feat: add ci for building charts

.github/ct.yaml

@@ -0,0 +1,5 @@
+helm-extra-args: --timeout 600s
+check-version-increment: false
+debug: true
+chart-repos: bitnami=https://charts.bitnami.com/bitnami
+target-branch: main

.github/helm-docs.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+
+mkdir ./.bin
+export PATH="./.bin:$PATH"
+
+set -euxo pipefail
+
+# renovate: datasource=github-releases depName=helm-docs lookupName=norwoodj/helm-docs
+HELM_DOCS_VERSION=1.10.0
+
+# install helm-docs
+curl --silent --show-error --fail --location --output /tmp/helm-docs.tar.gz https://github.com/norwoodj/helm-docs/releases/download/v"${HELM_DOCS_VERSION}"/helm-docs_"${HELM_DOCS_VERSION}"_Linux_x86_64.tar.gz
+tar -C .bin/ -xf /tmp/helm-docs.tar.gz helm-docs
+
+# validate docs
+helm-docs
+git diff --exit-code

.github/kubeval.sh

@@ -0,0 +1,48 @@
+#!/bin/bash
+
+mkdir ./.bin
+export PATH="./.bin:$PATH"
+
+set -euxo pipefail
+
+# renovate: datasource=github-releases depName=kubeval lookupName=instrumenta/kubeval
+KUBEVAL_VERSION=v0.16.1
+
+# renovate: datasource=github-releases depName=semver2 lookupName=Ariel-Rodriguez/sh-semversion-2
+SEMVER_VERSION=1.0.3
+
+CHART_DIRS="$(git diff --find-renames --name-only "$(git rev-parse --abbrev-ref HEAD)" remotes/origin/main -- charts | cut -d '/' -f 2 | uniq)"
+SCHEMA_LOCATION="https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/"
+
+# install kubeval
+curl --silent --show-error --fail --location --output /tmp/kubeval.tar.gz https://github.com/instrumenta/kubeval/releases/download/"${KUBEVAL_VERSION}"/kubeval-linux-amd64.tar.gz
+tar -C .bin/ -xf /tmp/kubeval.tar.gz kubeval
+
+# install semver compare
+curl -sSfLo .bin/semver2 https://raw.githubusercontent.com/Ariel-Rodriguez/sh-semversion-2/${SEMVER_VERSION}/semver2.sh
+chmod +x .bin/semver2
+
+# add helm repos
+helm repo add bitnami https://charts.bitnami.com/bitnami
+
+# Compute required kubernetes api versions
+apis=''
+
+if [[ "$(semver2 ${KUBERNETES_VERSION#v} 1.21.0)" -ge 0 ]]; then
+  apis="${apis} --api-versions batch/v1/CronJob"
+else
+  apis="${apis} --api-versions batch/v1beta1/CronJob"
+fi
+
+# validate charts
+for CHART_DIR in ${CHART_DIRS}; do
+  (cd charts/${CHART_DIR}; helm dependency build)
+  helm template \
+    $apis \
+    --values charts/"${CHART_DIR}"/ci/ci-values.yaml \
+    charts/"${CHART_DIR}" | kubeval \
+      --strict \
+      --ignore-missing-schemas \
+      --kubernetes-version "${KUBERNETES_VERSION#v}" \
+      --schema-location "${SCHEMA_LOCATION}"
+done

.github/workflows/ci.yaml

@@ -0,0 +1,112 @@
+name: Lint and Test Charts
+
+on:
+  push:
+    branches:
+      - main
+      - "rewired/**"
+  pull_request:
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.number || github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  lint-chart:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3.0.2
+        with:
+          fetch-depth: 0
+
+      - name: Install Helm
+        uses: azure/setup-helm@v1
+        with:
+          version: v3.7.2 # renovate: datasource=github-releases depName=helm lookupName=helm/helm
+
+      - uses: actions/setup-python@98f2ad02fd48d057ee3b4d4f66525b231c3e52b6 # tag=v3.1.2
+        with:
+          python-version: 3.7
+
+      - name: Install chart-testing
+        uses: helm/chart-testing-action@dae259e86a35ff09145c0805e2d7dd3f7207064a # tag=v2.2.1
+        with:
+          version: v3.4.0 # renovate: datasource=github-releases depName=chart-testing lookupName=helm/chart-testing
+
+      - name: Run lint
+        run: ct lint --config .github/ct.yaml
+
+  lint-docs:
+    runs-on: ubuntu-latest
+    needs: lint-chart
+    steps:
+      - name: Checkout
+        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3.0.2
+      - name: Run helm-docs
+        run: .github/helm-docs.sh
+
+  kubeval-chart:
+    runs-on: ubuntu-latest
+    needs:
+      - lint-chart
+      - lint-docs
+    strategy:
+      matrix:
+        k8s:
+          # from https://github.com/yannh/kubernetes-json-schema
+          - v1.18.20
+          - v1.19.16
+          - v1.20.13
+          - v1.21.7
+          - v1.22.4
+          - v1.23.0
+    steps:
+      - name: Checkout
+        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3.0.2
+        with:
+          fetch-depth: 0
+
+      - name: Run kubeval
+        env:
+          KUBERNETES_VERSION: ${{ matrix.k8s }}
+        run: .github/kubeval.sh
+
+  install-chart:
+    name: install-chart
+    runs-on: ubuntu-latest
+    if: false
+    # if: ${{ github.event_name != 'pull_request' || github.repository_owner != github.event.pull_request.head.repo.owner.login || !startsWith(github.event.pull_request.head.ref, 'renovate/') }}
+    needs:
+      - lint-chart
+      - lint-docs
+      - kubeval-chart
+    strategy:
+      matrix:
+        k8s:
+          # from https://hub.docker.com/r/kindest/node/tags
+          - v1.24.1 # renovate: kindest
+          - v1.19.11 # renovate: kindest
+          - v1.24.1 # renovate: kindest
+          - v1.21.2 # renovate: kindest
+          - v1.24.1 # renovate: kindest
+          - v1.23.0 # renovate: kindest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3.0.2
+        with:
+          fetch-depth: 0
+
+      - name: Create kind ${{ matrix.k8s }} cluster
+        uses: helm/kind-action@94729529f85113b88f4f819c17ce61382e6d8478 # renovate: tag=v1.2.0
+        with:
+          node_image: kindest/node:${{ matrix.k8s }}
+          version: v0.11.1 # renovate: datasource=github-releases depName=kind lookupName=kubernetes-sigs/kind
+
+      - name: Install chart-testing
+        uses: helm/chart-testing-action@dae259e86a35ff09145c0805e2d7dd3f7207064a # tag=v2.2.1
+        with:
+          version: v3.4.0 # renovate: datasource=github-releases depName=chart-testing lookupName=helm/chart-testing
+
+      - name: Run chart install
+        run: ct install --config .github/ct.yaml

.github/workflows/release.yaml

@@ -0,0 +1,44 @@
+name: Release Charts
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - "charts/**"
+
+  workflow_dispatch:
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # tag=v3.0.2
+        with:
+          fetch-depth: 0
+
+      - name: Configure Git
+        run: |
+          git config user.name "$GITHUB_ACTOR"
+          git config user.email "[email protected]"
+      - name: Install Helm
+        uses: azure/setup-helm@v1
+        with:
+          version: v3.7.2 # renovate: datasource=github-releases depName=helm lookupName=helm/helm
+
+      - name: Add external Helm repos
+        run: helm repo add bitnami https://charts.bitnami.com/bitnami
+
+      - name: Build chart dependencies
+        run: |
+          for dir in charts/*/
+          do
+              (cd ${dir}; helm dependency build)
+          done
+      - name: Run chart-releaser
+        uses: helm/chart-releaser-action@a3454e46a6f5ac4811069a381e646961dda2e1bf # tag=v1.4.0
+        with:
+          version: v1.3.0 # renovate: datasource=github-releases depName=chart-releaser lookupName=helm/chart-releaser
+        env:
+          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"