Verification of helm charts post publish (#15) (#16)

Added below checks to the release pipeline

verification of chart versions post publish
feature deployment through published charts

Author: rajashekhargundeti

.github/workflows/release.yaml

@@ -13,10 +13,15 @@ jobs:
       IMAGE_REGISTRY: ${{ vars.IMAGE_REGISTRY }}
     secrets: inherit
   image-publish:
+    name: Tag image with release tag and push to repo
+    if: github.event.ref == 'refs/heads/main'
     runs-on: ubuntu-latest
     needs: ["build"]
     env:
-      IMAGE_PATH : ${{ needs.build.outputs.IMAGE_PATH }}
+      IMAGE_PATH: ${{ needs.build.outputs.IMAGE_PATH }}
+    outputs:
+      PROVIDER_IMAGE_REPO: ${{ env.PROVIDER_IMAGE_REPO }}
+      PROVIDER_IMAGE_NEW_TAG: ${{ env.PROVIDER_IMAGE_NEW_TAG }}
     steps:
 
       - name: Log into GitHub Container Registry
@@ -34,6 +39,14 @@ jobs:
           docker tag ${{ env.IMAGE_PATH }} ${{ env.PROVIDER_IMAGE_REPO }}:${{ env.PROVIDER_IMAGE_NEW_TAG }}
           docker push ${{ env.PROVIDER_IMAGE_REPO }}:${{ env.PROVIDER_IMAGE_NEW_TAG }}
 
+  charts-publish:
+    runs-on: ubuntu-latest
+    needs: ["build", "image-publish"]
+    env:
+      IMAGE_PATH : ${{ needs.build.outputs.IMAGE_PATH }}
+      PROVIDER_IMAGE_REPO: ${{ needs.image-publish.outputs.PROVIDER_IMAGE_REPO }}
+      PROVIDER_IMAGE_NEW_TAG: ${{ needs.image-publish.outputs.PROVIDER_IMAGE_NEW_TAG }}
+    steps:  
       - name: Checkout
         uses: actions/[email protected]
         with:
@@ -52,7 +65,41 @@ jobs:
           -e 's|tag:.*|tag: ${{ env.PROVIDER_IMAGE_NEW_TAG }}|' \
           charts/oci-secrets-store-csi-driver-provider/values.yaml 
           helm package charts/oci-secrets-store-csi-driver-provider -d charts
-          helm repo index --url https://${GITHUB_ACTOR,,}.github.io/oci-secrets-store-csi-driver-provider/charts --merge charts/index.yaml charts
+          mkdir temp-charts
+          helm repo index --url ${{ vars.HELM_CHARTS_REPO }}/charts --merge charts/index.yaml temp-charts
+          mv temp-charts/index.yaml charts/index.yaml
           git add charts
-          git commit -m "Releasing chart version: ${{ github.ref_name }}"
-          git push -u origin gh-pages
+          git commit -m "Releasing version: ${{ github.ref_name }}"
+          git push -u origin gh-pages
+
+      - name: verify published chart version
+        run: |
+          helm repo add oci-provider ${{ vars.HELM_CHARTS_REPO }}/charts
+          PUBLISHED_CHART_VERSION=`helm search repo oci-provider/oci-secrets-store-csi-driver-provider | grep ^oci | awk '{print $2}'`
+          LOCAL_CHART_VERSION=`grep "^version: " charts/oci-secrets-store-csi-driver-provider/Chart.yaml | sed -e "s/version: //"`
+          echo "PUBLISHED_CHART_VERSION=$PUBLISHED_CHART_VERSION"
+          echo "LOCAL_CHART_VERSION=$LOCAL_CHART_VERSION"
+          if [ "${PUBLISHED_CHART_VERSION}" != "${LOCAL_CHART_VERSION}" ];
+          then
+            echo "published version and local versions are not matching"
+            exit 1
+          else
+            echo "published version and local versions are matching"  
+          fi    
+
+  charts-deploy:
+    runs-on: ubuntu-latest
+    needs: [ "charts-publish"]
+    steps:
+      - name: Create k8s Kind Cluster
+        uses: helm/[email protected]
+
+      - name: get nodes
+        run: kubectl get nodes
+
+      - name: deploy helm chart
+        run: |
+          helm repo add oci-provider ${{ vars.HELM_CHARTS_REPO }}/charts
+          helm install oci-provider oci-provider/oci-secrets-store-csi-driver-provider -n kube-system
+          kubectl get daemonset -n kube-system \
+          --selector='app.kubernetes.io/name in (oci-secrets-store-csi-driver-provider, secrets-store-csi-driver)'