self-hosted/gitlab-actions
1
0
Fork 0
mirror of https://github.com/hegerdes/gitlab-actions.git synced 2025-10-06 05:36:52 +02:00
Code Activity

feat: add lint to helm package

Browse Source 
Signed-off-by: Henrik Gerdes <hegerdes@outlook.de>
This commit is contained in:
Henrik Gerdes
2024-08-11 19:15:33 +02:00
parent 060e308be7
commit 5f6fba697b
3 changed files with 43 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
.gitlab/ci/snippets.yml
View File

@@ -150,11 +150,14 @@
# Check if git is installed
if ! command -v git > /dev/null; then
echo "Installing git"
if command -v apt-get > /dev/null; then
apt-get update -qq > /dev/null
apt-get install -y -qq --no-install-recommends git > /dev/null
elif command -v apk > /dev/null; then
apk add git > /dev/null
if command -v apt-get > /dev/null; then
apt-get update -qq > /dev/null
apt-get install -y -qq --no-install-recommends git > /dev/null
elif command -v apk > /dev/null; then
apk add git > /dev/null
else
echo "Unsupported OS. Can not install git"
fi
fi
git version
kubeseal-install:

28
templates/helm-package.md
View File

@@ -19,19 +19,21 @@ where `<VERSION>` is the latest released tag or `main`. This will add a `HELM:pa
The template should work without modifications, when the `DIMAGE_TOKEN` variable (containing the base64 basic auth token for the container registry) is set but you can customize the template settings.
## Inputs
| Input | Default value | Description |
| ----------------- | ------------------------- | ----------------------------------------------------------------- |
| `stage` | `build` | The stage where you want the job to be added |
| `job_name_prefix` | `HELM` | The CI job name prefix. |
| `image` | `alpine/helm:latest` | The container image for doing scanning |
| `chart` | *REQUIRED* | The helm chart path in the repo. |
| `chart_version` | "" | The helm chart version. Default is the version in Chart.yaml. |
| `app_version` | "" | The helm chart app version. Default is the version in Chart.yaml. |
| `chart_publish` | `true` | If the chart should be published. |
| `chart_repo` | `$CI_API_V4_URL` | The chart repo url to upload to. |
| `chart_repo_user` | "" | The helm repo user name. Only needed if repo is NOT GitLab. |
| `chart_repo_user` | "" | The helm repo user name. Only needed if repo is NOT GitLab. |
| `rules` | *Default MR rules + Tags* | The rules when the job runs |
| Input | Default value | Description |
| ------------------ | ---------------------------------- | --------------------------------------------------------------------------------------- |
| `stage` | `build` | The stage where you want the job to be added |
| `job_name_prefix` | `HELM` | The CI job name prefix. |
| `image` | `alpine/helm:latest` | The container image for doing scanning |
| `chart` | *REQUIRED* | The helm chart path in the repo. |
| `chart_version` | "" | The helm chart version. Default is the version in Chart.yaml. |
| `app_version` | "" | The helm chart app version. Default is the version in Chart.yaml. |
| `chart_lint` | `true` | If the chart should be linted by helm & kubeconform (if installed). |
| `kubeconform_args` | `-summary -ignore-missing-schemas` | Arguments passed to kubeconform. Will only be run if installed & `chart_lint` is `true` |
| `chart_publish` | `true` | If the chart should be published. |
| `chart_repo` | `$CI_API_V4_URL` | The chart repo url to upload to. |
| `chart_repo_user` | "" | The helm repo user name. Only needed if repo is NOT GitLab. |
| `chart_repo_user` | "" | The helm repo user name. Only needed if repo is NOT GitLab. |
| `rules` | *Default MR rules + Tags* | The rules when the job runs |
## Variables

24
templates/helm-package.yml
View File

@@ -22,6 +22,12 @@ spec:
chart_publish:
type: boolean
default: true
chart_lint:
type: boolean
default: true
kubeconform_args:
type: string
default: -summary -ignore-missing-schemas
chart_repo_user:
type: string
default: ""
@@ -56,20 +62,30 @@ $[[ inputs.job_name_prefix ]]:package:
entrypoint: [""]
stage: build
variables:
HELM_APP_VERSION: $[[ inputs.chart_version ]]
HELM_CHART_VERSION: $[[ inputs.chart_version ]]
HELM_CHART_CHANNEL: stable
HELM_CHART_PATH: $[[ inputs.chart ]]
HELM_APP_VERSION: $[[ inputs.app_version ]]
HELM_CHART_VERSION: $[[ inputs.chart_version ]]
HELM_CHART_PUBLISH: $[[ inputs.chart_publish ]]
HELM_CHART_REPO: $[[ inputs.chart_repo ]]
HELM_CHART_CHANNEL: stable
HELM_REPO_USER: $[[ inputs.chart_repo_user ]]
HELM_REPO_PASSWORD: $[[ inputs.chart_repo_password ]]
script:
- echo "Using image $[[ inputs.image ]] on ${CI_COMMIT_REF_NAME}@${CI_COMMIT_SHORT_SHA}"
- !reference [.snippets, debian-core-tools]
- !reference [.snippets, alpine-core-tools]
- !reference [.snippets, kubeconform-install]
- !reference [.snippets, helm-install]
- |
# Lint & kubeconform chart
if [ "$[[ inputs.chart_lint ]]" = "true" ]; then
echo "Running helm lint..."
helm lint $HELM_CHART_PATH
if ! command -v kubeconform > /dev/null; then
echo "Running kubeconform with args \$[[ inputs.kubeconform_args ]]\"..."
helm template demo $HELM_CHART_PATH | kubeconform $[[ inputs.kubeconform_args ]]
fi
fi
- |
# Package
DEFAULT_HELM_CHART_VERSION=$(grep -w "version:" $HELM_CHART_PATH/Chart.yaml | awk '{print $2}' | tr -d '"')