Skip to content

Feature/re generate cert #154

Feature/re generate cert

Feature/re generate cert #154

Workflow file for this run

name: Chart linting
on:
pull_request:
branches:
- main
workflow_dispatch: {}
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
lint:
name: Helm chart linting
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: checkout repo
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
with:
fetch-depth: 0
- name: Install Helm
uses: Azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3
with:
version: v3.9.0
# Python is required because `ct lint` runs Yamale (https://github.com/23andMe/Yamale) and
# yamllint (https://github.com/adrienverge/yamllint) which require Python
- uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4
with:
python-version: 3.11
- name: Install chart-testing
uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.4.0
- name: Chart linting
run: ct lint --config .github/ct-config.yaml
docs:
name: Validate documentation
runs-on: ubuntu-latest
timeout-minutes: 1
steps:
- name: checkout repo
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
with:
fetch-depth: 1
- name: Render documentation
run: make docs
- name: Check git diff
run: |
git update-index -q --ignore-submodules --refresh
if ! git diff-files --quiet --ignore-submodules -- ; then
git diff --raw
echo '::error:: Generating documentation caused a change. Run "make docs"' && exit 1
fi
audit:
name: Polaris auditing
runs-on: ubuntu-latest
timeout-minutes: 2
steps:
- name: checkout repo
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
with:
fetch-depth: 1
- name: Install Helm
uses: Azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3
with:
version: v3.9.0
- name: Setup polaris
uses: fairwindsops/polaris/.github/actions/setup-polaris@master
with:
version: 7.4.1
- name: Polaris audit
run: |
for dir in charts/*; do
echo "::group::Running polaris audit for chart $(basename $dir)"
if [ ! -d "$dir/ci" ]; then
echo "Auditing default values"
polaris audit \
--set-exit-code-below-score 90 \
--format pretty \
--config .github/polaris.yaml \
--helm-chart "$dir"
continue
fi
for file in "$dir"/ci/*.yaml; do
echo "Auditing custom values: $file"
polaris audit \
--set-exit-code-below-score 90 \
--format pretty \
--config .github/polaris.yaml \
--helm-chart "$dir" \
--helm-values "$file"
done
echo "::endgroup::"
done