-
Notifications
You must be signed in to change notification settings - Fork 2
162 lines (150 loc) · 5.45 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
#
# K2HDKC DBaaS Helm Chart
#
# Utility helper tools for Github Actions by AntPickax
#
# Copyright 2022 Yahoo Japan Corporation.
#
# K2HDKC DBaaS is a DataBase as a Service provided by Yahoo! JAPAN
# which is built K2HR3 as a backend and provides services in
# cooperation with Kubernetes.
# The Override configuration for K2HDKC DBaaS serves to connect the
# components that make up the K2HDKC DBaaS. K2HDKC, K2HR3, CHMPX,
# and K2HASH are components provided as AntPickax.
#
# For the full copyright and license information, please view
# the license file that was distributed with this source code.
#
# AUTHOR: Takeshi Nakatani
# CREATE: Fri Jan 21 2021
# REVISION:
#
#----------------------------------------------------------
# Github Actions
#----------------------------------------------------------
name: Helm AntPickax CI
#
# Events
#
on:
push:
pull_request:
#
# CRON event is fire on every sunday(UTC).
#
schedule:
- cron: '0 15 * * 0'
#
# Environments for azure/setup-helm@v3
#
env:
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
#
# Jobs
#
jobs:
Helm_Template_Lint:
runs-on: ubuntu-latest
steps:
#
# Checks-out your repository under ${GITHUB_WORKSPACE}, so your job can access it
#
# [NOTE]
# When using helm/chart-releaser-action, "fetch-depth: 0" is required.
#
- name: Checkout sources
uses: actions/checkout@v4
with:
fetch-depth: "0"
#
# Install latest Helm version
#
- uses: azure/setup-helm@v4
id: install
#
# Check values.yaml
#
- name: CheckValuesYaml
run: |
if grep -i 'CAUTIONS' values.yaml; then
echo "[ERROR] The values.yaml contains CAUTION information."
exit 1
fi
#
# Check scripts by shellcheck
#
- name: ShellCheck
run: |
if command -v shellcheck >/dev/null 2>&1; then
SHELLCHECK_TARGET_DIRS="."
SHELLCHECK_BASE_OPT="--shell=sh"
SHELLCHECK_IGN_OPT="--exclude=SC1117,SC1090,SC1091"
SHELLCHECK_INCLUDE_IGN_OPT="${SHELLCHECK_IGN_OPT},SC2034,SC2148"
SHELLCHECK_EXCEPT_PATHS_CMD="| grep -v '\.sh\.' | grep -v '\.log' | grep -v '/\.git/' | grep -v '\.yaml'"
:
SHELLCHECK_FILES_NO_SH=$(/bin/sh -c "grep -ril '^\#!/bin/sh' ${SHELLCHECK_TARGET_DIRS} | grep -v '\.sh' ${SHELLCHECK_EXCEPT_PATHS_CMD} | tr '\n' ' '")
SHELLCHECK_FILES_SH=$(/bin/sh -c "grep -ril '^\#!/bin/sh' ${SHELLCHECK_TARGET_DIRS} | grep '\.sh' ${SHELLCHECK_EXCEPT_PATHS_CMD} | tr '\n' ' '")
SHELLCHECK_FILES_INCLUDE_SH=$(/bin/sh -c "grep -Lir '^\#!/bin/sh' ${SHELLCHECK_TARGET_DIRS} | grep '\.sh' ${SHELLCHECK_EXCEPT_PATHS_CMD} | tr '\n' ' '")
:
if [ -n "${SHELLCHECK_FILES_NO_SH}" ]; then
LC_ALL=C.UTF-8 shellcheck ${SHELLCHECK_BASE_OPT} ${SHELLCHECK_IGN_OPT} ${SHELLCHECK_FILES_NO_SH}
fi
if [ -n "${SHELLCHECK_FILES_SH}" ]; then
LC_ALL=C.UTF-8 shellcheck ${SHELLCHECK_BASE_OPT} ${SHELLCHECK_IGN_OPT} ${SHELLCHECK_FILES_SH}
fi
if [ -n "${SHELLCHECK_FILES_INCLUDE_SH}" ]; then
LC_ALL=C.UTF-8 shellcheck ${SHELLCHECK_BASE_OPT} ${SHELLCHECK_INCLUDE_IGN_OPT} ${SHELLCHECK_FILES_INCLUDE_SH}
fi
else
echo "ShellCheck is not installed, skip checking by ShellCheck."
fi
#
# Check by helm template
#
- name: Helm template
run: |
REPONAME=$(echo "${GITHUB_REPOSITORY}" | sed -e 's#^.*/##g')
cd "${GITHUB_WORKSPACE}"/..
helm template dummy "${REPONAME}" --set k2hr3.unscopedToken=dummy_token --set k2hr3.clusterName=dummy_k2hr3 | sed -e 's/^# Source:.*$//g' -e 's#image:[[:space:]]*.*/#image: #g' > /tmp/test_template.result
diff /tmp/test_template.result "${GITHUB_WORKSPACE}"/.github/workflows/helm_template.result
#
# Check by helm lint
#
- name: Helm lint
run: |
REPONAME=$(echo "${GITHUB_REPOSITORY}" | sed -e 's#^.*/##g')
cd "${GITHUB_WORKSPACE}"/..
helm lint "${REPONAME}" --set k2hr3.unscopedToken=dummy_token --set k2hr3.clusterName=dummy_k2hr3 | tail -1 > /tmp/test_lint.result
diff /tmp/test_lint.result "${GITHUB_WORKSPACE}"/.github/workflows/helm_lint.result
#
# Set git config
#
- name: Configure Git
run: |
git config user.name "${GITHUB_ACTOR}"
git config user.email "${GITHUB_ACTOR}@users.noreply.github.com"
#
# Release Helm Chart
#
# [NOTE]
# Release tags, asset files, and index.yaml in gh-pages will not be
# updated or created in repositories other than the "yahoojapan"
# organization.
# It means that forked repositories do not run these processes.
# But, you can force to execute these by setting
# "FORCE_PKG_ORG=<your organization name>" to Secret.
#
- name: Check/Publish Helm Chart package
env:
GH_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
RUN_TAGGING_ORG: "${{ secrets.RUN_TAGGING_ORG }}"
run: |
/bin/sh -c "${GITHUB_WORKSPACE}/.github/workflows/helm_packager.sh ${GITHUB_WORKSPACE}/Chart.yaml ${GITHUB_WORKSPACE}/CHANGELOG.md"
#
# Local variables:
# tab-width: 4
# c-basic-offset: 4
# End:
# vim600: expandtab sw=4 ts=4 fdm=marker
# vim<600: expandtab sw=4 ts=4
#