From bd9f32e3540663360cf47f04acad26e6010f772e Mon Sep 17 00:00:00 2001 From: Tingluo Huang Date: Mon, 13 Mar 2023 12:44:54 -0400 Subject: [PATCH] Create separate chart validation workflow for gha-* charts. (#2393) Co-authored-by: Nikola Jokic --- .github/workflows/validate-chart.yaml | 4 + .github/workflows/validate-gha-chart.yaml | 134 ++++++++++++++++++ charts/.ci/ct-config-gha.yaml | 9 ++ charts/.ci/ct-config.yaml | 2 - .../ci/ci-values.yaml | 5 + charts/gha-runner-scale-set/ci/ci-values.yaml | 2 +- 6 files changed, 153 insertions(+), 3 deletions(-) create mode 100644 .github/workflows/validate-gha-chart.yaml create mode 100644 charts/.ci/ct-config-gha.yaml create mode 100644 charts/gha-runner-scale-set-controller/ci/ci-values.yaml diff --git a/.github/workflows/validate-chart.yaml b/.github/workflows/validate-chart.yaml index 61ade607..5475649c 100644 --- a/.github/workflows/validate-chart.yaml +++ b/.github/workflows/validate-chart.yaml @@ -9,12 +9,16 @@ on: - '.github/workflows/validate-chart.yaml' - '!charts/actions-runner-controller/docs/**' - '!**.md' + - '!charts/gha-runner-scale-set-controller/**' + - '!charts/gha-runner-scale-set/**' push: paths: - 'charts/**' - '.github/workflows/validate-chart.yaml' - '!charts/actions-runner-controller/docs/**' - '!**.md' + - '!charts/gha-runner-scale-set-controller/**' + - '!charts/gha-runner-scale-set/**' workflow_dispatch: env: KUBE_SCORE_VERSION: 1.10.0 diff --git a/.github/workflows/validate-gha-chart.yaml b/.github/workflows/validate-gha-chart.yaml new file mode 100644 index 00000000..0d54f6e2 --- /dev/null +++ b/.github/workflows/validate-gha-chart.yaml @@ -0,0 +1,134 @@ +name: Validate Helm Chart (gha-runner-scale-set-controller and gha-runner-scale-set) + +on: + pull_request: + branches: + - master + paths: + - 'charts/**' + - '.github/workflows/validate-gha-chart.yaml' + - '!charts/actions-runner-controller/**' + - '!**.md' + push: + paths: + - 'charts/**' + - '.github/workflows/validate-gha-chart.yaml' + - '!charts/actions-runner-controller/**' + - '!**.md' + workflow_dispatch: +env: + KUBE_SCORE_VERSION: 1.16.1 + HELM_VERSION: v3.8.0 + +permissions: + contents: read + +jobs: + validate-chart: + name: Lint Chart + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Set up Helm + # Using https://github.com/Azure/setup-helm/releases/tag/v3.5 + uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 + with: + version: ${{ env.HELM_VERSION }} + + - name: Set up kube-score + run: | + wget https://github.com/zegl/kube-score/releases/download/v${{ env.KUBE_SCORE_VERSION }}/kube-score_${{ env.KUBE_SCORE_VERSION }}_linux_amd64 -O kube-score + chmod 755 kube-score + + - name: Kube-score generated manifests + run: helm template --values charts/.ci/values-kube-score.yaml charts/* | ./kube-score score - + --ignore-test pod-networkpolicy + --ignore-test deployment-has-poddisruptionbudget + --ignore-test deployment-has-host-podantiaffinity + --ignore-test container-security-context + --ignore-test pod-probes + --ignore-test container-image-tag + --enable-optional-test container-security-context-privileged + --enable-optional-test container-security-context-readonlyrootfilesystem + + # python is a requirement for the chart-testing action below (supports yamllint among other tests) + - uses: actions/setup-python@v4 + with: + python-version: '3.7' + + - name: Set up chart-testing + uses: helm/chart-testing-action@v2.3.1 + + - name: Set up latest version chart-testing + run: | + echo 'deb [trusted=yes] https://repo.goreleaser.com/apt/ /' | sudo tee /etc/apt/sources.list.d/goreleaser.list + sudo apt update + sudo apt install goreleaser + git clone https://github.com/helm/chart-testing + cd chart-testing + unset CT_CONFIG_DIR + goreleaser build --clean --skip-validate + ./dist/chart-testing_linux_amd64_v1/ct version + echo 'Adding ct directory to PATH...' + echo "$RUNNER_TEMP/chart-testing/dist/chart-testing_linux_amd64_v1" >> "$GITHUB_PATH" + echo 'Setting CT_CONFIG_DIR...' + echo "CT_CONFIG_DIR=$RUNNER_TEMP/chart-testing/etc" >> "$GITHUB_ENV" + working-directory: ${{ runner.temp }} + + - name: Run chart-testing (list-changed) + id: list-changed + run: | + ct version + changed=$(ct list-changed --config charts/.ci/ct-config-gha.yaml) + if [[ -n "$changed" ]]; then + echo "::set-output name=changed::true" + fi + + - name: Run chart-testing (lint) + run: | + ct lint --config charts/.ci/ct-config-gha.yaml + + - name: Set up docker buildx + uses: docker/setup-buildx-action@v2 + if: steps.list-changed.outputs.changed == 'true' + with: + version: latest + + - name: Build controller image + uses: docker/build-push-action@v3 + if: steps.list-changed.outputs.changed == 'true' + with: + file: Dockerfile + platforms: linux/amd64 + load: true + build-args: | + DOCKER_IMAGE_NAME=test-arc + VERSION=dev + tags: | + test-arc:dev + cache-from: type=gha + cache-to: type=gha,mode=max + + - name: Create kind cluster + uses: helm/kind-action@v1.4.0 + if: steps.list-changed.outputs.changed == 'true' + with: + cluster_name: chart-testing + + - name: Load image into cluster + if: steps.list-changed.outputs.changed == 'true' + run: | + export DOCKER_IMAGE_NAME=test-arc + export VERSION=dev + export IMG_RESULT=load + make docker-buildx + kind load docker-image test-arc:dev --name chart-testing + + - name: Run chart-testing (install) + if: steps.list-changed.outputs.changed == 'true' + run: | + ct install --config charts/.ci/ct-config-gha.yaml diff --git a/charts/.ci/ct-config-gha.yaml b/charts/.ci/ct-config-gha.yaml new file mode 100644 index 00000000..baf8bc43 --- /dev/null +++ b/charts/.ci/ct-config-gha.yaml @@ -0,0 +1,9 @@ +# This file defines the config for "ct" (chart tester) used by the helm linting GitHub workflow +lint-conf: charts/.ci/lint-config.yaml +chart-repos: + - jetstack=https://charts.jetstack.io +check-version-increment: false # Disable checking that the chart version has been bumped +charts: +- charts/gha-runner-scale-set-controller +- charts/gha-runner-scale-set +skip-clean-up: true diff --git a/charts/.ci/ct-config.yaml b/charts/.ci/ct-config.yaml index 64c8d1bb..55ebad54 100644 --- a/charts/.ci/ct-config.yaml +++ b/charts/.ci/ct-config.yaml @@ -5,5 +5,3 @@ chart-repos: check-version-increment: false # Disable checking that the chart version has been bumped charts: - charts/actions-runner-controller -- charts/gha-runner-scale-set-controller -- charts/gha-runner-scale-set \ No newline at end of file diff --git a/charts/gha-runner-scale-set-controller/ci/ci-values.yaml b/charts/gha-runner-scale-set-controller/ci/ci-values.yaml new file mode 100644 index 00000000..e8e80542 --- /dev/null +++ b/charts/gha-runner-scale-set-controller/ci/ci-values.yaml @@ -0,0 +1,5 @@ +# Set the following to dummy values. +# This is only useful in CI +image: + repository: test-arc + tag: dev diff --git a/charts/gha-runner-scale-set/ci/ci-values.yaml b/charts/gha-runner-scale-set/ci/ci-values.yaml index 3497fcab..00b9844e 100644 --- a/charts/gha-runner-scale-set/ci/ci-values.yaml +++ b/charts/gha-runner-scale-set/ci/ci-values.yaml @@ -3,4 +3,4 @@ githubConfigUrl: https://github.com/actions/actions-runner-controller githubConfigSecret: - github_token: test \ No newline at end of file + github_token: test