CI/CD Helm tests

.github/helm-docs.sh

@@ -3,7 +3,7 @@
 set -euxo pipefail
 
 # renovate: datasource=github-releases depName=norwoodj/helm-docs
-HELM_DOCS_VERSION="1.4.0"
+HELM_DOCS_VERSION="1.5.0"
 
 # install helm-docs
 curl --silent --show-error --fail --location --output /tmp/helm-docs.tar.gz https://github.com/norwoodj/helm-docs/releases/download/v"${HELM_DOCS_VERSION}"/helm-docs_"${HELM_DOCS_VERSION}"_Linux_x86_64.tar.gz

.github/workflows/chart-test.yml

@@ -26,40 +26,6 @@ on:
     paths:
       - "charts/**"
 
-# jobs:
-#   lint-test:
-#     runs-on: ubuntu-latest
-#     steps:
-#       - name: Checkout
-#         uses: actions/checkout@v2
-
-#       - name: Set up Helm
-#         uses: azure/setup-helm@v1
-#         with:
-#           version: v3.4.0
-
-#       - uses: actions/setup-python@v2
-#         with:
-#           python-version: 3.7
-
-#       - name: Set up chart-testing
-#         uses: helm/chart-testing-action@v2.0.1
-
-#       - name: Run chart-testing (lint)
-#         id: lint
-#         run: ct lint --config .github/ct.yaml
-#         if: steps.list-changed.outputs.changed == 'true'
-
-#       - name: Create kind cluster
-#         uses: helm/kind-action@v1.1.0
-#         if: steps.list-changed.outputs.changed == 'true'
-
-#       - name: Run chart-testing (install)
-#         run: ct install --config .github/ct.yaml
-#         if: steps.list-changed.outputs.changed == 'true'
-
-
-
 jobs:
   # Reference https://github.com/marketplace/actions/helm-chart-testing
   lint-chart:
@@ -75,15 +41,26 @@ jobs:
         id: lint
         uses: helm/chart-testing-action@v2.0.1
         with:
-          command: lint
-          config: .github/ct.yaml
+          version: v3.3.0
+
+      - name: Run chart-testing (list-changed)
+        id: list-changed
+        run: |
+          changed=$(ct list-changed --config .github/ct.yaml)
+          if [[ -n "$changed" ]]; then
+            echo "::set-output name=changed::true"
+          fi
+
+      - name: Run chart-testing (lint)
+        run: ct lint --config .github/ct.yaml
 
   lint-docs:
     runs-on: ubuntu-latest
     needs: lint-chart
     steps:
       - name: Checkout
         uses: actions/checkout@v2.3.4
+
       - name: Run helm-docs
         run: .github/helm-docs.sh
 
@@ -123,23 +100,30 @@ jobs:
       matrix:
         k8s:
           # from https://hub.docker.com/r/kindest/node/tags
-          - v1.16.15
-          - v1.17.11
-          - v1.18.8
-          - v1.19.3
+          - v1.18.15
+          - v1.19.7
+          - v1.20.2
     steps:
       - name: Checkout
         uses: actions/checkout@v2.3.4
         with:
           fetch-depth: 0
 
+      - name: Setup chart-testing
+        uses: helm/chart-testing-action@v2.0.1
+        with:
+          version: v3.3.0
+
       - name: Create kind ${{ matrix.k8s }} cluster
         uses: helm/kind-action@v1.1.0
         with:
           node_image: kindest/node:${{ matrix.k8s }}
 
-      # - name: Run chart-testing (install)
-      #   uses: helm/chart-testing-action@v1.1.0
-      #   with:
-      #     command: install
-      #     config: .github/ct.yaml
+      - name: Deploy kube-prometheus-stack
+        run: |
+          helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
+          helm install my-kube-prometheus-stack prometheus-community/kube-prometheus-stack --version 15.2.1
+          kubectl get crd
+
+      - name: Run chart-testing (install)
+        run: ct install --config .github/ct.yaml

.gitignore

@@ -15,7 +15,7 @@
 
 # OPA
 addons/policies/deprek8ion/
-addons/policies/instrumenta/
+addons/policies/portefaix/
 
 
 # End of https://www.toptal.com/developers/gitignore/api/helm,vscode

Makefile

@@ -1,5 +1,5 @@
-# Copyright (C) 2020-2021 Nicolas Lamirault <nicolas.lamirault@gmail.com>
-
+# Copyright (C) 2021 Nicolas Lamirault <nicolas.lamirault@gmail.com>
+#
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
@@ -33,6 +33,10 @@ init: ## Initialize environment
 	poetry install
 	$(VENV)/bin/pre-commit install
 
+.PHONY: validate
+validate: ## Execute git-hooks
+	@pre-commit run -a
+
 .PHONY: mixins
 mixins: guard-CHART ## Install mixins
 	$(VENV)/bin/python3 ./hack/mixins.py $(CHART)
@@ -50,16 +54,19 @@ mixins: guard-CHART ## Install mixins
 
 .PHONY: helm-doc
 helm-doc: guard-CHART ## Generate documentation
-	cd $(CHART) && helm-docs 
+	@cd $(CHART) && helm-docs 
 
 .PHONY: helm-template
 helm-template: guard-CHART ## Generate manifest
-	helm template $(CHART)
+	@helm template $(CHART)
 
 .PHONY: helm-policy
 helm-policy: guard-CHART guard-POLICY ## Check manifest
-	helm template $(CHART) | conftest test -p $(POLICY) -
+	@helm template $(CHART) | conftest test -p $(POLICY) --all-namespaces -
 
+.PHONY: helm-lint
+helm-lint: guard-CHART ## Lint Helm chart
+	@docker run -it --rm --name ct --volume $$(pwd):/data quay.io/helmpack/chart-testing sh -c "cd /data; ct lint --config .github/ct.yaml"
 
 # ====================================
 # O P A
@@ -70,10 +77,10 @@ helm-policy: guard-CHART guard-POLICY ## Check manifest
 .PHONY: opa-deps
 opa-deps: ## Setup OPA dependencies
 	@echo -e "$(OK_COLOR)[$(APP)] Install OPA policy $(POLICY)$(NO_COLOR)"
-	conftest pull --policy addons/policies/instrumenta github.com/instrumenta/policies.git//kubernetes
-	conftest pull --policy addons/policies/deprek8ion github.com/swade1987/deprek8ion//policies
+	@conftest pull --policy addons/policies/deprek8ion github.com/swade1987/deprek8ion//policies
+	@conftest pull --policy addons/policies/portefaix github.com/portefaix/portefaix-policies//policy
 
 .PHONY: opa-install
 opa-install: guard-NAME guard-URL ## Install OPA policies
 	@echo -e "$(OK_COLOR)[$(APP)] Install OPA policy $(POLICY)$(NO_COLOR)"
-	conftest pull --policy addons/policies/$(NAME) $(URL)
+	@conftest pull --policy addons/policies/$(NAME) $(URL)