Add optional k8s role binding to application chart #230
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Lint and Test Charts | |
"on": | |
pull_request: | |
types: | |
- opened | |
- synchronize | |
- reopened | |
branches: | |
- main | |
env: | |
python_version: '3.10' | |
jobs: | |
prep_job: | |
runs-on: ubuntu-latest | |
outputs: | |
has_changes: ${{ steps.changed-files.outputs.any_changed }} | |
matrix: ${{ steps.result.outputs.matrix }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: tj-actions/changed-files@v44 | |
id: changed-files | |
with: | |
files: | | |
**/*.yaml | |
**/*.yml | |
**/*.tpl | |
.github/ | |
files_ignore: | | |
**/.*md | |
.github/CODEOWNERS | |
.github/dependabot.yml | |
- run: | | |
echo "Has changes: ${{ steps.changed-files.outputs.any_changed }}" | |
echo "Changed files: ${{ steps.changed-files.outputs.all_changed_files }}" | |
{ | |
echo "matrix<<EOF" | |
echo '{ "include": [' | |
[[ "${{ steps.changed-files.outputs.any_changed }}" == 'false' ]] && echo '{ "name": "lint" },' | |
echo '{ "name": "k8s-1.30", "kindest_image": "kindest/node:v1.30.0" },' | |
echo '{ "name": "k8s-1.29", "kindest_image": "kindest/node:v1.29.4" },' | |
echo '{ "name": "k8s-1.28", "kindest_image": "kindest/node:v1.28.9" },' | |
echo '{ "name": "k8s-1.27", "kindest_image": "kindest/node:v1.27.13" },' | |
echo '{ "name": "k8s-1.26", "kindest_image": "kindest/node:v1.26.15" },' | |
echo '{ "name": "k8s-1.25", "kindest_image": "kindest/node:v1.25.16" }' | |
echo '] }' | |
echo "EOF" | |
} >> "$GITHUB_OUTPUT" | |
id: result | |
test: | |
runs-on: ubuntu-latest | |
needs: prep_job | |
if: ${{ needs.prep_job.outputs.has_changes == 'true' }} | |
env: | |
# see https://github.com/kubernetes-sigs/kind/releases | |
kind_version: v0.23.0 | |
strategy: | |
matrix: ${{ fromJson(needs.prep_job.outputs.matrix) }} | |
name: ${{ matrix.name }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: azure/setup-helm@v4 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ env.python_version }} | |
- name: Set up chart-testing | |
uses: helm/[email protected] | |
- name: Lint charts | |
run: ct lint --config .github/workflows/conf/ct-lint.yml | |
- uses: helm/kind-action@main | |
with: | |
config: .github/workflows/conf/kind.yml | |
version: ${{ env.kind_version }} | |
node_image: ${{ matrix.kindest_image }} | |
- name: Create chart preconditions | |
run: .github/workflows/scripts/chart-test-prep.sh | |
- name: Chart installation tests | |
run: .github/workflows/scripts/chart-test.sh | |
- name: Debug information on failure | |
run: kubectl describe nodes; echo "=== API Versions ==="; kubectl api-versions; echo "=== CRDs ==="; kubectl get crd | |
if: failure() | |
lint: | |
runs-on: ubuntu-latest | |
needs: prep_job | |
if: ${{ needs.prep_job.outputs.has_changes == 'true' }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ env.python_version }} | |
- name: Run checkov on each test case permutation | |
run: .github/workflows/scripts/checkov-chart-linting.sh | |
skip: | |
runs-on: ubuntu-latest | |
needs: prep_job | |
if: ${{ needs.prep_job.outputs.has_changes == 'false' }} | |
strategy: | |
matrix: ${{ fromJson(needs.prep_job.outputs.matrix) }} | |
name: ${{ matrix.name }} | |
steps: | |
- run: | | |
echo "Skip ${{ matrix.name }} for this pull request because no relevant files have been changed." | |
echo "This is needed to not block the pull request as these are configured as required status check." |