enterprise 5.11 release #904
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Test using kind and chart-testing tool" | |
on: | |
pull_request: | |
paths: | |
- 'stable/**' | |
permissions: | |
contents: read | |
jobs: | |
test: | |
strategy: | |
fail-fast: false | |
matrix: | |
kubernetesVersion: ["v1.28.7", "v1.29.2", "v1.30.0", "v1.31.0"] | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0 | |
- name: Fetch history | |
run: git fetch --prune --unshallow | |
- name: Shellcheck | |
uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38 # 2.0.0 | |
- uses: actions/setup-python@e9aba2c848f5ebd159c070c61ea2c4e2b122355e # v2.3.4 | |
with: | |
python-version: 3.7 | |
- name: Set up Helm | |
uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5 | |
with: | |
version: v3.8.0 | |
- name: Set up chart-testing | |
uses: helm/chart-testing-action@b43128a8b25298e1e7b043b78ea6613844e079b1 # v2.7.0 | |
- name: Run chart-testing (list-changed) | |
id: list-changed | |
run: | | |
changed=$(ct list-changed --config 'ct-config.yaml' --target-branch ${{ github.event.pull_request.base.ref }}) | |
if [[ -n "$changed" ]]; then | |
echo "CHANGED=true" >> "$GITHUB_OUTPUT" | |
fi | |
- name: Run chart-testing (lint) | |
id: lint | |
run: ct lint --config 'ct-config.yaml' | |
if: steps.list-changed.outputs.CHANGED == 'true' && github.event.pull_request.base.ref == 'main' | |
- name: Run chart-testing but skip version check (lint) | |
id: lintskipversion | |
run: ct lint --config 'ct-config.yaml' --check-version-increment=false | |
if: steps.list-changed.outputs.CHANGED == 'true' && github.event.pull_request.base.ref != 'main' | |
- name: Install kind | |
if: steps.list-changed.outputs.CHANGED == 'true' | |
uses: helm/kind-action@dda0770415bac9fc20092cacbc54aa298604d140 # v1.8.0 | |
with: | |
node_image: "kindest/node:${{ matrix.kubernetesVersion }}" | |
config: kind-config.yaml | |
wait: 600s | |
- name: Check kind nodes | |
if: steps.list-changed.outputs.CHANGED == 'true' | |
run: kubectl describe nodes | |
- name: Create pullcreds and license secrets | |
if: steps.list-changed.outputs.CHANGED == 'true' | |
run: | | |
kubectl create namespace anchore | |
echo "${ANCHORE_LICENSE}" | base64 --decode > /tmp/anchore-license | |
kubectl --namespace anchore create secret generic anchore-enterprise-license --from-file=license.yaml=/tmp/anchore-license | |
kubectl --namespace anchore create secret docker-registry anchore-enterprise-pullcreds --docker-server=docker.io --docker-username="${DOCKER_USER}" --docker-password="${DOCKER_PASS}" | |
env: | |
ANCHORE_LICENSE: ${{ secrets.B64_ANCHORE_LICENSE }} | |
DOCKER_USER: ${{ secrets.ANCHOREREADONLY_DH_USERNAME }} | |
DOCKER_PASS: ${{ secrets.ANCHOREREADONLY_DH_PAT }} | |
- name: Check if anchore-engine endpoint is required for admission controller chart | |
id: engine_required | |
run: | | |
if [[ -n $(git diff --name-only ${{ github.event.pull_request.base.sha }} ${{ github.sha }} | grep 'anchore-admission-controller') ]]; then | |
echo "File in the 'stable/anchore-admission-controller' directory was changed. We need an engine deployment" | |
echo "::set-output name=changed::true" | |
else | |
echo "No files in 'stable/anchore-admission-controller' directory were changed. Skipping engine deployment" | |
echo "::set-output name=changed::false" | |
fi | |
shell: bash | |
- name: Deploy Engine | |
if: steps.engine_required.outputs.changed == 'true' | |
run: | | |
helm install engine anchore/anchore-engine --namespace anchore --wait | |
kubectl --namespace anchore get pods | |
- name: Run chart-testing | |
if: steps.list-changed.outputs.CHANGED == 'true' | |
run: ct install --config ct-config.yaml --helm-extra-args "--timeout 600s" |