Skip to content

add security context, update the app version and image tag #149

add security context, update the app version and image tag

add security context, update the app version and image tag #149

Workflow file for this run

name: Lint and Test Charts
on:
pull_request:
workflow_dispatch:
jobs:
lint-test:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Fetch history
run: git fetch --prune --unshallow
- name: Set up Helm
uses: azure/setup-helm@v3
with:
version: 'v3.4.0'
- uses: actions/setup-python@v5
with:
python-version: 3.7
- name: Set up chart-testing
uses: helm/[email protected]
- name: Set up nix
uses: cachix/install-nix-action@v24
with:
nix_path: nixpkgs=channel:nixos-unstable
- name: Set up nix store cache
uses: actions/cache@v3
with:
path: /tmp/nix-closure
# Build inputs are:
# - shell.nix
# - nix/ directory
key: nix-store-${{ hashFiles('default.nix', 'nix') }}
restore-keys: |
nix-store-${{ hashFiles('default.nix', 'nix') }}-
nix-store-
- name: Loads nix derivation cache
id: load-cache
run: |
if [[ -f /tmp/nix-closure/nix-shell.closure ]]; then
nix-store --import --option require-sigs false < /tmp/nix-closure/nix-shell.closure
echo "use-cache=true" >> $GITHUB_OUTPUT
fi
- run: |
nix-env -f '<nixpkgs>' -iA pkgs.direnv
nix-build
nix-shell --run "direnv allow"
- name: Store nix derivation cache
run: |
DERIVATION=$(readlink result)
echo $DERIVATION
mkdir -p /tmp/nix-closure
nix-store --export $(nix-store -qR ${DERIVATION}) > /tmp/nix-closure/nix-shell.closure
- name: Run chart-testing (list-changed)
id: list-changed
shell: direnv exec . bash -eo pipefail {0}
run: |
changed=$(ct list-changed)
if [[ -n "$changed" ]]; then
echo "use-cache=true" >> $GITHUB_OUTPUT
fi
- name: Run chart-testing (lint)
id: lint
shell: direnv exec . bash -eo pipefail {0}
run: ct lint
- name: Create kind cluster
uses: helm/[email protected]
with:
node_image: "kindest/node:v1.29.0"
# Only build a kind cluster if there are chart changes to test.
if: steps.list-changed.outputs.changed == 'true'
- name: Run chart-testing (install)
if: steps.list-changed.outputs.changed == 'true'
shell: direnv exec . bash -eo pipefail {0}
run: |
unset KUBECONFIG
ct install