From c6adfaa0fe8f09815690bb9052fe5c120389e74f Mon Sep 17 00:00:00 2001
From: ffais <ffais@fbk.eu>
Date: Tue, 29 Oct 2024 09:28:52 +0100
Subject: [PATCH] feat: added action for lint and deploy

Signed-off-by: ffais <ffais@fbk.eu>
---
 .github/linters/ct.yaml                       | 10 ++++
 .github/workflows/build_push_image.yaml       | 55 -----------------
 .github/workflows/lint-test.yaml              | 48 +++++++++++++++
 .github/workflows/release.yaml                | 59 +++++++++++++++++++
 wordpress/Chart.yaml                          |  4 +-
 .../templates/wordpress-plugins-job.yaml      |  4 +-
 6 files changed, 121 insertions(+), 59 deletions(-)
 create mode 100644 .github/linters/ct.yaml
 delete mode 100644 .github/workflows/build_push_image.yaml
 create mode 100644 .github/workflows/lint-test.yaml
 create mode 100644 .github/workflows/release.yaml

diff --git a/.github/linters/ct.yaml b/.github/linters/ct.yaml
new file mode 100644
index 0000000..ef4f360
--- /dev/null
+++ b/.github/linters/ct.yaml
@@ -0,0 +1,10 @@
+# See https://github.com/helm/chart-testing#configuration
+remote: origin
+target-branch: main
+chart-repos:
+  - bitnami=https://charts.bitnami.com/bitnami
+helm-extra-args: --timeout 600s
+
+additional-commands:
+  - sh -ec "if [ -f '{{ .Path }}/ci/lint.sh' ]; then shellcheck '{{ .Path }}/ci/lint.sh'; bash '{{ .Path }}/ci/lint.sh'; fi"
+  # - helm unittest --helm3 --strict --file unittests/*.yaml --file 'unittests/**/*.yaml' {{ .Path }}
diff --git a/.github/workflows/build_push_image.yaml b/.github/workflows/build_push_image.yaml
deleted file mode 100644
index 9a5a0a1..0000000
--- a/.github/workflows/build_push_image.yaml
+++ /dev/null
@@ -1,55 +0,0 @@
-name: build push
-
-on:
-  workflow_dispatch:
-
-env:
-  REGISTRY: ghcr.io
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        version:
-          - healthcheck
-          - redis
-        platform:
-          - linux/amd64
-          - linux/arm/v6
-          - linux/arm/v7
-          - linux/arm64
-    steps:
-      - name: Prepare
-        run: |
-          platform=${{ matrix.platform }}
-          echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV          
-      
-      - name: Log in to the Container registry
-        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Docker meta
-        id: meta
-        uses: docker/metadata-action@v5
-        with:
-          images: ${{ env.REGISTRY_IMAGE }}
-      
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
-      
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-            
-      - name: Build and push by digest
-        id: build
-        uses: docker/build-push-action@v6
-        with:
-          platforms: ${{ matrix.platform }}
-          file: dockerfiles/php-fpm-${{ matrix.version }}-Dockerfile
-          labels: ${{ steps.meta.outputs.labels }}
-          outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true
diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml
new file mode 100644
index 0000000..444c45c
--- /dev/null
+++ b/.github/workflows/lint-test.yaml
@@ -0,0 +1,48 @@
+name: Lint and Test Charts
+
+on: pull_request
+
+jobs:
+  lint-test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Set up Helm
+        uses: azure/setup-helm@v4
+        with:
+          version: v3.16.2
+
+      - uses: actions/setup-python@v5
+        with:
+          python-version: '3.7'
+
+      - name: Set up chart-testing
+        uses: helm/chart-testing-action@v2.6.1
+
+      - name: Run chart-testing (list-changed)
+        id: list-changed
+        run: |
+          changed="$(ct list-changed --config .github/linters/ct.yaml)"
+          if [[ -n "$changed" ]]; then
+            echo "changed=true" >> "$GITHUB_OUTPUT"
+          fi
+
+      # - name: install helm unittest plugin
+      #   if: steps.list-changed.outputs.changed == 'true'
+      #   run: |
+      #     helm env
+      #     helm plugin install https://github.com/quintush/helm-unittest.git --version 0.2.8
+
+      - name: Run chart-testing (lint)
+        run: ct lint --config .github/linters/ct.yaml
+
+      # - name: Create kind cluster
+      #   uses: helm/kind-action@v1.9.0
+      #   if: steps.list-changed.outputs.changed == 'true'
+
+      # - name: Run chart-testing (install)
+      #   run: ct install --config .github/linters/ct.yaml
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
new file mode 100644
index 0000000..c87ccbf
--- /dev/null
+++ b/.github/workflows/release.yaml
@@ -0,0 +1,59 @@
+name: Release Charts
+
+on:
+  push:
+    branches:
+      - main
+jobs:
+  release:
+    permissions:
+      contents: write # to push chart release and create a release (helm/chart-releaser-action)
+      packages: write # needed for ghcr access
+      id-token: write # needed for keyless signing
+
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+
+      - name: Fetch history
+        run: git fetch --prune --unshallow
+
+      - name: Configure Git
+        run: |
+          git config user.name "$GITHUB_ACTOR"
+          git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
+
+      - name: Set up Helm
+        uses: Azure/setup-helm@v4
+        with:
+          version: v3.16.2
+
+      - name: Add dependency chart repos
+        run: |
+          helm repo add bitnami https://charts.bitnami.com/bitnami          
+
+      - name: Run chart-releaser
+        uses: helm/chart-releaser-action@v1.6.0
+        env:
+          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+          CR_GENERATE_RELEASE_NOTES: true
+          CR_SKIP_EXISTING: true
+
+      # see https://github.com/helm/chart-releaser/issues/183
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Push charts to GHCR
+        run: |
+          shopt -s nullglob
+          for pkg in .cr-release-packages/*; do
+            if [ -z "${pkg:-}" ]; then
+              break
+            fi
+            helm push "${pkg}" "oci://ghcr.io/${GITHUB_REPOSITORY_OWNER}/charts"
+          done
diff --git a/wordpress/Chart.yaml b/wordpress/Chart.yaml
index 12a59c8..2f37bf0 100644
--- a/wordpress/Chart.yaml
+++ b/wordpress/Chart.yaml
@@ -1,9 +1,9 @@
 apiVersion: v2
 name: wordpress
-description: A Helm chart for Kubernetes
+description: A Helm chart for Wordpress on Kubernetes with NGINX and PHP-FPM
 type: application
 version: 0.1.0
-appVersion: "1.0.0"
+appVersion: "6.2.2"
 dependencies:
   - name: mariadb
     version: "19.1.0"
diff --git a/wordpress/templates/wordpress-plugins-job.yaml b/wordpress/templates/wordpress-plugins-job.yaml
index 94a95ed..49445e0 100644
--- a/wordpress/templates/wordpress-plugins-job.yaml
+++ b/wordpress/templates/wordpress-plugins-job.yaml
@@ -7,8 +7,8 @@ metadata:
     {{- include "wordpress.labels" (dict "root" . "component" "plugins") | nindent 4 }}
   annotations:
     "helm.sh/hook": post-install,post-upgrade
-    "helm.sh/hook-weight": "-4"
-    "helm.sh/hook-delete-policy": hook-succeeded
+    "helm.sh/hook-weight": "-1"
+    "helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation
 spec:
   template:
     metadata: