Skip to content
Lint and Test Charts

[Application]: add command to container and sidecars and fix security context (again) #299

Sign in to view logs

[Application]: add command to container and sidecars and fix security context (again)

[Application]: add command to container and sidecars and fix security context (again) #299

Workflow file for this run

.github/workflows/pr-chart-lint-and-test.yml at b93accb
name: Lint and Test Charts
"on":
pull_request:
types:
- opened
- synchronize
- reopened
- ready_for_review
branches:
- main
env:
python_version: '3.10'
jobs:
prep_job:
runs-on: ubuntu-latest
outputs:
has_changes: ${{ steps.changed-files.outputs.any_changed }}
matrix: ${{ steps.result.outputs.matrix }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: tj-actions/changed-files@v45
id: changed-files
with:
files: |
**/*.yaml
**/*.yml
**/*.tpl
.github/
files_ignore: |
**/.*md
.github/CODEOWNERS
.github/dependabot.yml
- run: |
echo "Has changes: ${{ steps.changed-files.outputs.any_changed }}"
echo "Changed files: ${{ steps.changed-files.outputs.all_changed_files }}"
{
echo "matrix<<EOF"
echo '{ "include": ['
[[ "${{ steps.changed-files.outputs.any_changed }}" == 'false' ]] && echo '{ "name": "lint" },'
echo '{ "name": "k8s-1.31", "kindest_image": "kindest/node:v1.31.2" },'
echo '{ "name": "k8s-1.30", "kindest_image": "kindest/node:v1.30.6" },'
echo '{ "name": "k8s-1.29", "kindest_image": "kindest/node:v1.29.10" },'
echo '{ "name": "k8s-1.28", "kindest_image": "kindest/node:v1.28.15" },'
echo '{ "name": "k8s-1.27", "kindest_image": "kindest/node:v1.27.16" },'
echo '{ "name": "k8s-1.26", "kindest_image": "kindest/node:v1.26.15" }'
echo '] }'
echo "EOF"
} >> "$GITHUB_OUTPUT"
id: result
test:
runs-on: ubuntu-latest
needs: prep_job
if: ${{ needs.prep_job.outputs.has_changes == 'true' }}
env:
# See https://github.com/kubernetes-sigs/kind/releases
# Check and update the image versions in the prep_job as well when updating this version.
kind_version: v0.25.0
strategy:
matrix: ${{ fromJson(needs.prep_job.outputs.matrix) }}
name: ${{ matrix.name }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: azure/setup-helm@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/setup-python@v5
with:
python-version: ${{ env.python_version }}
- name: Set up chart-testing
uses: helm/[email protected]
- name: Lint charts
run: ct lint --config .github/workflows/conf/ct-lint.yml
- uses: helm/kind-action@main
with:
config: .github/workflows/conf/kind.yml
version: ${{ env.kind_version }}
node_image: ${{ matrix.kindest_image }}
- name: Create chart preconditions
run: .github/workflows/scripts/chart-test-prep.sh
- name: Chart installation tests
run: .github/workflows/scripts/chart-test.sh
- name: Debug information on failure
run: kubectl describe nodes; echo "=== API Versions ==="; kubectl api-versions; echo "=== CRDs ==="; kubectl get crd
if: failure()
lint:
runs-on: ubuntu-latest
needs: prep_job
if: ${{ needs.prep_job.outputs.has_changes == 'true' }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: actions/setup-python@v5
with:
python-version: ${{ env.python_version }}
- name: Run checkov on each test case permutation
run: .github/workflows/scripts/checkov-chart-linting.sh
skip:
runs-on: ubuntu-latest
needs: prep_job
if: ${{ needs.prep_job.outputs.has_changes == 'false' }}
strategy:
matrix: ${{ fromJson(needs.prep_job.outputs.matrix) }}
name: ${{ matrix.name }}
steps:
- run: |
echo "Skip ${{ matrix.name }} for this pull request because no relevant files have been changed."
echo "This is needed to not block the pull request as these are configured as required status check."