name: lint-test-helm on: pull_request: branches: - main paths: - 'clusters/cl01tl/helm/**' push: branches: - main paths: - 'clusters/cl01tl/helm/**' env: CLUSTER: cl01tl BASE_BRANCH: "origin/${{ github.base_ref }}" jobs: lint-helm: runs-on: ubuntu-js steps: - name: Checkout uses: actions/checkout@v6 with: fetch-depth: 0 - name: Check Branch Exists id: check-branch-exists if: github.event_name == 'pull_request' uses: GuillaumeFalourd/branch-exists@v1.1 with: branch: ${{ github.base_ref }} - name: Report Branch Exists id: branch-exists if: github.event_name == 'push' || steps.check-branch-exists.outputs.exists == 'true' && github.event_name == 'pull_request' run: | if [ "${{ github.event_name }}" == "push" ]; then echo ">> Action is from a push event, will continue with linting" else echo ">> Branch ${{ github.base_ref }} exists, will continue with linting" fi echo "" echo "----" echo "exists=true" >> $GITHUB_OUTPUT - name: Set Up Helm if: steps.branch-exists.outputs.exists == 'true' uses: azure/setup-helm@v4 with: token: ${{ secrets.GITEA_TOKEN }} version: v3.19.2 cache: true - name: Cache Helm Dependencies if: steps.branch-exists.outputs.exists == 'true' uses: actions/cache@v5 with: path: | ~/.cache/helm ~/.config/helm key: helm-cache-${{ runner.os }}-${{ hashFiles('infrastructure/clusters/cl01tl/helm/**/Chart.yaml', 'infrastructure/clusters/cl01tl/helm/**/Chart.lock') }} restore-keys: | helm-cache-${{ runner.os }}- - name: Check Directories for Changes id: check-dir-changes if: steps.branch-exists.outputs.exists == 'true' run: | echo ">> Target branch for diff is: ${BASE_BRANCH}" if [ "${{ github.event_name }}" == "pull_request" ]; then DIFF_TARGET="${BASE_BRANCH}" echo "" echo ">> Checking for changes in a pull request ..." else DIFF_TARGET="${{ github.event.before }}..HEAD" echo "" echo ">> Checking for changes from a push ..." fi CHANGED_CHARTS=$(git diff --name-only "${DIFF_TARGET}" | grep -E "^clusters/${CLUSTER}/helm/" | awk -F '/' '{print $4}' | sort -u || true) if [ -n "${CHANGED_CHARTS}" ]; then echo "" echo ">> Chart to Lint:" echo "" echo "${CHANGED_CHARTS}" CHANGED_CHARTS_CSV=$(echo "$CHANGED_CHARTS" | paste -sd ',' -) echo "" echo "----" echo "changes-detected=true" >> $GITHUB_OUTPUT echo "chart-dir-csv=${CHANGED_CHARTS_CSV}" >> $GITHUB_OUTPUT echo "chart-dir<> $GITHUB_OUTPUT echo "${CHANGED_CHARTS}" >> $GITHUB_OUTPUT echo "EOF" >> $GITHUB_OUTPUT else echo "" echo ">> Did not find any helm charts files to lint" echo "" echo "----" echo "changes-detected=false" >> $GITHUB_OUTPUT fi - name: Add Repositories if: steps.check-dir-changes.outputs.changes-detected == 'true' env: CHANGED_CHARTS: ${{ steps.check-dir-changes.outputs.chart-dir }} run: | echo ">> Adding repositories for chart dependencies ..." echo "" for DIR in ${CHANGED_CHARTS}; do helm dependency list --max-col-width 120 clusters/${CLUSTER}/helm/${DIR} 2> /dev/null \ | tail -n +2 \ | awk 'NF > 0 { print $1, $3 }' \ | while read -r REPO_NAME REPO_URL; do if [[ "${REPO_URL}" == oci://* ]]; then echo ">> Ignoring OCI repo: ${REPO_URL}" elif [[ -n "${REPO_NAME}" && -n "${REPO_URL}" ]]; then helm repo add "${REPO_NAME}" "${REPO_URL}" fi done || true done if helm repo list > /dev/null 2>&1; then echo "" echo ">> Update repository cache ..." helm repo update fi echo "" echo "----" - name: Lint Helm Chart if: steps.check-dir-changes.outputs.changes-detected == 'true' env: CHANGED_CHARTS: ${{ steps.check-dir-changes.outputs.chart-dir }} run: | EXIT_CODE=0 echo ">> Running linting on changed charts ..." for DIR in ${CHANGED_CHARTS}; do CHART_PATH="clusters/${CLUSTER}/helm/${DIR}" CHART_NAME=$(basename "${CHART_PATH}") if [ -f "${CHART_PATH}/Chart.yaml" ]; then echo "" echo ">> Building helm dependency for ${CHART_NAME} ..." helm dependency build "${CHART_PATH}" --skip-refresh echo "" echo ">> Linting helm chart ${CHART_NAME} ..." helm lint "${CHART_PATH}" --namespace "default" || EXIT_CODE=1 else echo "" echo ">> Directory ${CHART_PATH} does not contain a Chart.yaml. Skipping ..." fi done echo "" echo "----" exit $EXIT_CODE - name: ntfy Failed uses: niniyas/ntfy-action@master if: failure() with: url: '${{ secrets.NTFY_URL }}' topic: '${{ secrets.NTFY_TOPIC }}' title: 'Helm Test Failure' priority: 3 headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}' tags: action,failed details: "Helm linting for cluster '${CLUSTER}' with charts: ${{ steps.check-dir-changes.outputs.chart-dir-csv }}" icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png' actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/infrastructure/actions?workflow=lint-test-helm.yaml", "clear": true}]' image: true