name: "Charts: Lint" on: workflow_call: inputs: checkoutCommit: required: true type: string chartChangesDetected: required: true type: string jobs: verify-dep-sig: runs-on: ubuntu-latest name: Verify Dependency Signatures container: image: ghcr.io/truecharts/devcontainer:3.1.10@sha256:c239addf725eb5cedf79517f8089fdafdc32b5270d1893ee87ae6e511b9bcae3 steps: - name: Install Kubernetes tools uses: yokawasa/action-setup-kube-tools@af4ebb1af1efd30c5bd84a2e9773355ad6362a33 # v0.9.3 with: setup-tools: | helmv3 helm: "3.8.0" - name: Prep Helm run: | helm repo add truecharts https://charts.truecharts.org helm repo add truecharts-library https://library-charts.truecharts.org helm repo add bitnami https://charts.bitnami.com/bitnami helm repo add prometheus https://prometheus-community.github.io/helm-charts helm repo update - name: Prepare GPG key shell: bash run: | gpg_dir=.cr-gpg mkdir "$gpg_dir" keyring="$gpg_dir/secring.gpg" base64 -d <<< "$GPG_KEYRING_BASE64" > "$keyring" passphrase_file="$gpg_dir/passphrase" echo "$GPG_PASSPHRASE" > "$passphrase_file" echo "CR_PASSPHRASE_FILE=$passphrase_file" >> "$GITHUB_ENV" echo "CR_KEYRING=$keyring" >> "$GITHUB_ENV" env: GPG_KEYRING_BASE64: "${{ secrets.GPG_KEYRING_BASE64 }}" GPG_PASSPHRASE: "${{ secrets.GPG_PASSPHRASE }}" - name: Checkout uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 with: fetch-depth: 0 - name: Setting repo parent dir as safe safe.directory run: git config --global --add safe.directory "$GITHUB_WORKSPACE" - name: Collect changes id: collect-changes uses: ./.github/actions/collect-changes - name: Fetch and Verify dependencies shell: bash if: | steps.collect-changes.outputs.changesDetectedAfterTag == 'true' run: | CHARTS=(${{ steps.collect-changes.outputs.modifiedChartsAfterTag }}) charts_path="charts" for changed in ${CHARTS[@]}; do .github/scripts/fetch_helm_deps.sh "${changed}" done generate-lint-matrix: name: Generate matrix for lint runs-on: ubuntu-latest outputs: matrix1: | { "chart": ${{ steps.list-changed.outputs.charts1 }} } matrix2: | { "chart": ${{ steps.list-changed.outputs.charts2 }} } matrix3: | { "chart": ${{ steps.list-changed.outputs.charts3 }} } matrix4: | { "chart": ${{ steps.list-changed.outputs.charts4 }} } matrix5: | { "chart": ${{ steps.list-changed.outputs.charts5 }} } matrix6: | { "chart": ${{ steps.list-changed.outputs.charts6 }} } detected1: ${{ steps.list-changed.outputs.detected1 }} detected2: ${{ steps.list-changed.outputs.detected2 }} detected3: ${{ steps.list-changed.outputs.detected3 }} detected4: ${{ steps.list-changed.outputs.detected4 }} detected5: ${{ steps.list-changed.outputs.detected5 }} detected6: ${{ steps.list-changed.outputs.detected6 }} steps: - name: Checkout uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 with: fetch-depth: 0 ref: ${{ inputs.checkoutCommit }} - name: Set up chart-testing uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.4.0 - name: Collect changes id: list-changed if: inputs.chartChangesDetected == 'true' shell: bash run: | EXCLUDED=$(yq eval -o=json '.excluded-charts // []' .github/ct-lint.yaml) CHARTS=$(ct list-changed --config .github/ct-lint.yaml) CHARTS_JSON=$(echo "${CHARTS}" | jq -R -s -c 'split("\n")[:-1]') OUTPUT_JSON=$(echo "{\"excluded\": ${EXCLUDED}, \"all\": ${CHARTS_JSON}}" | jq -c '.all-.excluded') OUTPUT_JSON1=$((echo $OUTPUT_JSON | jq -r -c '.[:50]'; echo $OUTPUT_JSON | jq -r -c '.[301:350]'; echo $OUTPUT_JSON | jq -r -c '.[601:650]'; echo $OUTPUT_JSON | jq -r -c '.[901:950]'; echo $OUTPUT_JSON | jq -r -c '.[1201:1250]') | jq -s add) OUTPUT_JSON2=$((echo $OUTPUT_JSON | jq -r -c '.[51:100]'; echo $OUTPUT_JSON | jq -r -c '.[351:400]'; echo $OUTPUT_JSON | jq -r -c '.[651:700]'; echo $OUTPUT_JSON | jq -r -c '.[951:1000]'; echo $OUTPUT_JSON | jq -r -c '.[1251:1300]') | jq -s add) OUTPUT_JSON3=$((echo $OUTPUT_JSON | jq -r -c '.[101:150]'; echo $OUTPUT_JSON | jq -r -c '.[401:450]'; echo $OUTPUT_JSON | jq -r -c '.[701:750]'; echo $OUTPUT_JSON | jq -r -c '.[1001:1050]'; echo $OUTPUT_JSON | jq -r -c '.[1301:1350]') | jq -s add) OUTPUT_JSON4=$((echo $OUTPUT_JSON | jq -r -c '.[151:200]'; echo $OUTPUT_JSON | jq -r -c '.[451:500]'; echo $OUTPUT_JSON | jq -r -c '.[751:800]'; echo $OUTPUT_JSON | jq -r -c '.[1051:1100]'; echo $OUTPUT_JSON | jq -r -c '.[1351:1400]') | jq -s add) OUTPUT_JSON5=$((echo $OUTPUT_JSON | jq -r -c '.[201:250]'; echo $OUTPUT_JSON | jq -r -c '.[501:550]'; echo $OUTPUT_JSON | jq -r -c '.[801:850]'; echo $OUTPUT_JSON | jq -r -c '.[1101:1150]'; echo $OUTPUT_JSON | jq -r -c '.[1401:1450]') | jq -s add) OUTPUT_JSON6=$((echo $OUTPUT_JSON | jq -r -c '.[251:300]'; echo $OUTPUT_JSON | jq -r -c '.[551:600]'; echo $OUTPUT_JSON | jq -r -c '.[851:900]'; echo $OUTPUT_JSON | jq -r -c '.[1151:1200]'; echo $OUTPUT_JSON | jq -r -c '.[1451:1500]') | jq -s add) echo ::set-output name=charts1::${OUTPUT_JSON1} echo ::set-output name=charts2::${OUTPUT_JSON2} echo ::set-output name=charts3::${OUTPUT_JSON3} echo ::set-output name=charts4::${OUTPUT_JSON4} echo ::set-output name=charts5::${OUTPUT_JSON5} echo ::set-output name=charts6::${OUTPUT_JSON6} if [[ $(echo ${OUTPUT_JSON1} | jq -c '. | length') -gt 0 ]]; then echo "::set-output name=detected1::true" fi if [[ $(echo ${OUTPUT_JSON2} | jq -c '. | length') -gt 0 ]]; then echo "::set-output name=detected2::true" fi if [[ $(echo ${OUTPUT_JSON3} | jq -c '. | length') -gt 0 ]]; then echo "::set-output name=detected3::true" fi if [[ $(echo ${OUTPUT_JSON4} | jq -c '. | length') -gt 0 ]]; then echo "::set-output name=detected4::true" fi if [[ $(echo ${OUTPUT_JSON5} | jq -c '. | length') -gt 0 ]]; then echo "::set-output name=detected5::true" fi if [[ $(echo ${OUTPUT_JSON6} | jq -c '. | length') -gt 0 ]]; then echo "::set-output name=detected6::true" fi lint-charts1: needs: - generate-lint-matrix if: needs.generate-lint-matrix.outputs.detected1 == 'true' name: Lint charts Part 1 strategy: matrix: ${{ fromJson(needs.generate-lint-matrix.outputs.matrix1) }} fail-fast: false max-parallel: 10 runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 with: fetch-depth: 0 ref: ${{ inputs.checkoutCommit }} - name: lint Kubernetes tools uses: yokawasa/action-setup-kube-tools@af4ebb1af1efd30c5bd84a2e9773355ad6362a33 # v0.9.3 with: setup-tools: | helmv3 helm: "3.8.0" - uses: actions/setup-python@57ded4d7d5e986d7296eab16560982c6dd7c923b # v4 with: python-version: "3.10" - name: Set up chart-testing uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.4.0 - name: Run chart-testing (lint) run: ct lint --config ".github/ct-lint.yaml" --charts "${{ matrix.chart }}" || ct lint --config ".github/ct-lint.yaml" --charts "${{ matrix.chart }}" lint-charts2: needs: - generate-lint-matrix if: needs.generate-lint-matrix.outputs.detected2 == 'true' name: Lint charts Part 2 strategy: matrix: ${{ fromJson(needs.generate-lint-matrix.outputs.matrix2) }} fail-fast: false max-parallel: 10 runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 with: fetch-depth: 0 ref: ${{ inputs.checkoutCommit }} - name: lint Kubernetes tools uses: yokawasa/action-setup-kube-tools@af4ebb1af1efd30c5bd84a2e9773355ad6362a33 # v0.9.3 with: setup-tools: | helmv3 helm: "3.8.0" - uses: actions/setup-python@57ded4d7d5e986d7296eab16560982c6dd7c923b # v4 with: python-version: "3.10" - name: Set up chart-testing uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.4.0 - name: Run chart-testing (lint) run: ct lint --config ".github/ct-lint.yaml" --charts "${{ matrix.chart }}" || ct lint --config ".github/ct-lint.yaml" --charts "${{ matrix.chart }}" lint-charts3: needs: - generate-lint-matrix if: needs.generate-lint-matrix.outputs.detected3 == 'true' name: Lint charts Part 3 strategy: matrix: ${{ fromJson(needs.generate-lint-matrix.outputs.matrix3) }} fail-fast: false max-parallel: 10 runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 with: fetch-depth: 0 ref: ${{ inputs.checkoutCommit }} - name: lint Kubernetes tools uses: yokawasa/action-setup-kube-tools@af4ebb1af1efd30c5bd84a2e9773355ad6362a33 # v0.9.3 with: setup-tools: | helmv3 helm: "3.8.0" - uses: actions/setup-python@57ded4d7d5e986d7296eab16560982c6dd7c923b # v4 with: python-version: "3.10" - name: Set up chart-testing uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.4.0 - name: Run chart-testing (lint) run: ct lint --config ".github/ct-lint.yaml" --charts "${{ matrix.chart }}" || ct lint --config ".github/ct-lint.yaml" --charts "${{ matrix.chart }}" lint-charts4: needs: - generate-lint-matrix if: needs.generate-lint-matrix.outputs.detected4 == 'true' name: Lint charts Part 4 strategy: matrix: ${{ fromJson(needs.generate-lint-matrix.outputs.matrix4) }} fail-fast: false max-parallel: 10 runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 with: fetch-depth: 0 ref: ${{ inputs.checkoutCommit }} - name: lint Kubernetes tools uses: yokawasa/action-setup-kube-tools@af4ebb1af1efd30c5bd84a2e9773355ad6362a33 # v0.9.3 with: setup-tools: | helmv3 helm: "3.8.0" - uses: actions/setup-python@57ded4d7d5e986d7296eab16560982c6dd7c923b # v4 with: python-version: "3.10" - name: Set up chart-testing uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.4.0 - name: Run chart-testing (lint) run: ct lint --config ".github/ct-lint.yaml" --charts "${{ matrix.chart }}" || ct lint --config ".github/ct-lint.yaml" --charts "${{ matrix.chart }}" lint-charts5: needs: - generate-lint-matrix if: needs.generate-lint-matrix.outputs.detected5 == 'true' name: Lint charts Part 5 strategy: matrix: ${{ fromJson(needs.generate-lint-matrix.outputs.matrix5) }} fail-fast: false max-parallel: 10 runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 with: fetch-depth: 0 ref: ${{ inputs.checkoutCommit }} - name: lint Kubernetes tools uses: yokawasa/action-setup-kube-tools@af4ebb1af1efd30c5bd84a2e9773355ad6362a33 # v0.9.3 with: setup-tools: | helmv3 helm: "3.8.0" - uses: actions/setup-python@57ded4d7d5e986d7296eab16560982c6dd7c923b # v4 with: python-version: "3.10" - name: Set up chart-testing uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.4.0 - name: Run chart-testing (lint) run: ct lint --config ".github/ct-lint.yaml" --charts "${{ matrix.chart }}" || ct lint --config ".github/ct-lint.yaml" --charts "${{ matrix.chart }}" lint-charts6: needs: - generate-lint-matrix if: needs.generate-lint-matrix.outputs.detected6 == 'true' name: Lint charts Part 6 strategy: matrix: ${{ fromJson(needs.generate-lint-matrix.outputs.matrix6) }} fail-fast: false max-parallel: 10 runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 with: fetch-depth: 0 ref: ${{ inputs.checkoutCommit }} - name: lint Kubernetes tools uses: yokawasa/action-setup-kube-tools@af4ebb1af1efd30c5bd84a2e9773355ad6362a33 # v0.9.3 with: setup-tools: | helmv3 helm: "3.8.0" - uses: actions/setup-python@57ded4d7d5e986d7296eab16560982c6dd7c923b # v4 with: python-version: "3.10" - name: Set up chart-testing uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.4.0 - name: Run chart-testing (lint) run: ct lint --config ".github/ct-lint.yaml" --charts "${{ matrix.chart }}" || ct lint --config ".github/ct-lint.yaml" --charts "${{ matrix.chart }}" # Summarize matrix https://github.community/t/status-check-for-a-matrix-jobs/127354/7 lint_success: needs: - generate-lint-matrix - lint-charts1 - lint-charts2 - lint-charts3 - lint-charts4 - lint-charts5 - lint-charts6 if: | always() name: Lint successful runs-on: ubuntu-latest steps: - name: Check lint matrix status run: | res1="${{needs.lint-charts1.result}}" res2="${{needs.lint-charts2.result}}" res3="${{needs.lint-charts3.result}}" res4="${{needs.lint-charts4.result}}" res5="${{needs.lint-charts5.result}}" res6="${{needs.lint-charts6.result}}" if [[ $res1 == "success" || $res1 == "skipped" ]]; then echo "lint tests 1 successfull..." else echo "lint tests 1 error, stopping due to failure..." exit 1 fi if [[ $res2 == "success" || $res2 == "skipped" ]]; then echo "lint tests 2 successfull..." else echo "lint tests 2 error, stopping due to failure..." exit 1 fi if [[ $res3 == "success" || $res3 == "skipped" ]]; then echo "lint tests 3 successfull..." else echo "lint tests 3 error, stopping due to failure..." exit 1 fi if [[ $res4 == "success" || $res4 == "skipped" ]]; then echo "lint tests 4 successfull..." else echo "lint tests 4 error, stopping due to failure..." exit 1 fi if [[ $res5 == "success" || $res5 == "skipped" ]]; then echo "lint tests 5 successfull..." else echo "lint tests 5 error, stopping due to failure..." exit 1 fi if [[ $res6 == "success" || $res6 == "skipped" ]]; then echo "lint tests 6 successfull..." else echo "lint tests 6 error, stopping due to failure..." exit 1 fi - uses: vishnudxb/cancel-workflow@c3c77eb4383ba7d023e6614a07d94fe990501ac6 # tag=v1.2 if: failure() with: repo: truecharts/chart workflow_id: ${{ github.run_id }} access_token: ${{ github.token }}