Skip to content
Lint Helm chart

chore(deps): update redis docker tag from 7.2.11 to v7.4.6 (docker-compose.yml) - abandoned - autoclosed #21552

Sign in to view logs

chore(deps): update redis docker tag from 7.2.11 to v7.4.6 (docker-compose.yml) - abandoned - autoclosed

chore(deps): update redis docker tag from 7.2.11 to v7.4.6 (docker-compose.yml) - abandoned - autoclosed #21552

Workflow file for this run

.github/workflows/test-helm-chart.yml at 3b853e2
name: Lint Helm chart
on:
pull_request:
branches:
- master
- dev
- bugfix
- release/**
- hotfix/**
jobs:
lint:
name: Lint chart (version)
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
fetch-depth: 0
- name: Set up Helm
uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # v4.3.1
- uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
with:
python-version: 3.13
- name: Configure Helm repos
run: |-
helm dependency list ./helm/defectdojo
helm dependency update ./helm/defectdojo
- name: Set up chart-testing
uses: helm/chart-testing-action@0d28d3144d3a25ea2cc349d6e59901c4ff469b3b # v2.7.0
with:
yamale_version: 4.0.4
yamllint_version: 1.35.1
- name: Determine target branch
id: ct-branch-target
run: |
if [ ! -z ${GITHUB_BASE_REF} ]; then
echo "ct-branch=${GITHUB_BASE_REF}" >> $GITHUB_ENV
else
echo "ct-branch=${GITHUB_REF#refs/heads/}" >> $GITHUB_ENV
fi
- name: Run chart-testing (list-changed)
id: list-changed
run: |
changed=$(ct list-changed --config ct.yaml --target-branch ${{ env.ct-branch}})
if [[ -n "$changed" ]]; then
echo "changed=true" >> $GITHUB_ENV
fi
# run version check only if not dev as in dev we have a `x.y.z-dev` version
# x.y.z gets bumped automatically when doing a release
- name: Run chart-testing (lint)
run: ct lint --config ct.yaml --target-branch ${{ env.ct-branch }} --check-version-increment=true
if: ${{ env.changed == 'true' && env.ct-branch != 'dev' && env.ct-branch != 'bugfix' }}
# run all checks but version increment always when something changed
- name: Run chart-testing (lint)
run: ct lint --config ct.yaml --target-branch ${{ env.ct-branch }} --check-version-increment=false
if: env.changed == 'true'
- name: Check update of "artifacthub.io/changes" HELM annotation
if: env.changed == 'true'
run: |
# fast fail if `git show` fails
set -e
set -o pipefail
target_branch=${{ env.ct-branch }}
echo "Checking Chart.yaml annotation changes"
# Get current branch annotation
current_annotation=$(yq e '.annotations."artifacthub.io/changes"' "helm/defectdojo/Chart.yaml")
# Get target branch version of Chart.yaml annotation
target_annotation=$(git show "origin/${{ env.ct-branch }}:helm/defectdojo/Chart.yaml" | yq e '.annotations."artifacthub.io/changes"' -)
if [[ "$current_annotation" == "$target_annotation" ]]; then
echo "::error::The HELM chart has been updated but the 'artifacthub.io/changes' annotation in 'Chart.yaml' has not been changed (compared to '${{ env.ct-branch }}' branch)"
exit 1
fi
echo "'artifacthub.io/changes' annotation updated in helm/defectdojo"
# - name: Create kind cluster
# uses: helm/kind-action@v1.1.0
# if: env.changed == 'true'
# - name: Run chart-testing (install)
# run: ct install --config ct.yaml --target-branch ${{ env.ct-branch }} --helm-extra-args '--set createSecret=true --set createRabbitMqSecret=true --set createPostgresqlSecret=true --set timeout=900'
# if: env.changed == 'true'
docs_generation:
name: Update documentation
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
# Documentation provided in the README file needs to contain the latest information from `values.yaml` and all other related assets.
# If this step fails, install https://github.com/norwoodj/helm-docs and run locally `helm-docs --chart-search-root helm/defectdojo` before committing your changes.
# The helm-docs documentation will be generated for you.
- name: Run helm-docs
uses: losisin/helm-docs-github-action@a57fae5676e4c55a228ea654a1bcaec8dd3cf5b5 # v1.6.2
with:
fail-on-diff: true
chart-search-root: "helm/defectdojo"
generate_schema:
name: Update schema
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
# The HELM structure supports the existence of a `values.schema.json` file. This file is used to validate all values provided by the user before Helm starts rendering templates.
# The chart needs to have a `values.schema.json` file that is compatible with the default `values.yaml` file.
# If this step fails, install https://github.com/losisin/helm-values-schema-json and run locally `helm schema --use-helm-docs` in `helm/defectdojo` before committing your changes.
# The helm schema will be generated for you.
- name: Generate values schema json
uses: losisin/helm-values-schema-json-action@d5847286fa04322702c4f8d45031974798c83ac7 # v2.3.0
with:
fail-on-diff: true
working-directory: "helm/defectdojo"
useHelmDocs: true
values: values.yaml
lint_format:
name: Lint chart (format)
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
fetch-depth: 0
- name: Set up Helm
uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # v4.3.1
- name: Configure Helm repos
run: |-
helm dependency list ./helm/defectdojo
helm dependency update ./helm/defectdojo
- name: Lint
run: |-
helm lint ./helm/defectdojo --strict
artifacthub_linter:
name: Artifacthub Lint
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- name: Run ah lint
working-directory: ./helm/defectdojo
run: |-
docker run --rm \
-v ${{ github.workspace }}/helm/defectdojo:/workspace \
-w /workspace \
artifacthub/ah:v1.21.0@sha256:511818fa90ce87d7132c6214e51ea6dd62eea030f5d2271ce073f948b3060972 \
ah lint