[CI] Verify if readme files need updating #142
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| permissions: {} | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| jobs: | |
| lint-test: | |
| # name: Lint and Test Charts | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Helm | |
| uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # v4.3.1 | |
| with: | |
| # renovate: github=helm/helm | |
| version: v4.1.0 | |
| - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 | |
| with: | |
| python-version: "3.13" | |
| - name: Set up chart-testing | |
| uses: helm/chart-testing-action@6ec842c01de15ebb84c8627d2744a0c2f2755c9f # v2.8.0 | |
| with: | |
| # renovate: github=helm/chart-testing | |
| version: v3.14.0 | |
| - name: Run chart-testing (list-changed) | |
| id: list-changed | |
| run: | | |
| changed="$(ct list-changed --config .github/linters/ct.yaml)" | |
| if [[ -n "$changed" ]]; then | |
| echo "changed=true" >> "$GITHUB_OUTPUT" | |
| echo "changed_list=\"${changed//$'\n'/ }\"" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: install helm unittest plugin | |
| if: steps.list-changed.outputs.changed == 'true' | |
| run: helm plugin install https://github.com/helm-unittest/helm-unittest.git --version 1.0.3 --verify=false | |
| - name: Run chart-testing (lint) | |
| run: ct lint --config .github/linters/ct.yaml | |
| - name: Create kind cluster | |
| uses: helm/kind-action@92086f6be054225fa813e0a4b13787fc9088faab # v1.13.0 | |
| if: steps.list-changed.outputs.changed == 'true' | |
| - name: Apply Gateway API CRDs | |
| run: kubectl apply -k https://github.com/kubernetes-sigs/gateway-api/config/crd | |
| if: steps.list-changed.outputs.changed == 'true' | |
| # Needed for charts installing CRD resources (but not installing the CRD definitions) | |
| - name: Apply Prometheus Operator CRDs | |
| env: | |
| CHANGED_LIST: ${{ steps.list-changed.outputs.changed_list }} | |
| run: | | |
| helm install prometheus-operator-crds oci://ghcr.io/prometheus-community/charts/prometheus-operator-crds | |
| if: steps.list-changed.outputs.changed == 'true' | |
| - name: Run chart-testing (install) | |
| run: ct install --config .github/linters/ct.yaml | |
| check-codeowners-maintainers: | |
| name: Check CODEOWNERS & MAINTAINERS.md | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| - name: generate CODEOWNERS | |
| run: | | |
| ./scripts/check-codeowners.sh | tee .github/CODEOWNERS | |
| - name: check CODEOWNERS for modifications | |
| run: | | |
| git diff --exit-code | |
| - name: generate MAINTAINERS.md | |
| run: | | |
| ./scripts/check-maintainers.sh | tee MAINTAINERS.md | |
| - name: check MAINTAINERS.md for modifications | |
| run: | | |
| git diff --exit-code | |
| super-linter: | |
| name: Lint Code Base | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| fetch-depth: 0 | |
| - name: Lint Code Base | |
| uses: super-linter/super-linter/slim@61abc07d755095a68f4987d1c2c3d1d64408f1f9 # v8.5.0 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| LINTER_RULES_PATH: .github/linters | |
| MULTI_STATUS: false | |
| VALIDATE_ALL_CODEBASE: false | |
| VALIDATE_BASH: true | |
| VALIDATE_BASH_EXEC: true | |
| # VALIDATE_CHECKOV: true - always scans everything and all charts have too much errors | |
| VALIDATE_EDITORCONFIG: true | |
| VALIDATE_ENV: true | |
| VALIDATE_GITHUB_ACTIONS: true | |
| VALIDATE_GITLEAKS: true | |
| VALIDATE_JSON: true | |
| # VALIDATE_MARKDOWN: true #TODO: fix lint issues | |
| # VALIDATE_NATURAL_LANGUAGE: true #TODO: fix lint issues | |
| VALIDATE_PYTHON: true | |
| VALIDATE_RENOVATE: true # does not support newest renovate config | |
| VALIDATE_SHELL_SHFMT: true | |
| VALIDATE_XML: true | |
| validate-pr: | |
| name: Validate PR Metadata | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| fetch-depth: 0 | |
| persist-credentials: 'false' | |
| - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 | |
| with: | |
| python-version: "3.13" | |
| - name: Set up chart-testing | |
| uses: helm/chart-testing-action@6ec842c01de15ebb84c8627d2744a0c2f2755c9f # v2.8.0 | |
| with: | |
| # renovate: github=helm/chart-testing | |
| version: v3.14.0 | |
| - name: Run chart-testing (list-changed) | |
| id: list-changed | |
| run: | | |
| changed="$(ct list-changed --config .github/linters/ct.yaml)" | |
| if [[ -n "$changed" ]]; then | |
| echo "changed=true" >> "$GITHUB_OUTPUT" | |
| echo "changed_list=\"${changed//$'\n'/ }\"" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: check for multiple chart changes | |
| if: steps.list-changed.outputs.changed == 'true' | |
| run: | | |
| COUNT=$(echo "$CHANGED_LIST" | wc -w) | |
| if [ "$COUNT" -gt 1 ]; then | |
| echo "Error: Multiple charts changed ($COUNT). Please create separate PRs for each chart." >&2 | |
| exit 1 | |
| fi | |
| env: | |
| CHANGED_LIST: ${{ steps.list-changed.outputs.changed_list }} | |
| - name: check for PR title format | |
| if: steps.list-changed.outputs.changed == 'true' | |
| run: | | |
| CHANGED_LIST="${CHANGED_LIST//\"/}" | |
| # Derive chart name from the changed path and validate it. | |
| if [[ "$CHANGED_LIST" == */* ]]; then | |
| CHART_NAME="${CHANGED_LIST##*/}" | |
| else | |
| echo "Error: Unexpected chart identifier '$CHANGED_LIST'. Expected a path containing '/'." >&2 | |
| exit 1 | |
| fi | |
| if [[ -z "$CHART_NAME" ]]; then | |
| echo "Error: Derived chart name is empty. Original value: '$CHANGED_LIST'." >&2 | |
| exit 1 | |
| fi | |
| # Optional sanity check: ensure chart name contains only expected characters. | |
| if ! [[ "$CHART_NAME" =~ ^[a-zA-Z0-9._-]+$ ]]; then | |
| echo "Error: Derived chart name '$CHART_NAME' contains unexpected characters." >&2 | |
| exit 1 | |
| fi | |
| if [[ "$PR_TITLE" != "[${CHART_NAME}] "* ]]; then | |
| echo "PR title must start with '[${CHART_NAME}] '." >&2 | |
| exit 1 | |
| fi | |
| env: | |
| CHANGED_LIST: ${{ steps.list-changed.outputs.changed_list }} | |
| PR_TITLE: ${{ github.event.pull_request.title }} | |
| renovate-auto-merge: | |
| name: Auto-approve PRs from Renovate | |
| runs-on: ubuntu-24.04 | |
| needs: | |
| - lint-test | |
| - check-codeowners-maintainers | |
| - super-linter | |
| if: >- | |
| github.event.pull_request.head.repo.full_name == github.repository | |
| && contains(github.event.pull_request.labels.*.name, 'dependencies/auto-merge') | |
| && (github.actor == 'renovate[bot]' || github.actor == 'mend[bot]' || github.actor == 'helm-charts-renovate-helper[bot]') | |
| steps: | |
| # Using a GitHub App token, because GitHub Actions doesn't run on commits from github-actions bot | |
| # Used App: | |
| # https://github.com/organizations/prometheus-community/settings/apps/helm-charts-renovate-helper. | |
| # Ref: https://github.com/prometheus-community/helm-charts/issues/5213. | |
| - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 | |
| id: app-token | |
| with: | |
| app-id: ${{ secrets.APP_RENOVATE_HELPER_APP_ID }} | |
| private-key: ${{ secrets.APP_RENOVATE_HELPER_PRIVATE_KEY }} | |
| - name: Approve PR | |
| run: | | |
| gh pr review ${{ github.event.pull_request.number }} --approve --repo "${{ github.repository }}" | |
| gh pr merge ${{ github.event.pull_request.number }} --admin --squash --repo "${{ github.repository }}" --match-head-commit "${{ github.event.pull_request.head.sha }}" --delete-branch | |
| env: | |
| GITHUB_TOKEN: ${{ steps.app-token.outputs.token }} | |
| validate-readme: | |
| name: Validate chart README files | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| persist-credentials: 'false' | |
| - name: Check if helm-docs are up to date | |
| uses: losisin/helm-docs-github-action@6f957579ac122ecc167bf515fe84e828686c9a15 # v1.7.1 | |
| with: | |
| fail-on-diff: true |