --show-toplevel) | ||
|
||
GINKGO ?= $(shell command -v ginkgo) | ||
GOLANGCI_LINT ?= $(shell command -v golangci-lint) | ||
|
||
|
@@ -11,11 +13,11 @@ lint: golangci-lint | |
|
||
.PHONY: e2e | ||
e2e: ginkgo | ||
@$(GINKGO) -v -tags e2e ./e2e | ||
@$(GINKGO) -v -tags e2e $(SRC_ROOT)/e2e | ||
|
||
.PHONY: e2e/charts | ||
e2e/charts: ginkgo | ||
$(GINKGO) -v -tags e2e ./e2e/charts | ||
@$(GINKGO) -v -tags e2e $(SRC_ROOT)/e2e/charts | ||
|
||
.PHONY: golangci-lint | ||
golangci-lint: | ||
|
@@ -24,3 +26,19 @@ golangci-lint: | |
.PHONY: ginkgo | ||
ginkgo: | ||
@hash ginkgo 2>/dev/null || go install github.com/onsi/ginkgo/v2/[email protected] | ||
|
||
helm-lint: CT_VERSION := v3.3.1 | ||
helm-lint: docker | ||
@docker run -v "$(SRC_ROOT):/workdir" --entrypoint /bin/sh quay.io/helmpack/chart-testing:$(CT_VERSION) -c "cd /workdir; ct lint --config .github/configs/ct.yaml --lint-conf .github/configs/lintconf.yaml --all --debug" | ||
|
||
.PHONY: helm-docs | ||
helm-docs: HELMDOCS_VERSION := v1.12.0 | ||
helm-docs: docker | ||
@docker run -v "$(SRC_ROOT):/helm-docs" jnorwood/helm-docs:$(HELMDOCS_VERSION) --chart-search-root=/helm-docs | ||
|
||
.PHONY: docker | ||
docker: | ||
@hash docker 2>/dev/null || {\ | ||
echo "You need docker" &&\ | ||
exit 1;\ | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
# capsule-addon-fluxcd | ||
|
||
![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.0](https://img.shields.io/badge/AppVersion-0.1.0-informational?style=flat-square) | ||
|
||
A Helm chart for Kubernetes | ||
|
||
## Values | ||
|
||
| Key | Type | Default | Description | | ||
|-----|------|---------|-------------| | ||
| affinity | object | `{}` | | | ||
| fullnameOverride | string | `""` | | | ||
| image.pullPolicy | string | `"IfNotPresent"` | | | ||
| image.repository | string | `"ghcr.io/maxgio92/capsule-addon-fluxcd"` | | | ||
| image.tag | string | `""` | | | ||
| imagePullSecrets | list | `[]` | | | ||
| livenessProbe | object | `{"httpGet":{"path":"/healthz","port":10080}}` | Configure the liveness probe using Deployment probe spec | | ||
| nameOverride | string | `""` | | | ||
| nodeSelector | object | `{}` | | | ||
| options.logLevel | string | `"4"` | Set the log verbosity of the capsule with a value from 1 to 10 | | ||
| podAnnotations | object | `{}` | | | ||
| podSecurityContext | object | `{}` | | | ||
| proxy | object | `{"tls":{"secretKey":"ca","secretName":"capsule-proxy"}}` | - Configure deployments settings related to the Capsule proxy | | ||
| proxy.tls.secretKey | string | `"ca"` | - Set the Secret key that contains the CA certificate of the proxy | | ||
| proxy.tls.secretName | string | `"capsule-proxy"` | - Set the Secret name that contains the CA certificate of the proxy | | ||
| rbac.annotations | object | `{}` | | | ||
| rbac.create | bool | `true` | | | ||
| readinessProbe | object | `{"httpGet":{"path":"/readyz","port":10080}}` | Configure the readiness probe using Deployment probe spec | | ||
| replicaCount | int | `1` | | | ||
| resources | object | `{}` | | | ||
| securityContext.capabilities.drop[0] | string | `"ALL"` | | | ||
| securityContext.readOnlyRootFilesystem | bool | `true` | | | ||
| securityContext.runAsNonRoot | bool | `true` | | | ||
| securityContext.runAsUser | int | `1000` | | | ||
| serviceAccount.annotations | object | `{}` | | | ||
| serviceAccount.create | bool | `true` | | | ||
| serviceAccount.name | string | `""` | | | ||
| tolerations | list | `[]` | | | ||
|
||
---------------------------------------------- | ||
Autogenerated from chart metadata using [helm-docs v1.12.0](https://github.com/norwoodj/helm-docs/releases/v1.12.0) |