Skip to content

Commit

Permalink
ci(charts): add linting and publishing jobs
Browse files Browse the repository at this point in the history
Signed-off-by: Massimiliano Giovagnoli <[email protected]>
  • Loading branch information
maxgio92 committed Dec 31, 2023
1 parent 4f8f9a2 commit b818441
Show file tree
Hide file tree
Showing 6 changed files with 248 additions and 2 deletions.
10 changes: 10 additions & 0 deletions .github/configs/ct.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
remote: origin
target-branch: main
chart-dirs:
- charts
helm-extra-args: "--timeout 600s"
validate-chart-schema: false
validate-maintainers: false
validate-yaml: true
exclude-deprecated: true
check-version-increment: false
43 changes: 43 additions & 0 deletions .github/configs/lintconf.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@

---
rules:
braces:
min-spaces-inside: 0
max-spaces-inside: 0
min-spaces-inside-empty: -1
max-spaces-inside-empty: -1
brackets:
min-spaces-inside: 0
max-spaces-inside: 0
min-spaces-inside-empty: -1
max-spaces-inside-empty: -1
colons:
max-spaces-before: 0
max-spaces-after: 1
commas:
max-spaces-before: 0
min-spaces-after: 1
max-spaces-after: 1
comments:
require-starting-space: true
min-spaces-from-content: 1
document-end: disable
document-start: disable # No --- to start a file
empty-lines:
max: 2
max-start: 0
max-end: 0
hyphens:
max-spaces-after: 1
indentation:
spaces: consistent
indent-sequences: whatever # - list indentation will handle both indentation and without
check-multi-line-strings: false
key-duplicates: enable
line-length: disable # Lines can be any length
new-line-at-end-of-file: enable
new-lines:
type: unix
trailing-spaces: enable
truthy:
level: warning
48 changes: 48 additions & 0 deletions .github/workflows/lint-charts.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
name: Lint charts
permissions: {}

on:
pull_request:
branches: [ "main" ]

concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true

jobs:
lint:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 0
- uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3
- name: Linting Chart
run: helm lint ./charts/capsule
- name: Setup Chart Linting
id: lint
uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1
- name: Run chart-testing (list-changed)
id: list-changed
run: |
changed=$(ct list-changed --config ./.github/configs/ct.yaml)
if [[ -n "$changed" ]]; then
echo "::set-output name=changed::true"
fi
- name: Run chart-testing (lint)
run: ct lint --debug --config ./.github/configs/ct.yaml --lint-conf ./.github/configs/lintconf.yaml
- name: Run docs-testing (helm-docs)
id: helm-docs
run: |
make helm-docs
if [[ $(git diff --stat) != '' ]]; then
echo -e '\033[0;31mDocumentation outdated! (Run make helm-docs locally and commit)\033[0m ❌'
git diff --color
exit 1
else
echo -e '\033[0;32mDocumentation up to date\033[0m ✔'
fi
- name: Run chart-testing (install)
run: make helm-test
if: steps.list-changed.outputs.changed == 'true'
86 changes: 86 additions & 0 deletions .github/workflows/publish-charts.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,86 @@
name: Publish charts
permissions: read-all
on:
push:
tags: [ "helm-v*" ]

concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true

env:
CHART_NAME: capsule-addon-fluxcd

jobs:
publish-helm:
# Skip this Release on forks
if: github.repository_owner == 'maxgio92'
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: "Extract Version"
id: extract_version
run: |
GIT_TAG=${GITHUB_REF##*/}
VERSION=${GIT_TAG##*v}
echo "version=$(echo $VERSION)" >> $GITHUB_OUTPUT
- name: Publish Helm chart
uses: stefanprodan/helm-gh-pages@0ad2bb377311d61ac04ad9eb6f252fb68e207260 # v1.7.0
with:
token: "${{ secrets.HELM_CHARTS_PUSH_TOKEN }}"
linting: off
chart_version: ${{ steps.extract_version.outputs.version }}
charts_dir: charts
charts_url: https://${{ github.repository_owner }}.github.io/charts
owner: ${{ github.repository_owner }}
repository: charts
branch: gh-pages
commit_username: ${{ github.actor }}
publish-helm-oci:
runs-on: ubuntu-20.04
permissions:
contents: write
id-token: write
packages: write
outputs:
chart-digest: ${{ steps.helm_publish.outputs.digest }}
chart-name: ${{ steps.helm_publish.outputs.chart_name }}
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: sigstore/cosign-installer@1fc5bd396d372bee37d608f955b336615edf79c8 # v3.2.0
- name: "Extract chart name"
id: extract_chart_name
run: |
echo "chart_name=$(echo $CHART_NAME)" >> $GITHUB_OUTPUT
- name: "Extract Version"
id: extract_version
run: |
GIT_TAG=${GITHUB_REF##*/}
VERSION=${GIT_TAG##*v}
echo "version=$(echo $VERSION)" >> $GITHUB_OUTPUT
- name: Helm | Publish
id: helm_publish
uses: peak-scale/github-actions/helm-oci-chart@38322faabccd75abfa581c435e367d446b6d2c3b # v0.1.0
with:
registry: ghcr.io
repository: ${{ github.repository_owner }}/charts
name: $CHART_NAME
version: ${{ steps.extract_version.outputs.version }}
registry-username: ${{ github.actor }}
registry-password: ${{ secrets.GITHUB_TOKEN }}
update-dependencies: 'true' # Defaults to false
sign-image: 'true'
signature-repository: ghcr.io/${{ github.repository_owner }}/charts/${{ env.CHART_NAME }}
helm-provenance:
needs: publish-helm-oci
permissions:
id-token: write # To sign the provenance.
packages: write # To upload assets to release.
actions: read # To read the workflow path.
uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected]
with:
image: ghcr.io/${{ github.repository_owner }}/charts/${{ needs.publish-helm-oci.outputs.chart-name }}
digest: "${{ needs.publish-helm-oci.outputs.chart-digest }}"
registry-username: ${{ github.actor }}
secrets:
registry-password: ${{ secrets.GITHUB_TOKEN }}
22 changes: 20 additions & 2 deletions Makefile
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
SRC_ROOT = $(shell git rev-parse --show-toplevel)

GINKGO ?= $(shell command -v ginkgo)
GOLANGCI_LINT ?= $(shell command -v golangci-lint)

Expand All @@ -11,11 +13,11 @@ lint: golangci-lint

.PHONY: e2e
e2e: ginkgo
@$(GINKGO) -v -tags e2e ./e2e
@$(GINKGO) -v -tags e2e $(SRC_ROOT)/e2e

.PHONY: e2e/charts
e2e/charts: ginkgo
$(GINKGO) -v -tags e2e ./e2e/charts
@$(GINKGO) -v -tags e2e $(SRC_ROOT)/e2e/charts

.PHONY: golangci-lint
golangci-lint:
Expand All @@ -24,3 +26,19 @@ golangci-lint:
.PHONY: ginkgo
ginkgo:
@hash ginkgo 2>/dev/null || go install github.com/onsi/ginkgo/v2/[email protected]

helm-lint: CT_VERSION := v3.3.1
helm-lint: docker
@docker run -v "$(SRC_ROOT):/workdir" --entrypoint /bin/sh quay.io/helmpack/chart-testing:$(CT_VERSION) -c "cd /workdir; ct lint --config .github/configs/ct.yaml --lint-conf .github/configs/lintconf.yaml --all --debug"

.PHONY: helm-docs
helm-docs: HELMDOCS_VERSION := v1.12.0
helm-docs: docker
@docker run -v "$(SRC_ROOT):/helm-docs" jnorwood/helm-docs:$(HELMDOCS_VERSION) --chart-search-root=/helm-docs

.PHONY: docker
docker:
@hash docker 2>/dev/null || {\
echo "You need docker" &&\
exit 1;\
}
41 changes: 41 additions & 0 deletions charts/capsule-addon-fluxcd/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
# capsule-addon-fluxcd

![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.0](https://img.shields.io/badge/AppVersion-0.1.0-informational?style=flat-square)

A Helm chart for Kubernetes

## Values

| Key | Type | Default | Description |
|-----|------|---------|-------------|
| affinity | object | `{}` | |
| fullnameOverride | string | `""` | |
| image.pullPolicy | string | `"IfNotPresent"` | |
| image.repository | string | `"ghcr.io/maxgio92/capsule-addon-fluxcd"` | |
| image.tag | string | `""` | |
| imagePullSecrets | list | `[]` | |
| livenessProbe | object | `{"httpGet":{"path":"/healthz","port":10080}}` | Configure the liveness probe using Deployment probe spec |
| nameOverride | string | `""` | |
| nodeSelector | object | `{}` | |
| options.logLevel | string | `"4"` | Set the log verbosity of the capsule with a value from 1 to 10 |
| podAnnotations | object | `{}` | |
| podSecurityContext | object | `{}` | |
| proxy | object | `{"tls":{"secretKey":"ca","secretName":"capsule-proxy"}}` | - Configure deployments settings related to the Capsule proxy |
| proxy.tls.secretKey | string | `"ca"` | - Set the Secret key that contains the CA certificate of the proxy |
| proxy.tls.secretName | string | `"capsule-proxy"` | - Set the Secret name that contains the CA certificate of the proxy |
| rbac.annotations | object | `{}` | |
| rbac.create | bool | `true` | |
| readinessProbe | object | `{"httpGet":{"path":"/readyz","port":10080}}` | Configure the readiness probe using Deployment probe spec |
| replicaCount | int | `1` | |
| resources | object | `{}` | |
| securityContext.capabilities.drop[0] | string | `"ALL"` | |
| securityContext.readOnlyRootFilesystem | bool | `true` | |
| securityContext.runAsNonRoot | bool | `true` | |
| securityContext.runAsUser | int | `1000` | |
| serviceAccount.annotations | object | `{}` | |
| serviceAccount.create | bool | `true` | |
| serviceAccount.name | string | `""` | |
| tolerations | list | `[]` | |

----------------------------------------------
Autogenerated from chart metadata using [helm-docs v1.12.0](https://github.com/norwoodj/helm-docs/releases/v1.12.0)

0 comments on commit b818441

Please sign in to comment.