Remove hardcoded secrets and implement dynamic secret generation #61
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Helm Chart CI/CD Testing | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| pull_request: | |
| branches: [ "main" ] | |
| jobs: | |
| helm-tests: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Helm | |
| uses: azure/setup-helm@v4 | |
| with: | |
| version: '3.18.1' | |
| - name: Lint Helm Charts | |
| run: | | |
| echo "=== Linting sentrius-chart ===" | |
| if helm lint sentrius-chart; then | |
| echo "✅ sentrius-chart linting passed" | |
| else | |
| echo "❌ sentrius-chart linting failed" | |
| echo "::warning::sentrius-chart has linting issues" | |
| fi | |
| echo "=== Linting sentrius-chart-launcher ===" | |
| if helm lint sentrius-chart-launcher; then | |
| echo "✅ sentrius-chart-launcher linting passed" | |
| else | |
| echo "❌ sentrius-chart-launcher linting failed" | |
| exit 1 | |
| fi | |
| - name: Validate Helm Template Rendering | |
| run: | | |
| echo "=== Testing template rendering for sentrius-chart-launcher ===" | |
| helm template test-launcher sentrius-chart-launcher --dry-run | |
| echo "=== Testing template rendering for sentrius-chart with different values ===" | |
| # Test with local environment | |
| helm template test-local sentrius-chart \ | |
| --set environment=local \ | |
| --set ingress.tlsEnabled=false \ | |
| --set tenant=test-local \ | |
| --dry-run || echo "::warning::sentrius-chart template rendering failed" | |
| # Test with GKE environment | |
| helm template test-gke sentrius-chart \ | |
| --set environment=gke \ | |
| --set tenant=test-gke \ | |
| --dry-run || echo "::warning::sentrius-chart template rendering failed" | |
| - name: Test Chart Dependencies | |
| run: | | |
| echo "=== Checking for chart dependencies ===" | |
| for chart in sentrius-chart sentrius-chart-launcher; do | |
| if [ -f "$chart/Chart.yaml" ]; then | |
| echo "Chart: $chart" | |
| if grep -q "dependencies:" "$chart/Chart.yaml"; then | |
| echo " Dependencies found, updating..." | |
| helm dependency update "$chart" | |
| else | |
| echo " No dependencies defined" | |
| fi | |
| fi | |
| done | |
| - name: Schema Validation | |
| run: | | |
| echo "=== Validating Chart.yaml schemas ===" | |
| for chart in sentrius-chart sentrius-chart-launcher; do | |
| echo "Validating $chart/Chart.yaml" | |
| # Basic validation that required fields exist | |
| if ! grep -q "apiVersion:" "$chart/Chart.yaml"; then | |
| echo "❌ Missing apiVersion in $chart/Chart.yaml" | |
| exit 1 | |
| fi | |
| if ! grep -q "name:" "$chart/Chart.yaml"; then | |
| echo "❌ Missing name in $chart/Chart.yaml" | |
| exit 1 | |
| fi | |
| if ! grep -q "version:" "$chart/Chart.yaml"; then | |
| echo "❌ Missing version in $chart/Chart.yaml" | |
| exit 1 | |
| fi | |
| echo "✅ $chart/Chart.yaml has required fields" | |
| done | |
| - name: Test Different Value Configurations | |
| run: | | |
| echo "=== Testing different configurations for sentrius-chart-launcher ===" | |
| # Test with minimal values | |
| helm template test-minimal sentrius-chart-launcher \ | |
| --set tenant=minimal-test \ | |
| --dry-run | |
| # Test with custom values | |
| helm template test-custom sentrius-chart-launcher \ | |
| --set tenant=custom-test \ | |
| --set baseRelease=custom-sentrius \ | |
| --set sentriusNamespace=custom-ns \ | |
| --dry-run | |
| echo "✅ sentrius-chart-launcher configuration tests passed" | |
| build-java: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| cache: maven | |
| - name: Build with Maven | |
| run: mvn -B package --file pom.xml -DskipTests | |
| - name: Run tests with timeout | |
| run: timeout 5m mvn test || echo "::warning::Tests timed out or failed - this is expected for integration tests" | |
| integration-test: | |
| runs-on: ubuntu-latest | |
| needs: [helm-tests, build-java] | |
| if: github.event_name == 'pull_request' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Helm | |
| uses: azure/setup-helm@v4 | |
| with: | |
| version: '3.18.1' | |
| - name: Create kind cluster | |
| uses: helm/kind-action@v1 | |
| with: | |
| cluster_name: sentrius-test | |
| kubectl_version: v1.29.0 | |
| - name: Test Helm Install (Dry Run) | |
| run: | | |
| echo "=== Testing Helm install with kind cluster ===" | |
| # Test sentrius-chart-launcher installation | |
| helm install test-launcher sentrius-chart-launcher \ | |
| --namespace test-launcher \ | |
| --create-namespace \ | |
| --set tenant=test-tenant \ | |
| --set baseRelease=test-sentrius \ | |
| --set sentriusNamespace=test-sentrius \ | |
| --dry-run | |
| echo "✅ Helm dry-run installation test passed" | |
| - name: Validate Kubernetes Resources | |
| run: | | |
| echo "=== Validating generated Kubernetes resources ===" | |
| # Generate manifests and validate them | |
| helm template test-launcher sentrius-chart-launcher \ | |
| --namespace test-launcher \ | |
| --set tenant=test-tenant > /tmp/manifests.yaml | |
| # Check if manifests contain expected resources | |
| if grep -q "kind: Deployment" /tmp/manifests.yaml; then | |
| echo "✅ Deployment resources found" | |
| else | |
| echo "❌ No Deployment resources found" | |
| fi | |
| if grep -q "kind: Service" /tmp/manifests.yaml; then | |
| echo "✅ Service resources found" | |
| else | |
| echo "❌ No Service resources found" | |
| fi | |
| # Validate with kubectl (dry-run) | |
| kubectl apply --dry-run=client -f /tmp/manifests.yaml | |
| echo "✅ Kubernetes resource validation passed" |