Skip to content

Commit 1919ac9

Browse files
stevehipwellstevehipwell
committed
feat: Add kubeconform cache
Signed-off-by: Steve Hipwell <steve.hipwell@gmail.com>
1 parent 36888a1 commit 1919ac9

File tree

12 files changed

+206
-93
lines changed

12 files changed

+206
-93
lines changed

.github/workflows/_changelog.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ permissions: read-all
1010
jobs:
1111
workflow:
1212
name: Workflow
13-
uses: action-stars/generic-workflows/.github/workflows/dependabot-changelog.yaml@8888aa6d53a92233d4c6f60b726ec5bccde90ed3 # v0.7.4
13+
uses: action-stars/generic-workflows/.github/workflows/dependabot-changelog.yaml@d957d704303a8454282dc346eb7de9254376919c # v0.8.0
1414
permissions:
1515
contents: read
1616
id-token: write

.github/workflows/_release.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,6 @@ on:
88
jobs:
99
workflow:
1010
name: Workflow
11-
uses: action-stars/generic-workflows/.github/workflows/release.yaml@8888aa6d53a92233d4c6f60b726ec5bccde90ed3 # v0.7.4
11+
uses: action-stars/generic-workflows/.github/workflows/release.yaml@d957d704303a8454282dc346eb7de9254376919c # v0.8.0
1212
permissions:
1313
contents: write

.github/workflows/_validate.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -17,9 +17,9 @@ permissions: read-all
1717
jobs:
1818
workflow:
1919
name: Workflow
20-
uses: action-stars/generic-workflows/.github/workflows/validate-gh-workflows.yaml@8888aa6d53a92233d4c6f60b726ec5bccde90ed3 # v0.7.4
20+
uses: action-stars/generic-workflows/.github/workflows/validate-gh-workflows.yaml@d957d704303a8454282dc346eb7de9254376919c # v0.8.0
2121
with:
2222
auto_doc: true
23-
markdownlint: true
2423
shellcheck: true
2524
yamlfmt: true
25+
rumdl: true

.github/workflows/release.yaml

Lines changed: 69 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -98,22 +98,23 @@ jobs:
9898

9999
- name: Check for Helm charts to release
100100
id: charts
101+
env:
102+
INPUT_CHART_DIR: ${{ inputs.chart_dir }}
103+
INPUT_RELEASE_NAME_VERSION_PREFIX: ${{ inputs.release_name_version_prefix }}
101104
run: |
102105
set -euo pipefail
103106
104-
release_name_version_prefix="${{ inputs.release_name_version_prefix }}"
105-
106107
release_charts=""
107108
108-
for chart_dir in ./${{ inputs.chart_dir }}/*
109+
for chart_dir in "./${INPUT_CHART_DIR}"/*
109110
do
110111
if [[ -d "${chart_dir}" ]]
111112
then
112113
chart="$(basename "${chart_dir}")"
113114
released_version="$(git tag -l --sort version:refname "${chart}-*" | tail -n 1 | grep -Eo '[0-9]+\.[0-9]+\.[0-9]+' || true)"
114-
current_version="$(yq eval '.version' "./${{ inputs.chart_dir }}/${chart}/Chart.yaml")"
115+
current_version="$(yq eval '.version' "./${INPUT_CHART_DIR}/${chart}/Chart.yaml")"
115116
116-
if [[ "${current_version}" != "${released_version}" ]] && [[ -z "$(git tag -l "${chart}-${release_name_version_prefix}${current_version}")" ]]
117+
if [[ "${current_version}" != "${released_version}" ]] && [[ -z "$(git tag -l "${chart}-${INPUT_RELEASE_NAME_VERSION_PREFIX}${current_version}")" ]]
117118
then
118119
echo "Chart: ${chart}, Released version: ${released_version}, Current version: ${current_version}"
119120
release_charts="${release_charts}${chart},"
@@ -142,7 +143,7 @@ jobs:
142143
run:
143144
shell: bash
144145
needs: check
145-
if: ${{ needs.check.outputs.release == 'true' }}
146+
if: needs.check.outputs.release == 'true'
146147
strategy:
147148
max-parallel: 1
148149
matrix:
@@ -178,7 +179,7 @@ jobs:
178179

179180
- name: Install Artifact Hub CLI
180181
uses: action-stars/install-tool-from-github-release@1fa61c3bea52eca3bcdb1f5c961a3b113fe7fa54 # v0.2.6
181-
if: ${{ inputs.ah_lint }}
182+
if: inputs.ah_lint
182183
with:
183184
github_token: ${{ github.token }}
184185
owner: artifacthub
@@ -193,12 +194,14 @@ jobs:
193194
version: latest
194195

195196
- name: Configure Helm repos
196-
if: ${{ inputs.helm_repos }}
197+
if: inputs.helm_repos
198+
env:
199+
INPUT_HELM_REPOS: ${{ inputs.helm_repos }}
197200
run: |
198201
set -euo pipefail
199202
200-
repos="${{ inputs.helm_repos }}"
201-
for repo in ${repos//,/ }
203+
read -ra repos <<< "${INPUT_HELM_REPOS//,/ }"
204+
for repo in "${repos[@]}"
202205
do
203206
helm repo add "${repo%=*}" "${repo#*=}"
204207
done
@@ -216,9 +219,12 @@ jobs:
216219
217220
- name: Get chart version
218221
id: chart_version
222+
env:
223+
INPUT_CHART_DIR: ${{ inputs.chart_dir }}
224+
INPUT_CHART: ${{ matrix.chart }}
219225
run: |
220226
set -euo pipefail
221-
echo "version=$(yq eval '.version' './${{ inputs.chart_dir }}/${{ matrix.chart }}/Chart.yaml')" >> "${GITHUB_OUTPUT}"
227+
echo "version=$(yq eval '.version' "./${INPUT_CHART_DIR}/${INPUT_CHART}/Chart.yaml")" >> "${GITHUB_OUTPUT}"
222228
223229
- name: Get changelog entry
224230
uses: mindsers/changelog-reader-action@32aa5b4c155d76c94e4ec883a223c947b2f02656 # v2.2.3
@@ -230,6 +236,13 @@ jobs:
230236

231237
- name: Package chart
232238
id: package
239+
env:
240+
INPUT_CHART_DIR: ${{ inputs.chart_dir }}
241+
INPUT_CHART: ${{ matrix.chart }}
242+
INPUT_CHART_VERSION: ${{ steps.chart_version.outputs.version }}
243+
INPUT_RELEASE_NOTES: ${{ inputs.release_notes }}
244+
INPUT_CHANGELOG: ${{ steps.changelog_reader.outputs.changes }}
245+
INPUT_AH_LINT: ${{ inputs.ah_lint }}
233246
run: |
234247
set -euo pipefail
235248
@@ -238,12 +251,9 @@ jobs:
238251
239252
release_notes_file="RELEASE.md"
240253
241-
if [[ "${{ inputs.release_notes }}" == "true" ]]; then
242-
release_notes_path="./${{ inputs.chart_dir }}/${{ matrix.chart }}/${release_notes_file}"
243-
244-
cat <<"EOF" > "${release_notes_path}"
245-
${{ steps.changelog_reader.outputs.changes }}
246-
EOF
254+
if [[ "${INPUT_RELEASE_NOTES}" == "true" ]]; then
255+
release_notes_path="./${INPUT_CHART_DIR}/${INPUT_CHART}/${release_notes_file}"
256+
printf '%s\n' "${INPUT_CHANGELOG}" > "${release_notes_path}"
247257
248258
added="$(mdq --output plain '# Added | -' <"${release_notes_path}" || true)"
249259
changed="$(mdq --output plain '# Changed | -' <"${release_notes_path}" || true)"
@@ -252,7 +262,7 @@ jobs:
252262
fixed="$(mdq --output plain '# Fixed | -' <"${release_notes_path}" || true)"
253263
security="$(mdq --output plain '# Security | -' <"${release_notes_path}" || true)"
254264
255-
changes_path="./${{ inputs.chart_dir }}/${{ matrix.chart }}/changes.txt"
265+
changes_path="./${INPUT_CHART_DIR}/${INPUT_CHART}/changes.txt"
256266
rm -f "${changes_path}"
257267
258268
old_ifs="${IFS}"
@@ -285,28 +295,35 @@ jobs:
285295
IFS="${old_ifs}"
286296
287297
if [[ -f "${changes_path}" ]]; then
288-
changes="$(cat "${changes_path}")" yq eval --inplace '.annotations["artifacthub.io/changes"] |= strenv(changes)' "./${{ inputs.chart_dir }}/${{ matrix.chart }}/Chart.yaml"
298+
changes="$(cat "${changes_path}")" yq eval --inplace '.annotations["artifacthub.io/changes"] |= strenv(changes)' "./${INPUT_CHART_DIR}/${INPUT_CHART_DIR}/Chart.yaml"
289299
rm -f "${changes_path}"
290300
fi
291301
fi
292302
293-
if [[ "${{ inputs.ah_lint }}" == "true" ]]; then
294-
ah lint --kind helm --path "./${{ inputs.chart_dir }}" || exit 1
303+
if [[ "${INPUT_AH_LINT}" == "true" ]]; then
304+
ah lint --kind helm --path "./${INPUT_CHART_DIR}" || exit 1
295305
fi
296306
297-
cr package --package-path="${package_dir}" ./${{ inputs.chart_dir }}/${{ matrix.chart }}
307+
cr package --package-path="${package_dir}" ./${INPUT_CHART_DIR}/${INPUT_CHART_DIR}
298308
299-
echo "path=${package_dir}/${{ matrix.chart }}-${{ steps.chart_version.outputs.version }}.tgz" >> "${GITHUB_OUTPUT}"
309+
echo "path=${package_dir}/${INPUT_CHART_DIR}-${INPUT_CHART_VERSION}.tgz" >> "${GITHUB_OUTPUT}"
300310
echo "release_notes_file=${release_notes_file}" >> "${GITHUB_OUTPUT}"
301311
302312
- name: Create chart GH release
313+
env:
314+
GITHUB_TOKEN: ${{ github.token }}
315+
GITHUB_REPOSITORY_NAME: ${{ github.event.repository.name }}
316+
INPUT_PACKAGE_PATH: ${{ steps.package.outputs.path }}
317+
INPUT_RELEASE_NAME_VERSION_PREFIX: ${{ inputs.release_name_version_prefix }}
318+
INPUT_RELEASE_NOTES_FILE: ${{ steps.package.outputs.release_notes_file }}
319+
INPUT_RELEASE_AS_LATEST: ${{ inputs.release_as_latest }}
303320
run: |
304321
set -euo pipefail
305322
306-
package_dir="$(dirname ${{ steps.package.outputs.path }})"
307-
release_name_template="{{ .Name }}-${{ inputs.release_name_version_prefix }}{{ .Version }}"
323+
package_dir="$(dirname "${INPUT_PACKAGE_PATH}")"
324+
release_name_template="{{ .Name }}-${INPUT_RELEASE_NAME_VERSION_PREFIX}{{ .Version }}"
308325
309-
cr upload --token=${{ github.token }} --owner=${{ github.repository_owner }} --git-repo=${{ github.event.repository.name }} --commit=${{ github.sha }} --package-path="${package_dir}" --release-name-template="${release_name_template}" --release-notes-file=${{ steps.package.outputs.release_notes_file }} --make-release-latest=${{ inputs.release_as_latest }}
326+
cr upload --token="${GITHUB_TOKEN}" --owner="${GITHUB_REPOSITORY_OWNER}" --git-repo="${GITHUB_REPOSITORY_NAME}" --commit="${GITHUB_SHA}" --package-path="${package_dir}" --release-name-template="${release_name_template}" --release-notes-file="${INPUT_RELEASE_NOTES_FILE}" --make-release-latest="${INPUT_RELEASE_AS_LATEST}"
310327
311328
- name: Login to OCI registry
312329
if: inputs.publish_oci
@@ -333,12 +350,18 @@ jobs:
333350
- name: Configure OCI repository
334351
id: oci
335352
if: inputs.publish_oci
353+
env:
354+
INPUT_OCI_REGISTRY: ${{ inputs.oci_registry }}
355+
INPUT_OCI_REPOSITORY_PREFIX: ${{ inputs.oci_repository_prefix }}
356+
INPUT_CHART: ${{ matrix.chart }}
357+
INPUT_CHART_DIR: ${{ inputs.chart_dir }}
358+
INPUT_ARTIFACT_HUB_CONFIG_FILE: ${{ inputs.artifact_hub_config_file }}
336359
run: |
337360
set -euo pipefail
338361
339-
oci_repository="${{ inputs.oci_registry }}/${{ inputs.oci_repository_prefix }}/${{ matrix.chart }}"
362+
oci_repository="${INPUT_OCI_REGISTRY}/${INPUT_OCI_REPOSITORY_PREFIX}/${INPUT_CHART}"
340363
341-
ah_config_path="./${{ inputs.chart_dir }}/${{ matrix.chart }}/${{ inputs.artifact_hub_config_file }}"
364+
ah_config_path="./${INPUT_CHART_DIR}/${INPUT_CHART}/${INPUT_ARTIFACT_HUB_CONFIG_FILE}"
342365
343366
if [[ -f "${ah_config_path}" ]]
344367
then
@@ -365,14 +388,22 @@ jobs:
365388
- name: Publish chart to OCI repository
366389
id: publish_oci
367390
if: inputs.publish_oci
391+
env:
392+
GITHUB_TOKEN: ${{ github.token }}
393+
INPUT_OCI_REGISTRY: ${{ inputs.oci_registry }}
394+
INPUT_OCI_REPOSITORY: ${{ steps.oci.outputs.repository }}
395+
INPUT_CHART_DIR: ${{ inputs.chart_dir }}
396+
INPUT_CHART: ${{ matrix.chart }}
397+
INPUT_CHART_VERSION: ${{ steps.chart_version.outputs.version }}
398+
INPUT_PACKAGE_PATH: ${{ steps.package.outputs.path }}
368399
run: |
369400
set -euo pipefail
370401
371-
oci_repository="${{ steps.oci.outputs.repository }}"
372-
oci_image="${oci_repository}:${{ steps.chart_version.outputs.version }}"
402+
oci_repository="${INPUT_OCI_REPOSITORY}"
403+
oci_image="${oci_repository}:${INPUT_CHART_VERSION}"
373404
374-
helm registry login --username ${{ github.actor }} --password ${{ github.token }} "${{ inputs.oci_registry }}"
375-
helm push ${{ steps.package.outputs.path }} "oci://$(dirname "${oci_repository}")"
405+
helm registry login --username ${GITHUB_ACTOR} --password "${GITHUB_TOKEN}" "${INPUT_OCI_REGISTRY}"
406+
helm push "${INPUT_PACKAGE_PATH}" "oci://$(dirname "${oci_repository}")"
376407
377408
digest="$(crane digest "${oci_image}")"
378409
cosign sign --yes "${oci_image}@${digest}"
@@ -391,12 +422,16 @@ jobs:
391422

392423
- name: Publish chart to GH Pages
393424
if: inputs.publish_gh_pages
425+
env:
426+
GITHUB_TOKEN: ${{ github.token }}
427+
GITHUB_REPOSITORY_NAME: ${{ github.event.repository.name }}
428+
INPUT_PACKAGE_PATH: ${{ steps.package.outputs.path }}
394429
run: |
395430
set -euo pipefail
396431
397432
index_dir="./.cr-index"
398433
mkdir -p "${index_dir}"
399434
400-
package_dir="$(dirname ${{ steps.package.outputs.path }})"
435+
package_dir="$(dirname ${INPUT_PACKAGE_PATH})"
401436
402-
cr index --token=${{ github.token }} --push --owner=${{ github.repository_owner }} --git-repo=${{ github.event.repository.name }} --package-path="${package_dir}" --index-path="${index_dir}/index.yaml"
437+
cr index --token="${GITHUB_TOKEN}" --push --owner="${GITHUB_REPOSITORY_OWNER}" --git-repo="${GITHUB_REPOSITORY_NAME}" --package-path="${package_dir}" --index-path="${index_dir}/index.yaml"

0 commit comments

Comments
 (0)