From 90a5f90dcf9e24ab4cc9c13f309bfe5e8f1a4b69 Mon Sep 17 00:00:00 2001 From: Frank Zhu Date: Wed, 17 Apr 2024 12:21:39 -0500 Subject: [PATCH 01/14] add kubeconform gha to validate k8s manifests --- .github/workflows/helm-chart.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/workflows/helm-chart.yml b/.github/workflows/helm-chart.yml index 1a12a512e39..b996149b5d6 100644 --- a/.github/workflows/helm-chart.yml +++ b/.github/workflows/helm-chart.yml @@ -30,3 +30,12 @@ jobs: gc-basic-auth: ${{ secrets.GRAFANA_INTERNAL_BASIC_AUTH }} gc-host: ${{ secrets.GRAFANA_INTERNAL_HOST }} gc-org-id: ${{ secrets.GRAFANA_INTERNAL_TENANT_ID }} + kubeconform: + runs-on: ubuntu-latest + steps: + - name: Checkout repo + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 + - name: Generate and validate releases + uses: shivjm/helm-kubeconform-action@e330da645f13bc035d5d2772838d185877f80701 # v0.3.0 + with: + chartsDirectory: "charts" From 05e8d1168fd897c12ed67eec5c036f7d53c6dff4 Mon Sep 17 00:00:00 2001 From: Frank Zhu Date: Wed, 17 Apr 2024 12:24:50 -0500 Subject: [PATCH 02/14] add regexSkipDir input --- .github/workflows/helm-chart.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/helm-chart.yml b/.github/workflows/helm-chart.yml index b996149b5d6..2a3ad6a76f9 100644 --- a/.github/workflows/helm-chart.yml +++ b/.github/workflows/helm-chart.yml @@ -39,3 +39,4 @@ jobs: uses: shivjm/helm-kubeconform-action@e330da645f13bc035d5d2772838d185877f80701 # v0.3.0 with: chartsDirectory: "charts" + regexSkipDir: "charts/chainlink-cluster/dashboard" From d4ac8683b912e4b7e47846f5ed0632030a276717 Mon Sep 17 00:00:00 2001 From: Frank Zhu Date: Wed, 17 Apr 2024 12:28:30 -0500 Subject: [PATCH 03/14] fix --- .github/workflows/helm-chart.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/helm-chart.yml b/.github/workflows/helm-chart.yml index 2a3ad6a76f9..d950d5df872 100644 --- a/.github/workflows/helm-chart.yml +++ b/.github/workflows/helm-chart.yml @@ -39,4 +39,4 @@ jobs: uses: shivjm/helm-kubeconform-action@e330da645f13bc035d5d2772838d185877f80701 # v0.3.0 with: chartsDirectory: "charts" - regexSkipDir: "charts/chainlink-cluster/dashboard" + regexSkipDir: "\\.git" From 458906eba83863c8cb3fd2842e3e95cca5343f9d Mon Sep 17 00:00:00 2001 From: Frank Zhu Date: Wed, 17 Apr 2024 13:35:59 -0500 Subject: [PATCH 04/14] use .github action instead --- .github/workflows/helm-chart.yml | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/.github/workflows/helm-chart.yml b/.github/workflows/helm-chart.yml index d950d5df872..5827fae923c 100644 --- a/.github/workflows/helm-chart.yml +++ b/.github/workflows/helm-chart.yml @@ -30,13 +30,16 @@ jobs: gc-basic-auth: ${{ secrets.GRAFANA_INTERNAL_BASIC_AUTH }} gc-host: ${{ secrets.GRAFANA_INTERNAL_HOST }} gc-org-id: ${{ secrets.GRAFANA_INTERNAL_TENANT_ID }} - kubeconform: + ci-kubeconform: runs-on: ubuntu-latest steps: - - name: Checkout repo - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - - name: Generate and validate releases - uses: shivjm/helm-kubeconform-action@e330da645f13bc035d5d2772838d185877f80701 # v0.3.0 + - name: ci-kubeconform + uses: smartcontractkit/.github/actions/ci-kubeconform@re-2490/add-ci-kubeform # TODO pin specific version once released with: - chartsDirectory: "charts" - regexSkipDir: "\\.git" + # kubeform inputs + charts-dir: charts + # grafana inputs + metrics-job-name: ci-kubeform + gc-basic-auth: ${{ secrets.GRAFANA_INTERNAL_BASIC_AUTH }} + gc-host: ${{ secrets.GRAFANA_INTERNAL_HOST }} + gc-org-id: ${{ secrets.GRAFANA_INTERNAL_TENANT_ID }} From 262189d52d319511c56cfe271c67d1ef8513b568 Mon Sep 17 00:00:00 2001 From: Frank Zhu Date: Wed, 17 Apr 2024 13:38:30 -0500 Subject: [PATCH 05/14] fix metrics-job-name --- .github/workflows/helm-chart.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/helm-chart.yml b/.github/workflows/helm-chart.yml index 5827fae923c..944328e7f44 100644 --- a/.github/workflows/helm-chart.yml +++ b/.github/workflows/helm-chart.yml @@ -39,7 +39,7 @@ jobs: # kubeform inputs charts-dir: charts # grafana inputs - metrics-job-name: ci-kubeform + metrics-job-name: ci-kubeconform gc-basic-auth: ${{ secrets.GRAFANA_INTERNAL_BASIC_AUTH }} gc-host: ${{ secrets.GRAFANA_INTERNAL_HOST }} gc-org-id: ${{ secrets.GRAFANA_INTERNAL_TENANT_ID }} From 3d2a47dd4e5e09519e2255d0a85f416303eae991 Mon Sep 17 00:00:00 2001 From: Frank Zhu Date: Wed, 17 Apr 2024 15:23:39 -0500 Subject: [PATCH 06/14] fix --- .github/workflows/helm-chart.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/helm-chart.yml b/.github/workflows/helm-chart.yml index 944328e7f44..c68c9438afb 100644 --- a/.github/workflows/helm-chart.yml +++ b/.github/workflows/helm-chart.yml @@ -37,7 +37,7 @@ jobs: uses: smartcontractkit/.github/actions/ci-kubeconform@re-2490/add-ci-kubeform # TODO pin specific version once released with: # kubeform inputs - charts-dir: charts + charts-dir: charts/chainlink-cluster # grafana inputs metrics-job-name: ci-kubeconform gc-basic-auth: ${{ secrets.GRAFANA_INTERNAL_BASIC_AUTH }} From 5bad1e6970609b23db6c99a4a24ae7d03fe8335e Mon Sep 17 00:00:00 2001 From: Frank Zhu Date: Wed, 17 Apr 2024 15:35:57 -0500 Subject: [PATCH 07/14] split job --- .github/workflows/helm-chart.yml | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/.github/workflows/helm-chart.yml b/.github/workflows/helm-chart.yml index c68c9438afb..4f685ff869d 100644 --- a/.github/workflows/helm-chart.yml +++ b/.github/workflows/helm-chart.yml @@ -7,12 +7,8 @@ on: - ".github/workflows/helm-chart.yml" jobs: - ci-lint-helm-charts: + add-helm-repos: runs-on: ubuntu-latest - permissions: - id-token: write - contents: read - actions: read steps: - name: Add repositories run: | @@ -20,6 +16,15 @@ jobs: helm repo add opentelemetry-collector https://open-telemetry.github.io/opentelemetry-helm-charts helm repo add tempo https://grafana.github.io/helm-charts helm repo add grafana https://grafana.github.io/helm-charts + + ci-lint-helm-charts: + needs: add-helm-repos + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + actions: read + steps: - name: ci-lint-helm-charts uses: smartcontractkit/.github/actions/ci-lint-charts@6b08487b176ef7cad086526d0b54ddff6691c044 # ci-lint-charts@0.1.2 with: @@ -30,7 +35,9 @@ jobs: gc-basic-auth: ${{ secrets.GRAFANA_INTERNAL_BASIC_AUTH }} gc-host: ${{ secrets.GRAFANA_INTERNAL_HOST }} gc-org-id: ${{ secrets.GRAFANA_INTERNAL_TENANT_ID }} + ci-kubeconform: + needs: add-helm-repos runs-on: ubuntu-latest steps: - name: ci-kubeconform From 2034e0404368c305648b8977b1f8442461174a00 Mon Sep 17 00:00:00 2001 From: Frank Zhu Date: Wed, 17 Apr 2024 16:02:14 -0500 Subject: [PATCH 08/14] use yq for helm repo add --- .github/workflows/helm-chart.yml | 29 ++++++++++++++++++----------- 1 file changed, 18 insertions(+), 11 deletions(-) diff --git a/.github/workflows/helm-chart.yml b/.github/workflows/helm-chart.yml index 4f685ff869d..125c54e807c 100644 --- a/.github/workflows/helm-chart.yml +++ b/.github/workflows/helm-chart.yml @@ -7,24 +7,22 @@ on: - ".github/workflows/helm-chart.yml" jobs: - add-helm-repos: - runs-on: ubuntu-latest - steps: - - name: Add repositories - run: | - helm repo add mockserver https://www.mock-server.com - helm repo add opentelemetry-collector https://open-telemetry.github.io/opentelemetry-helm-charts - helm repo add tempo https://grafana.github.io/helm-charts - helm repo add grafana https://grafana.github.io/helm-charts - ci-lint-helm-charts: - needs: add-helm-repos runs-on: ubuntu-latest permissions: id-token: write contents: read actions: read steps: + - name: Setup yq + uses: frenck/action-setup-yq@c4b5be8b4a215c536a41d436757d9feb92836d4f #v1.0.2 + - name: Add helm repos + shell: bash + working-directory: charts/chainlink-cluster + run: | + if [[ -f "./Chart.lock" ]]; then + yq --indent 0 '.dependencies | map(["helm", "repo", "add", .name, .repository] | join(" ")) | .[]' "./Chart.lock" | sh --; + fi - name: ci-lint-helm-charts uses: smartcontractkit/.github/actions/ci-lint-charts@6b08487b176ef7cad086526d0b54ddff6691c044 # ci-lint-charts@0.1.2 with: @@ -40,6 +38,15 @@ jobs: needs: add-helm-repos runs-on: ubuntu-latest steps: + - name: Setup yq + uses: frenck/action-setup-yq@c4b5be8b4a215c536a41d436757d9feb92836d4f #v1.0.2 + - name: Add helm repos + shell: bash + working-directory: charts/chainlink-cluster + run: | + if [[ -f "./Chart.lock" ]]; then + yq --indent 0 '.dependencies | map(["helm", "repo", "add", .name, .repository] | join(" ")) | .[]' "./Chart.lock" | sh --; + fi - name: ci-kubeconform uses: smartcontractkit/.github/actions/ci-kubeconform@re-2490/add-ci-kubeform # TODO pin specific version once released with: From b058e1ba854a52587b912ab395a9109cf6e6f51f Mon Sep 17 00:00:00 2001 From: Frank Zhu Date: Wed, 17 Apr 2024 16:05:35 -0500 Subject: [PATCH 09/14] fix needs --- .github/workflows/helm-chart.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/helm-chart.yml b/.github/workflows/helm-chart.yml index 125c54e807c..e7a84b6efac 100644 --- a/.github/workflows/helm-chart.yml +++ b/.github/workflows/helm-chart.yml @@ -35,7 +35,6 @@ jobs: gc-org-id: ${{ secrets.GRAFANA_INTERNAL_TENANT_ID }} ci-kubeconform: - needs: add-helm-repos runs-on: ubuntu-latest steps: - name: Setup yq From e4e4e4d2c13e9c22696cab37e07b1c47ebe56fd1 Mon Sep 17 00:00:00 2001 From: Frank Zhu Date: Wed, 17 Apr 2024 16:07:40 -0500 Subject: [PATCH 10/14] add checkout --- .github/workflows/helm-chart.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/helm-chart.yml b/.github/workflows/helm-chart.yml index e7a84b6efac..96f40702586 100644 --- a/.github/workflows/helm-chart.yml +++ b/.github/workflows/helm-chart.yml @@ -14,6 +14,8 @@ jobs: contents: read actions: read steps: + - name: Checkout the repo + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Setup yq uses: frenck/action-setup-yq@c4b5be8b4a215c536a41d436757d9feb92836d4f #v1.0.2 - name: Add helm repos @@ -37,6 +39,8 @@ jobs: ci-kubeconform: runs-on: ubuntu-latest steps: + - name: Checkout the repo + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Setup yq uses: frenck/action-setup-yq@c4b5be8b4a215c536a41d436757d9feb92836d4f #v1.0.2 - name: Add helm repos From b1b46eb8712423230807f4ad5586b57bf789f47b Mon Sep 17 00:00:00 2001 From: Frank Zhu Date: Thu, 18 Apr 2024 10:18:40 -0500 Subject: [PATCH 11/14] refactor without add-helm-repos step --- .github/workflows/helm-chart.yml | 23 +---------------------- 1 file changed, 1 insertion(+), 22 deletions(-) diff --git a/.github/workflows/helm-chart.yml b/.github/workflows/helm-chart.yml index 96f40702586..7204051ea72 100644 --- a/.github/workflows/helm-chart.yml +++ b/.github/workflows/helm-chart.yml @@ -14,22 +14,12 @@ jobs: contents: read actions: read steps: - - name: Checkout the repo - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - - name: Setup yq - uses: frenck/action-setup-yq@c4b5be8b4a215c536a41d436757d9feb92836d4f #v1.0.2 - - name: Add helm repos - shell: bash - working-directory: charts/chainlink-cluster - run: | - if [[ -f "./Chart.lock" ]]; then - yq --indent 0 '.dependencies | map(["helm", "repo", "add", .name, .repository] | join(" ")) | .[]' "./Chart.lock" | sh --; - fi - name: ci-lint-helm-charts uses: smartcontractkit/.github/actions/ci-lint-charts@6b08487b176ef7cad086526d0b54ddff6691c044 # ci-lint-charts@0.1.2 with: # chart testing inputs chart-testing-extra-args: "--lint-conf=lintconf.yaml" + charts-dir: charts/chainlink-cluster # grafana inputs metrics-job-name: ci-lint-helm-charts gc-basic-auth: ${{ secrets.GRAFANA_INTERNAL_BASIC_AUTH }} @@ -39,17 +29,6 @@ jobs: ci-kubeconform: runs-on: ubuntu-latest steps: - - name: Checkout the repo - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - - name: Setup yq - uses: frenck/action-setup-yq@c4b5be8b4a215c536a41d436757d9feb92836d4f #v1.0.2 - - name: Add helm repos - shell: bash - working-directory: charts/chainlink-cluster - run: | - if [[ -f "./Chart.lock" ]]; then - yq --indent 0 '.dependencies | map(["helm", "repo", "add", .name, .repository] | join(" ")) | .[]' "./Chart.lock" | sh --; - fi - name: ci-kubeconform uses: smartcontractkit/.github/actions/ci-kubeconform@re-2490/add-ci-kubeform # TODO pin specific version once released with: From 20a215ee639815a678b6e3d64819826754ec81db Mon Sep 17 00:00:00 2001 From: Frank Zhu Date: Thu, 18 Apr 2024 10:25:00 -0500 Subject: [PATCH 12/14] edit --- .github/workflows/helm-chart.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/workflows/helm-chart.yml b/.github/workflows/helm-chart.yml index 7204051ea72..b2dc968c111 100644 --- a/.github/workflows/helm-chart.yml +++ b/.github/workflows/helm-chart.yml @@ -9,13 +9,9 @@ on: jobs: ci-lint-helm-charts: runs-on: ubuntu-latest - permissions: - id-token: write - contents: read - actions: read steps: - name: ci-lint-helm-charts - uses: smartcontractkit/.github/actions/ci-lint-charts@6b08487b176ef7cad086526d0b54ddff6691c044 # ci-lint-charts@0.1.2 + uses: smartcontractkit/.github/actions/ci-lint-charts@re-2490/add-ci-kubeform # TODO pin specific version once released with: # chart testing inputs chart-testing-extra-args: "--lint-conf=lintconf.yaml" From 157e508afa0c2cda26eb9c518e83d5050bd64d8d Mon Sep 17 00:00:00 2001 From: Frank Zhu Date: Thu, 18 Apr 2024 12:59:34 -0500 Subject: [PATCH 13/14] pin versio --- .github/workflows/helm-chart.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/helm-chart.yml b/.github/workflows/helm-chart.yml index b2dc968c111..80c32f87010 100644 --- a/.github/workflows/helm-chart.yml +++ b/.github/workflows/helm-chart.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: ci-lint-helm-charts - uses: smartcontractkit/.github/actions/ci-lint-charts@re-2490/add-ci-kubeform # TODO pin specific version once released + uses: smartcontractkit/.github/actions/ci-lint-charts@7fa39741b11e66ed59f8aad786d4b9356c389f3f # ci-lint-charts@0.2.0 with: # chart testing inputs chart-testing-extra-args: "--lint-conf=lintconf.yaml" @@ -26,7 +26,7 @@ jobs: runs-on: ubuntu-latest steps: - name: ci-kubeconform - uses: smartcontractkit/.github/actions/ci-kubeconform@re-2490/add-ci-kubeform # TODO pin specific version once released + uses: smartcontractkit/.github/actions/ci-kubeconform@7fa39741b11e66ed59f8aad786d4b9356c389f3f # ci-kubeconform@0.1.0 with: # kubeform inputs charts-dir: charts/chainlink-cluster From 7c296d1b55b9350571c2c4350567e4b83cc6ae4c Mon Sep 17 00:00:00 2001 From: Frank Zhu Date: Fri, 19 Apr 2024 09:22:39 -0500 Subject: [PATCH 14/14] update ci-kubeconform version with summary --- .github/workflows/helm-chart.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/helm-chart.yml b/.github/workflows/helm-chart.yml index 80c32f87010..f0dd25c5dbb 100644 --- a/.github/workflows/helm-chart.yml +++ b/.github/workflows/helm-chart.yml @@ -26,7 +26,7 @@ jobs: runs-on: ubuntu-latest steps: - name: ci-kubeconform - uses: smartcontractkit/.github/actions/ci-kubeconform@7fa39741b11e66ed59f8aad786d4b9356c389f3f # ci-kubeconform@0.1.0 + uses: smartcontractkit/.github/actions/ci-kubeconform@1ae8a9a984814c4daf50aa96f03be2cba0ef3fec # ci-kubeconform@0.2.0 with: # kubeform inputs charts-dir: charts/chainlink-cluster