Merge pull request #6 from onyx-dot-app/kanban/vespa-helm-charts/chore-add-ci-quality-checks

chore(ci): add quality checks workflow and harden release workflow
This commit is contained in:
Jamison Lahman
2026-05-13 16:29:48 -07:00
committed by GitHub
3 changed files with 103 additions and 23 deletions
+5
View File
@@ -0,0 +1,5 @@
# chart-testing configuration
# https://github.com/helm/chart-testing
chart-dirs:
- charts
validate-maintainers: false
+28 -23
View File
@@ -5,7 +5,10 @@ on:
branches:
- main
workflow_dispatch: # Allows manual triggering
permissions:
contents: read
jobs:
release-helm-charts:
permissions:
@@ -13,26 +16,28 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
with:
ref: main
fetch-depth: 0
- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
- name: Install Helm
uses: azure/setup-helm@v4
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # ratchet:actions/checkout@v6.0.2
with:
ref: main
fetch-depth: 0
# https://github.com/helm/chart-releaser-action
- name: Run chart-releaser
uses: helm/chart-releaser-action@v1.7.0
with:
charts_dir: charts
env:
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
- name: Configure Git
env:
GITHUB_ACTOR: ${{ github.actor }}
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
- name: Install Helm
uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # ratchet:azure/setup-helm@v4.3.1
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
# https://github.com/helm/chart-releaser-action
- name: Run chart-releaser
uses: helm/chart-releaser-action@a0d2dc62c5e491af8ef6ba64a2e02bcf3fb33aa1 # ratchet:helm/chart-releaser-action@v1.7.0
with:
charts_dir: charts
env:
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+70
View File
@@ -0,0 +1,70 @@
name: Quality Checks PR
concurrency:
group: Quality-Checks-PR-${{ github.workflow }}-${{ github.head_ref || github.event.workflow_run.head_branch || github.run_id }}
cancel-in-progress: true
on:
merge_group:
pull_request: null
push:
branches:
- main
tags:
- "v*.*.*"
permissions:
contents: read
jobs:
quality-checks:
runs-on: ubuntu-latest
timeout-minutes: 15
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # ratchet:actions/checkout@v6.0.2
with:
fetch-depth: 0
persist-credentials: false
- name: Set up Python
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # ratchet:actions/setup-python@v6.2.0
with:
python-version: "3.11"
- name: Set up Helm
uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # ratchet:azure/setup-helm@v4.3.1
- name: Set up chart-testing
uses: helm/chart-testing-action@6ec842c01de15ebb84c8627d2744a0c2f2755c9f # ratchet:helm/chart-testing-action@v2.8.0
- name: Determine ct target branch
id: ct-target
env:
BASE_REF: ${{ github.base_ref }}
EVENT_NAME: ${{ github.event_name }}
run: |
if [ "$EVENT_NAME" = "pull_request" ] && [ -n "$BASE_REF" ]; then
echo "target=$BASE_REF" >> "$GITHUB_OUTPUT"
else
echo "target=main" >> "$GITHUB_OUTPUT"
fi
- name: Run helm lint (all charts)
run: |
for chart in charts/*/; do
echo "::group::helm lint $chart"
helm lint "$chart"
echo "::endgroup::"
done
- name: Run chart-testing (list-changed)
id: list-changed
run: |
changed=$(ct list-changed --config .github/ct.yaml --target-branch "${{ steps.ct-target.outputs.target }}")
if [ -n "$changed" ]; then
echo "changed=true" >> "$GITHUB_OUTPUT"
fi
- name: Run chart-testing (lint)
if: steps.list-changed.outputs.changed == 'true'
run: ct lint --config .github/ct.yaml --target-branch "${{ steps.ct-target.outputs.target }}" --check-version-increment