deps: bump golang.org/x/crypto from 0.28.0 to 0.31.0 (#654) #551
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Helm | |
on: | |
push: | |
branches: | |
- master | |
pull_request: | |
branches: | |
- master | |
env: | |
HELM_VERSION: 3.12.1 | |
PYTHON_VERSION: 3.9 | |
TARGET_BRANCH: chart-testing-target-branch | |
TARGET_REMOTE: test | |
jobs: | |
helm-jobs: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Set up Helm | |
uses: azure/setup-helm@v4 | |
with: | |
version: "v${{ env.HELM_VERSION }}" | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ env.PYTHON_VERSION }} | |
check-latest: true | |
# --------------------------------------------------------------- | |
# -- Instead of comparing to the master branch, I'm getting | |
# -- the commit hash set in the previous step from a | |
# -- currently released chart. If it doesn't exists, then | |
# -- I assume that chart is not released and compare to the | |
# -- previous commit | |
# -- | |
# -- Also, I'm setting the RepoURL here. Since we plan to support | |
# -- the official chart in this git repository, the helm | |
# -- repository is expected to belong to this repo as well. | |
# --------------------------------------------------------------- | |
- name: Retrieve the latest commit sha from the helm chart | |
run: | | |
HELM_REPO_URL="https://${GITHUB_REPOSITORY_OWNER}.github.io/${GITHUB_REPOSITORY#*/}" | |
if helm repo add sql-exporter $HELM_REPO_URL | |
then | |
helm repo update | |
echo "TARGET_COMMIT=$(helm show chart sql-exporter/sql-exporter | yq '.annotations.git/commit-sha')" >> "${GITHUB_ENV}" | |
else | |
echo "TARGET_COMMIT=$(git show HEAD^1 --pretty=format:%H --no-patch)" >> "${GITHUB_ENV}" | |
fi | |
# --------------------------------------------------------------- | |
# -- As I could find CT doesn't support testing against commits | |
# -- directly, so I'm creating a new fake remote from a commit | |
# -- and testing the chart against it. This workaround doesn't | |
# -- support maintainers validation, but we have it disabled | |
# -- anyway | |
# --------------------------------------------------------------- | |
- name: Prepare a dummy remote to test the chart | |
run: | | |
DUMMY_REMOTE=$(mktemp -d) | |
git init "${DUMMY_REMOTE}" | |
git remote add "${TARGET_REMOTE}" "${DUMMY_REMOTE}" | |
git checkout -b "${TARGET_BRANCH}" "${TARGET_COMMIT}" | |
git push --set-upstream "${TARGET_REMOTE}" "${TARGET_BRANCH}" | |
git checkout "${GITHUB_SHA}" | |
- name: Set up chart-testing | |
uses: helm/[email protected] | |
- name: Run chart-testing (list-changed) | |
id: list-changed | |
run: | | |
changed=$(ct list-changed --chart-dirs . --target-branch "${TARGET_BRANCH}" --remote "${TARGET_REMOTE}") | |
if [[ -n "$changed" ]]; then | |
echo "changed=true" >> "$GITHUB_OUTPUT" | |
fi | |
- name: Run chart-testing (lint) | |
if: steps.list-changed.outputs.changed == 'true' | |
run: ct lint --target-branch "${TARGET_BRANCH}" --remote "${TARGET_REMOTE}" --validate-maintainers=false --chart-dirs . | |
- name: Setup helmfile | |
if: steps.list-changed.outputs.changed == 'true' | |
uses: mamezou-tech/[email protected] | |
- name: Create kind cluster | |
if: steps.list-changed.outputs.changed == 'true' | |
uses: helm/[email protected] | |
- name: Init postgres server | |
if: steps.list-changed.outputs.changed == 'true' | |
run: | | |
helmfile -f helm/ci/helmfile.yaml sync | |
- name: Run chart-testing (install) | |
if: steps.list-changed.outputs.changed == 'true' | |
run: ct install --target-branch "${TARGET_BRANCH}" --remote "${TARGET_REMOTE}" --chart-dirs . | |
- name: Run chart-testing (upgrade) | |
if: steps.list-changed.outputs.changed == 'true' | |
run: ct install --target-branch "${TARGET_BRANCH}" --remote "${TARGET_REMOTE}" --chart-dirs . --upgrade | |
- name: Configure Git | |
run: | | |
git config user.name "$GITHUB_ACTOR" | |
git config user.email "[email protected]" | |
# --------------------------------------------------------------- | |
# -- On each run we're setting an annotation with the current | |
# -- commit hash, so in case it's released, we will see it | |
# -- running `$ helm show sql-exporter/sql-exporter` | |
# --------------------------------------------------------------- | |
- name: Set the git sha annotations in the helm chart | |
run: yq -i ".annotations.git/commit-sha = \"${GITHUB_SHA}\"" ./helm/Chart.yaml | |
- name: Release charts | |
if: ${{ github.event.repository.default_branch && github.event_name == 'push' }} | |
uses: helm/chart-releaser-action@main | |
with: | |
charts_dir: . | |
mark_as_latest: false | |
packages_with_index: true | |
env: | |
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | |
CR_RELEASE_NAME_TEMPLATE: "chart-{{ .Name }}-{{ .Version }}" |