mirror of
https://github.com/truecharts/library-charts.git
synced 2026-07-03 08:49:34 -03:00
412 lines
14 KiB
YAML
412 lines
14 KiB
YAML
name: Common Library Tests
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.ref }}
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
pull_request:
|
|
branches:
|
|
- main
|
|
workflow_dispatch:
|
|
|
|
env:
|
|
DATREE_TOKEN: ${{ secrets.DATREE_TOKEN }}
|
|
|
|
jobs:
|
|
lint:
|
|
name: Lint Common
|
|
runs-on: ubuntu-22.04
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
helm-version:
|
|
- v3.11.3
|
|
- v3.12.3
|
|
- v3.14.1
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
|
|
with:
|
|
fetch-depth: 1
|
|
|
|
- name: Install Helm
|
|
uses: azure/setup-helm@b7246b12e77f7134dc2d460a3d5bad15bbe29390 # v4
|
|
with:
|
|
version: ${{ matrix.helm-version }}
|
|
|
|
- uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5
|
|
with:
|
|
python-version: "3.10"
|
|
|
|
- name: Set up chart-testing
|
|
uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1
|
|
|
|
- name: Run chart-testing (lint)
|
|
id: lint
|
|
run: |
|
|
ct lint --config .github/ct-install-config/ct-lint.yaml \
|
|
--lint-conf .github/ct-install-config/lint-conf.yaml \
|
|
--charts library/common-test \
|
|
--debug
|
|
|
|
unittest:
|
|
needs:
|
|
- lint
|
|
name: Unit Tests
|
|
runs-on: ubuntu-22.04
|
|
env:
|
|
helmUnitVersion: 0.4.2
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
helm-version:
|
|
- v3.14.1
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
|
|
with:
|
|
fetch-depth: 1
|
|
|
|
- name: Install Helm
|
|
uses: azure/setup-helm@b7246b12e77f7134dc2d460a3d5bad15bbe29390 # v4
|
|
with:
|
|
version: ${{ matrix.helm-version }}
|
|
|
|
- name: Cache helm plugins
|
|
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4
|
|
with:
|
|
path: |
|
|
/home/runner/.local/share/helm/plugins/helm-unittest
|
|
/tmp/_dist/
|
|
key: helm-${{ matrix.helm-version }}-unittest-v${{ env.helmUnitVersion }}
|
|
restore-keys: |
|
|
helm-${{ matrix.helm-version }}-unittest-v${{ env.helmUnitVersion }}
|
|
|
|
- name: Run Unittests
|
|
shell: bash
|
|
run: |
|
|
(helm unittest -h > /dev/null) || helm plugin install https://github.com/helm-unittest/helm-unittest --version v${helmUnitVersion} || (sleep 10 && helm plugin install https://github.com/helm-unittest/helm-unittest --version v${helmUnitVersion}) || echo "finished unittest reinstall tries"
|
|
|
|
# Run tests
|
|
cd library/common-test/
|
|
helm dependency update
|
|
helm unittest -f "tests/**/*.yaml" . -v ./unit-values.yaml
|
|
|
|
install:
|
|
needs:
|
|
- lint
|
|
name: Install Charts
|
|
runs-on: ubuntu-22.04
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
# We run tests on k3s version of latest SCALE release and SCALE nightly
|
|
k3s-version:
|
|
- v1.26
|
|
- v1.27
|
|
- v1.28
|
|
- v1.29
|
|
# We run tests on Helm version of latest SCALE, fluxcd and latest helm release
|
|
helm-version:
|
|
- v3.11.3
|
|
- v3.12.3
|
|
- v3.14.1
|
|
values:
|
|
- basic-values.yaml
|
|
- configmap-values.yaml
|
|
- secrets-values.yaml
|
|
- imagePullSecret-values.yaml
|
|
- daemonset-values.yaml
|
|
- job-values.yaml
|
|
- cron-values.yaml
|
|
- statefulset-values.yaml
|
|
- persistence-values.yaml
|
|
- extra-containers-values.yaml
|
|
- rbac-values.yaml
|
|
- ingress-values.yaml
|
|
- networkPolicy-values.yaml
|
|
# TODO: broken
|
|
# - codeserver-values.yaml
|
|
- netshoot-values.yaml
|
|
- metrics-values.yaml
|
|
- cnpg-values.yaml
|
|
- cnpg-multi-values.yaml
|
|
- register-operator-values.yaml
|
|
- portal-svc-values.yaml
|
|
- portal-ingress-values.yaml
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
|
|
with:
|
|
fetch-depth: 1
|
|
|
|
- name: Install Helm
|
|
uses: azure/setup-helm@b7246b12e77f7134dc2d460a3d5bad15bbe29390 # v4
|
|
with:
|
|
version: ${{ matrix.helm-version }}
|
|
|
|
- uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5
|
|
with:
|
|
python-version: "3.10"
|
|
|
|
- name: Set up chart-testing
|
|
uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1
|
|
|
|
- name: Create k3d cluster - Attempt 1/3
|
|
continue-on-error: true
|
|
id: createc1
|
|
uses: nolar/setup-k3d-k3s@293b8e5822a20bc0d5bcdd4826f1a665e72aba96 # tag=v1.0.9
|
|
with:
|
|
github-token: ${{ secrets.GITHUB_TOKEN }}
|
|
version: ${{ matrix.k3s-version }}
|
|
# Flags found here https://github.com/k3d-io/k3d
|
|
k3d-args: --k3s-arg --disable=metrics-server@server:*
|
|
|
|
- name: Wait 10 second to retry
|
|
if: steps.createc1.outcome=='failure'
|
|
run: |
|
|
sleep 10
|
|
- name: Create k3d cluster - Attempt 2/3
|
|
continue-on-error: true
|
|
if: steps.createc1.outcome=='failure'
|
|
id: createc2
|
|
uses: nolar/setup-k3d-k3s@293b8e5822a20bc0d5bcdd4826f1a665e72aba96 # tag=v1.0.9
|
|
with:
|
|
github-token: ${{ secrets.GITHUB_TOKEN }}
|
|
version: ${{ matrix.k3s-version }}
|
|
# Flags found here https://github.com/k3d-io/k3d
|
|
k3d-args: --k3s-arg --disable=metrics-server@server:*
|
|
|
|
- name: Wait 10 second to retry
|
|
if: steps.createc2.outcome=='failure'
|
|
run: |
|
|
sleep 10
|
|
- name: Create k3d cluster - Attempt 3/3
|
|
id: createc3
|
|
if: steps.createc2.outcome=='failure'
|
|
uses: nolar/setup-k3d-k3s@293b8e5822a20bc0d5bcdd4826f1a665e72aba96 # tag=v1.0.9
|
|
with:
|
|
github-token: ${{ secrets.GITHUB_TOKEN }}
|
|
version: ${{ matrix.k3s-version }}
|
|
# Flags found here https://github.com/k3d-io/k3d
|
|
k3d-args: --k3s-arg --disable=metrics-server@server:*
|
|
|
|
# Install Kail to grab logs from tests, as there are cases ct-install fail to output logs
|
|
- name: Install Kail
|
|
run: |
|
|
export KAIL_VERSION=v0.16.1
|
|
wget https://github.com/boz/kail/releases/download/${KAIL_VERSION}/kail_${KAIL_VERSION}_linux_amd64.tar.gz
|
|
tar -xvzf kail_${KAIL_VERSION}_linux_amd64.tar.gz
|
|
chmod +x kail
|
|
|
|
|
|
|
|
- name: Add Dependencies
|
|
run: |
|
|
if [[ "${{ matrix.values }}" =~ (ingress|metrics|cnpg).*-values.yaml ]]; then
|
|
helm install prometheus-operator oci://tccr.io/truecharts/prometheus-operator --namespace prometheus-operator --create-namespace --wait
|
|
fi
|
|
if [[ "${{ matrix.values }}" =~ cnpg.*-values.yaml ]]; then
|
|
helm install cloudnative-pg oci://tccr.io/truecharts/cloudnative-pg --namespace cloudnative-pg --create-namespace --wait
|
|
fi
|
|
if [[ "${{ matrix.values }}" =~ ingress.*-values.yaml ]]; then
|
|
helm install cert-manager oci://tccr.io/truecharts/cert-manager --namespace cert-manager --create-namespace --wait
|
|
helm install traefik oci://tccr.io/truecharts/traefik --namespace traefik --create-namespace --wait \
|
|
--set service.main.type=ClusterIP --set service.tcp.type=ClusterIP
|
|
fi
|
|
|
|
- name: Run chart-testing (install)
|
|
run: |
|
|
# Move all ci values on a temp location (or skip if already moved from another matrix job)
|
|
mv library/common-test/ci library/common-test/runtests || echo "Nothing to move"
|
|
|
|
# Move one values.yaml to the correct location to run the test
|
|
mv -f library/common-test/runtests/${{ matrix.values }} library/common-test/values.yaml
|
|
|
|
# Stat kail on the background to grab logs from tests
|
|
./kail --ignore-ns kube-system --ignore-ns cert-manager --ignore-ns metallb-system --ignore-ns prometheus-operator >> /tmp/output.log &
|
|
|
|
# Actually run the test
|
|
ct install --config .github/ct-install-config/ct-install.yaml \
|
|
--charts library/common-test \
|
|
--debug || (echo -e "\n\n--===PODLOGS===--\n\n" && \
|
|
cat /tmp/output.log && \
|
|
rm -f /tmp/output.log && exit 1)
|
|
|
|
kill $!
|
|
echo -e "\n\n--===PODLOGS===--\n\n"
|
|
cat /tmp/output.log
|
|
rm -f /tmp/output.log
|
|
|
|
# security:
|
|
# needs:
|
|
# - lint
|
|
# name: Security Scans
|
|
# runs-on: ubuntu-22.04
|
|
# strategy:
|
|
# fail-fast: false
|
|
# matrix:
|
|
# # We run tests on k3s version of latest SCALE release and SCALE nightly
|
|
# k3s-version:
|
|
# - v1.26
|
|
# - v1.27
|
|
# - v1.28
|
|
# # We run tests on Helm version of latest SCALE release
|
|
# helm-version:
|
|
# - v3.12.3
|
|
# - v3.14.0
|
|
# values:
|
|
# - basic-values.yaml
|
|
# - configmap-values.yaml
|
|
# - secrets-values.yaml
|
|
# - imagePullSecret-values.yaml
|
|
# - daemonset-values.yaml
|
|
# - job-values.yaml
|
|
# - cron-values.yaml
|
|
# - statefulset-values.yaml
|
|
# - persistence-values.yaml
|
|
# - extra-containers-values.yaml
|
|
# - rbac-values.yaml
|
|
# - networkPolicy-values.yaml
|
|
# - register-operator-values.yaml
|
|
# # Runs as root, so test results become obviously red
|
|
# # - codeserver-values.yaml
|
|
# # - netshoot-values.yaml
|
|
#
|
|
#
|
|
# steps:
|
|
# - name: Install Helm
|
|
# uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3
|
|
# with:
|
|
# version: ${{ matrix.helm-version }}
|
|
#
|
|
# - name: Checkout
|
|
# uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
|
|
# with:
|
|
# fetch-depth: 1
|
|
#
|
|
# - name: build helm deps
|
|
# run: |
|
|
# cd library/common-test
|
|
# helm dependency update
|
|
# cd -
|
|
# - name: Add namespace
|
|
# run: |
|
|
# echo "namespace: common-test" >> library/common-test/ci/${{ matrix.values }}
|
|
#
|
|
# - name: Run Security Scan
|
|
# uses: datreeio/action-datree@main
|
|
# with:
|
|
# path: 'library/common-test'
|
|
# cliArguments: '--ignore-missing-schemas --policy CommonBasic'
|
|
# isHelmChart: true
|
|
# helmArguments: '--values library/common-test/ci/${{ matrix.values }}'
|
|
#
|
|
# security-man:
|
|
# needs:
|
|
# - lint
|
|
# name: Security Scans (manifests)
|
|
# runs-on: ubuntu-22.04
|
|
# strategy:
|
|
# fail-fast: false
|
|
# matrix:
|
|
# # We run tests on k3s version of latest SCALE release and SCALE nightly
|
|
# k3s-version:
|
|
# - v1.26
|
|
# - v1.27
|
|
# - v1.28
|
|
# # We run tests on Helm version of latest SCALE release
|
|
# helm-version:
|
|
# - v3.12.3
|
|
# - v3.14.0
|
|
# values:
|
|
# - ingress-values.yaml
|
|
# - metrics-values.yaml
|
|
# # - cnpg-values.yaml
|
|
# # - cnpg-multi-values.yaml
|
|
#
|
|
# steps:
|
|
# - name: Install Helm
|
|
# uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3
|
|
# with:
|
|
# version: ${{ matrix.helm-version }}
|
|
#
|
|
|
|
# - name: Add Dependencies
|
|
# run: |
|
|
# helm install prometheus-operator oci://tccr.io/truecharts/prometheus-operator --namespace prometheus-operator --create-namespace --wait
|
|
# helm install cloudnative-pg oci://tccr.io/truecharts/cloudnative-pg --namespace cloudnative-pg --create-namespace --wait
|
|
# helm install traefik oci://tccr.io/truecharts/traefik --namespace traefik --create-namespace --wait \
|
|
# --set service.main.type=ClusterIP --set service.tcp.type=ClusterIP
|
|
#
|
|
# - name: Checkout
|
|
# uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
|
|
# with:
|
|
# fetch-depth: 1
|
|
#
|
|
# - name: build helm deps
|
|
# run: |
|
|
# cd library/common-test
|
|
# helm dependency update
|
|
# cd -
|
|
#
|
|
# - name: Run Security Scan
|
|
# uses: datreeio/action-datree@main
|
|
# with:
|
|
# path: 'library/common-test'
|
|
# cliArguments: '--ignore-missing-schemas --policy ManifestManager'
|
|
# isHelmChart: true
|
|
# helmArguments: '--values library/common-test/ci/${{ matrix.values }}'
|
|
#
|
|
# security-vpn:
|
|
# needs:
|
|
# - lint
|
|
# name: Security Scans (vpn)
|
|
# runs-on: ubuntu-22.04
|
|
# strategy:
|
|
# fail-fast: false
|
|
# matrix:
|
|
# # We run tests on k3s version of latest SCALE release and SCALE nightly
|
|
# k3s-version:
|
|
# - v1.26
|
|
# - v1.27
|
|
# - v1.28
|
|
# # We run tests on Helm version of latest SCALE release
|
|
# helm-version:
|
|
# - v3.12.3
|
|
# - v3.14.0
|
|
# values:
|
|
# - vpn-gluetun-values.yaml
|
|
# - vpn-tailscale-values.yaml
|
|
# # Is deprecated and runs as root, skipping for now
|
|
# # - vpn-openvpn-values.yaml
|
|
# - vpn-wireguard-values.yaml
|
|
#
|
|
# steps:
|
|
# - name: Install Helm
|
|
# uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3
|
|
# with:
|
|
# version: ${{ matrix.helm-version }}
|
|
#
|
|
# - name: Checkout
|
|
# uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
|
|
# with:
|
|
# fetch-depth: 1
|
|
#
|
|
# - name: build helm deps
|
|
# run: |
|
|
# cd library/common-test
|
|
# helm dependency update
|
|
# cd -
|
|
#
|
|
# - name: Run Security Scan
|
|
# uses: datreeio/action-datree@main
|
|
# with:
|
|
# path: 'library/common-test'
|
|
# cliArguments: '--ignore-missing-schemas --policy WithVPN'
|
|
# isHelmChart: true
|
|
# helmArguments: '--values library/common-test/ci/${{ matrix.values }}'
|