public/helm-charts
1
0
Fork 0
mirror of https://github.com/bjw-s-labs/helm-charts.git synced 2025-07-03 08:37:03 +02:00
Code Issues Projects Releases Packages Wiki Activity

ci: Update workflows

Browse source
This commit is contained in:
Bernd Schorgers 2025-05-15 21:45:57 +02:00
parent cd09fe983e
commit 1618705c6d
No known key found for this signature in database
7 changed files with 104 additions and 58 deletions
Download patch file Download diff file Expand all files Collapse all files

9
.github/workflows/chart-release-steps.yaml vendored
View file

@ -63,6 +63,7 @@ jobs:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
path: src
persist-credentials: false
- name: Install Helm
uses: azure/setup-helm@b9e51907a09c216f16ebe8536097933489208112 # v4.3.0
@ -100,9 +101,11 @@ jobs:
- name: Format changelog
id: format-changelog
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
env:
INPUTS_CHANGES: ${{ steps.chart-details.outputs.changes }}
with:
script: |
let input = '${{ steps.chart-details.outputs.changes }}';
let input = process.env.INPUTS_CHANGES ?? '';
let changelog = "## Changelog:";
let inputParsed = JSON.parse(input);
@ -157,6 +160,7 @@ jobs:
with:
path: gh-pages
ref: gh-pages
persist-credentials: false
- name: Copy package to gh-pages structure
id: copy-package
@ -237,6 +241,7 @@ jobs:
CHART_VERSION: ${{ steps.chart-details.outputs.version }}
CHART_TAG_BASE: ghcr.io/bjw-s-labs/helm
CHART_TAG: ${{ steps.chart-details.outputs.name }}:${{ steps.chart-details.outputs.version }}
GITHUB_REF: ${{ github.ref }}
run: |
helm push "${PACKAGE_FILE}" oci://${CHART_TAG_BASE} &> push-metadata.txt
cat push-metadata.txt
@ -244,4 +249,4 @@ jobs:
cosign sign --yes "${CHART_TAG_BASE}/${CHART_TAG}@${CHART_DIGEST}"
cosign verify "${CHART_TAG_BASE}/${CHART_TAG}@${CHART_DIGEST}" \
--certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
--certificate-identity "https://github.com/${{ github.repository }}/.github/workflows/chart-release-steps.yaml@${{ github.ref }}"
--certificate-identity "https://github.com/${{ github.repository }}/.github/workflows/chart-release-steps.yaml@${GITHUB_REF}"

12
.github/workflows/charts-lint.yaml vendored
View file

@ -38,12 +38,14 @@ jobs:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
path: pull
persist-credentials: false
- name: Checkout default branch
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
ref: "${{ github.event.repository.default_branch }}"
path: default
persist-credentials: false
- name: Get chart details for PR
id: chart-details-pr
@ -104,6 +106,8 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Install Kubernetes tools
uses: yokawasa/action-setup-kube-tools@9e25a4277af127b60011c95b6ed2da7e3b3613b1 # v0.11.2
@ -116,7 +120,7 @@ jobs:
uses: helm/chart-testing-action@0d28d3144d3a25ea2cc349d6e59901c4ff469b3b # v2.7.0
- name: Dereference JSON schema
uses: bjw-s/helm-charts-actions/dereference-json-schema@main
uses: bjw-s-labs/helm-charts-actions/dereference-json-schema@5f5c177be4f535e18c145dcbddcf819aab199b47
with:
schemaFile: "charts/${{ matrix.chart }}/values.schema.json"
outputFile: "charts/${{ matrix.chart }}/values.schema.json"
@ -128,13 +132,15 @@ jobs:
working-directory: charts/${{ matrix.chart }}
run: |
yq -i '. |= .dependencies |= map(select(.name == "common" and .repository == "https://bjw-s-labs.github.io/helm-charts").version = ">0.0.0-0")' Chart.yaml
yq -i '. |= .dependencies |= map(select(.name == "common" and .repository == "https://bjw-s-labs.github.io/helm-charts").repository = "file://${{ env.COMMON_LIBRARY_LOCATION }}")' Chart.yaml
yq -i '. |= .dependencies |= map(select(.name == "common" and .repository == "https://bjw-s-labs.github.io/helm-charts").repository = "file://${COMMON_LIBRARY_LOCATION}")' Chart.yaml
echo "::group::Modified Chart.yaml"
cat Chart.yaml
echo "::endgroup::"
- name: Run chart-testing (lint)
run: ct lint --config .ci/ct/ct.yaml --charts "charts/${{ matrix.chart }}"
env:
MATRIX_CHART: ${{ matrix.chart }}
run: ct lint --config .ci/ct/ct.yaml --charts "charts/${MATRIX_CHART}"
lint_success:
needs:

55
.github/workflows/charts-release.yaml vendored
View file

@ -34,7 +34,7 @@ jobs:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
persist-credentials: false
- name: Grab repository configuration
id: repo-config
@ -45,35 +45,35 @@ jobs:
- name: Get changed library charts
id: changed-library-charts
if: ${{ github.event_name != 'workflow_dispatch' }}
uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c # v46.0.5
uses: bjw-s-labs/action-changed-files@b1144fc772fca235a50902c7bb6cc431cc7d8e27 # v0.3.2
with:
matrix: true
path: charts
dir_names: true
dir_names_max_depth: 2
files: |
include_only_directories: true
max_depth: 2
patterns: |
library/**
- name: Get changed charts
- name: Get changed library charts
id: changed-charts
if: ${{ github.event_name != 'workflow_dispatch' }}
uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c # v46.0.5
uses: bjw-s-labs/action-changed-files@b1144fc772fca235a50902c7bb6cc431cc7d8e27 # v0.3.2
with:
matrix: true
path: charts
dir_names: true
dir_names_max_depth: 2
files_ignore: |
library/**
include_only_directories: true
max_depth: 2
patterns: |
!library/**
- name: Get specified charts
id: specified-charts
if: ${{ github.event_name == 'workflow_dispatch' }}
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
env:
INPUTS_CHARTS: ${{ inputs.charts }}
with:
script: |
const fs = require('fs');
let input = '${{ inputs.charts }}';
let input = process.env.INPUTS_CHARTS ?? '[]';
let cwd = process.cwd();
let tmpCharts = []
@ -109,16 +109,33 @@ jobs:
- name: Filter out excluded charts
id: filtered-charts
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
env:
SPECIFIED_LIBRARY_CHARTS: ${{ steps.specified-charts.outputs.libraryChartsToRelease }}
CHANGED_LIBRARY_CHARTS: ${{ steps.changed-library-charts.outputs.changed_files }}
SPECIFIED_CHARTS: ${{ steps.specified-charts.outputs.otherChartsToRelease }}
CHANGED_CHARTS: ${{ steps.changed-charts.outputs.changed_files }}
REPO_SETTINGS: ${{ steps.repo-config.outputs.config }}
with:
script: |
let libraryChartsInput = ${{ github.event_name == 'workflow_dispatch' && steps.specified-charts.outputs.libraryChartsToRelease || steps.changed-library-charts.outputs.all_changed_files }};
let otherChartsInput = ${{ github.event_name == 'workflow_dispatch' && steps.specified-charts.outputs.otherChartsToRelease || steps.changed-charts.outputs.all_changed_files }};
let excludedFromRelease = ${{ steps.repo-config.outputs.config }}['excluded-charts-release'];
const SPECIFIED_LIBRARY_CHARTS = process.env.SPECIFIED_LIBRARY_CHARTS ?? '[]';
const CHANGED_LIBRARY_CHARTS = process.env.CHANGED_LIBRARY_CHARTS ?? '[]';
const SPECIFIED_CHARTS = process.env.SPECIFIED_CHARTS ?? '[]';
const CHANGED_CHARTS = process.env.CHANGED_CHARTS ?? '[]';
const REPO_SETTINGS = process.env.REPO_SETTINGS ?? '{}';
let libraryCharts = libraryChartsInput.filter(item => excludedFromRelease.indexOf(item) < 0);
const eventName = '${{ github.event_name }}';
const repoSettings = JSON.parse(REPO_SETTINGS);
const libraryChartsInput = JSON.parse(eventName === 'workflow_dispatch' ? SPECIFIED_LIBRARY_CHARTS : CHANGED_LIBRARY_CHARTS);
const otherChartsInput = JSON.parse(eventName === 'workflow_dispatch' ? SPECIFIED_CHARTS : CHANGED_CHARTS);
const excludedFromRelease = repoSettings['excluded-charts-release'];
const libraryCharts = libraryChartsInput.filter(item => excludedFromRelease.indexOf(item) < 0);
core.setOutput('libraryChartsToRelease', JSON.stringify(libraryCharts));
let otherCharts = otherChartsInput.filter(item => excludedFromRelease.indexOf(item) < 0);
console.log('Library charts to release:', JSON.stringify(libraryCharts, null, 2));
const otherCharts = otherChartsInput.filter(item => excludedFromRelease.indexOf(item) < 0);
core.setOutput('otherChartsToRelease', JSON.stringify(otherCharts));
console.log('Other charts to release:', JSON.stringify(otherCharts, null, 2));
release-library-charts:
name: Release library charts

22
.github/workflows/charts-test.yaml vendored
View file

@ -31,14 +31,16 @@ jobs:
k8s_version:
[
"v1.29.13",
"v1.30.9",
"v1.31.5",
"v1.32.1",
"v1.30.11",
"v1.31.7",
"v1.32.3",
]
fail-fast: false
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Validate prerequisite folders
working-directory: "charts/${{ matrix.chart }}"
@ -59,8 +61,6 @@ jobs:
kubectl: "${{ matrix.k8s_version }}"
- uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
with:
python-version: "3.13"
- name: Set up chart-testing
uses: helm/chart-testing-action@0d28d3144d3a25ea2cc349d6e59901c4ff469b3b # v2.7.0
@ -75,7 +75,7 @@ jobs:
kubectl taint --all=true nodes node.cloudprovider.kubernetes.io/uninitialized- || true
- name: Dereference JSON schema
uses: bjw-s/helm-charts-actions/dereference-json-schema@main
uses: bjw-s-labs/helm-charts-actions/dereference-json-schema@5f5c177be4f535e18c145dcbddcf819aab199b47
with:
schemaFile: "charts/${{ matrix.chart }}/values.schema.json"
outputFile: "charts/${{ matrix.chart }}/values.schema.json"
@ -87,7 +87,7 @@ jobs:
working-directory: charts/${{ matrix.chart }}
run: |
yq -i '. |= .dependencies |= map(select(.name == "common" and .repository == "https://bjw-s-labs.github.io/helm-charts").version = ">0.0.0-0")' Chart.yaml
yq -i '. |= .dependencies |= map(select(.name == "common" and .repository == "https://bjw-s-labs.github.io/helm-charts").repository = "file://${{ env.COMMON_LIBRARY_LOCATION }}")' Chart.yaml
yq -i '. |= .dependencies |= map(select(.name == "common" and .repository == "https://bjw-s-labs.github.io/helm-charts").repository = "file://${COMMON_LIBRARY_LOCATION}")' Chart.yaml
echo "::group::Modified Chart.yaml"
cat Chart.yaml
echo "::endgroup::"
@ -99,7 +99,7 @@ jobs:
cd "test-chart"
fi
ct install --config "$GITHUB_WORKSPACE/.ci/ct/ct.yaml" --charts .
ct install --config "${GITHUB_WORKSPACE}/.ci/ct/ct.yaml" --charts .
install_success:
needs:
@ -127,6 +127,8 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Validate prerequisite folders
working-directory: "charts/${{ matrix.chart }}"
@ -153,13 +155,15 @@ jobs:
- name: Run tests
working-directory: "charts/${{ matrix.chart }}"
env:
MATRIX_CHART: ${{ matrix.chart }}
run: |
if [[ -d "test-chart" ]]; then
cd "test-chart"
fi
if [[ ! -d "unittests" ]]; then
echo "No unit tests found for chart ${{ matrix.chart }}"
echo "No unit tests found for chart ${MATRIX_CHART}"
exit 0
fi

2
.github/workflows/codeql.yml vendored
View file

@ -39,6 +39,8 @@ jobs:
- name: Checkout
id: checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Initialize CodeQL
id: initialize

23
.github/workflows/docs-release.yaml vendored
View file

@ -23,22 +23,12 @@ jobs:
permissions:
contents: write
steps:
- name: Generate Token
uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6
id: app-token
with:
app-id: ${{ secrets.LAB_ASSISTANT_APP_ID }}
private-key: ${{ secrets.LAB_ASSISTANT_APP_KEY }}
- name: Checkout main branch
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
token: ${{ steps.app-token.outputs.token }}
fetch-depth: 0
persist-credentials: false
- uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
with:
python-version: 3.x
- name: Install requirements
run: pip install -r docs/requirements.txt
@ -46,6 +36,13 @@ jobs:
- name: Build and publish docs
run: mkdocs build -f .ci/mkdocs/mkdocs.yml
- name: Generate Token
uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6
id: app-token
with:
app-id: ${{ secrets.LAB_ASSISTANT_APP_ID }}
private-key: ${{ secrets.LAB_ASSISTANT_APP_KEY }}
- name: Deploy
uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4.0.0
if: ${{ github.ref == 'refs/heads/main' }}
@ -71,14 +68,16 @@ jobs:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
path: src
persist-credentials: false
- name: Checkout gh-pages branch
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
ref: gh-pages
path: gh-pages
persist-credentials: false
- name: Deploy changes to GitHub Pages
- name: Deploy to GitHub Pages
uses: ./src/.github/actions/publish-folder-to-pages
with:
path: gh-pages/

39
.github/workflows/pr-validate.yaml vendored
View file

@ -21,14 +21,14 @@ jobs:
runs-on: ubuntu-24.04
outputs:
repoConfiguration: ${{ steps.repo-config.outputs.config }}
addedOrModifiedFiles: ${{ steps.added-modified-files.outputs.all_changed_files }}
addedOrModifiedFiles: ${{ steps.added-modified-files.outputs.changed_files }}
chartsToLint: ${{ steps.charts-to-lint.outputs.filteredCharts }}
chartsToInstall: ${{ steps.charts-to-install.outputs.filteredCharts }}
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
persist-credentials: false
- name: Grab repository configuration
id: repo-config
@ -38,36 +38,47 @@ jobs:
- name: Get all added or modified files
id: added-modified-files
uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c # v46.0.5
uses: bjw-s-labs/action-changed-files@b1144fc772fca235a50902c7bb6cc431cc7d8e27 # v0.3.2
- name: Get changed charts
- name: Get all added or modified charts
id: changed-charts
uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c # v46.0.5
uses: bjw-s-labs/action-changed-files@b1144fc772fca235a50902c7bb6cc431cc7d8e27 # v0.3.2
with:
matrix: true
path: charts
dir_names: true
dir_names_max_depth: 2
include_only_directories: true
max_depth: 2
- name: Determine charts to lint
id: charts-to-lint
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
env:
CHANGED_CHARTS: ${{ steps.changed-charts.outputs.changed_files }}
REPO_SETTINGS: ${{ steps.repo-config.outputs.config }}
with:
script: |
var changedCharts = ${{ steps.changed-charts.outputs.all_changed_files }};
var chartsToFilter = ${{ toJSON(fromJSON(steps.repo-config.outputs.config).excluded-charts-lint) }};
const { CHANGED_CHARTS, REPO_SETTINGS } = process.env;
const changedCharts = JSON.parse(CHANGED_CHARTS);
const repoSettings = JSON.parse(REPO_SETTINGS);
const chartsToFilter = repoSettings['excluded-charts-lint'];
let filteredCharts = changedCharts.filter(item => chartsToFilter.indexOf(item) < 0);
core.setOutput("filteredCharts", filteredCharts);
console.log('charts to lint:', JSON.stringify(filteredCharts, null, 2));
- name: Determine charts to install
id: charts-to-install
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
env:
CHANGED_CHARTS: ${{ steps.changed-charts.outputs.changed_files }}
REPO_SETTINGS: ${{ steps.repo-config.outputs.config }}
with:
script: |
var changedCharts = ${{ steps.changed-charts.outputs.all_changed_files }};
var chartsToFilter = ${{ toJSON(fromJSON(steps.repo-config.outputs.config).excluded-charts-install) }};
const { CHANGED_CHARTS, REPO_SETTINGS } = process.env;
const changedCharts = JSON.parse(CHANGED_CHARTS);
const repoSettings = JSON.parse(REPO_SETTINGS);
const chartsToFilter = repoSettings['excluded-charts-install'];
let filteredCharts = changedCharts.filter(item => chartsToFilter.indexOf(item) < 0);
core.setOutput("filteredCharts", filteredCharts);
console.log('charts to install:', JSON.stringify(filteredCharts, null, 2));
pre-commit-check:
name: Perform Pre-Commit check
@ -77,11 +88,13 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Run against changes
uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd # v3.0.1
with:
extra_args: --files ${{ needs.prepare.outputs.addedOrModifiedFiles }} --config .ci/pre-commit/config.yaml
extra_args: --files ${{ join(fromJSON(needs.prepare.outputs.addedOrModifiedFiles), ' ') }} --config .ci/pre-commit/config.yaml
charts-lint:
name: Lint charts