chore(deps): update module helm.sh/helm/v3 to v3.13.1 #1362
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: build | |
on: | |
push: | |
branches: | |
- master | |
- renovate/** | |
paths-ignore: | |
- "**.md" | |
- "img/**" | |
- "test/**" | |
- ".gitignore" | |
- "docker/**" | |
- "helm/**" | |
- "renovate.json" | |
- ".krew.yaml" | |
pull_request: | |
branches: | |
- master | |
paths-ignore: | |
- "**.md" | |
- "img/**" | |
- "test/**" | |
- ".gitignore" | |
- "docker/**" | |
- "helm/**" | |
- "renovate.json" | |
- ".krew.yaml" | |
concurrency: | |
group: build-${{ github.event.pull_request.number || github.ref }} | |
cancel-in-progress: true | |
jobs: | |
build: | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
- name: Install go | |
uses: actions/[email protected] | |
with: | |
go-version-file: go.mod | |
- name: Ensure go.mod is already tidied | |
run: go mod tidy && git diff --no-patch --exit-code | |
- name: Run linters | |
uses: golangci/[email protected] | |
with: | |
# renovate: depName=golangci/golangci-lint datasource=github-releases | |
version: v1.54.2 | |
args: --timeout=10m0s | |
- name: Build with Goreleaser | |
if: ${{ always() }} | |
uses: goreleaser/[email protected] | |
with: | |
# renovate: depName=goreleaser/goreleaser datasource=github-releases | |
version: v1.21.2 | |
args: build --snapshot --clean --single-target | |
test: | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
- name: Install go | |
uses: actions/[email protected] | |
with: | |
go-version-file: go.mod | |
- name: Install richgo | |
# renovate: depName=kyoh86/richgo | |
run: go install github.com/kyoh86/[email protected] | |
- name: Install helm | |
run: curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash | |
- name: Install cilium-cli | |
env: | |
# renovate: depName=cilium/cilium-cli datasource=github-releases | |
CILIUM_CLI_VERSION: v0.15.10 | |
run: | | |
wget https://github.com/cilium/cilium-cli/releases/download/${CILIUM_CLI_VERSION}/cilium-linux-amd64.tar.gz | |
sudo tar xzvfC cilium-linux-amd64.tar.gz /usr/local/bin | |
rm cilium-linux-amd64.tar.gz | |
- name: kind-1 - Create cluster | |
uses: helm/[email protected] | |
with: | |
cluster_name: kind-1 | |
# renovate: depName=kubernetes-sigs/kind datasource=github-releases | |
version: v0.20.0 | |
config: test/kind-config.yaml | |
- name: kind-1 - Create metallb-system namespace | |
run: kubectl create namespace metallb-system --dry-run=client -oyaml | kubectl apply -f - | |
- name: kind-1 - Install allow-all network policies on system namespaces | |
run: | | |
kubectl -n kube-system apply -f test/netpol-allow-all.yaml | |
kubectl -n local-path-storage apply -f test/netpol-allow-all.yaml | |
kubectl -n metallb-system apply -f test/netpol-allow-all.yaml | |
- name: kind-1 - Install Cilium with default-deny policy | |
run: cilium install --set policyEnforcementMode=always | |
- name: kind-1 - Install MetalLB | |
env: | |
# renovate: depName=metallb datasource=helm registryUrl=https://charts.bitnami.com/bitnami | |
METALLB_CHART_VERSION: 4.7.9 | |
run: | | |
MANIFESTS_PATH=/tmp/metallb-manifests.yaml | |
ADDRESS_RANGE_PREFIX=$(docker network inspect -f '{{(index .IPAM.Config 0).Subnet}}' kind | cut -d. -f1-3) | |
export ADDRESS_RANGE=${ADDRESS_RANGE_PREFIX}.240-${ADDRESS_RANGE_PREFIX}.255 | |
envsubst < test/metallb-manifests.yaml > $MANIFESTS_PATH | |
helm repo add bitnami https://charts.bitnami.com/bitnami | |
helm upgrade metallb \ | |
--install bitnami/metallb \ | |
--namespace metallb-system \ | |
--version ${METALLB_CHART_VERSION} \ | |
--atomic \ | |
--set networkPolicy.enabled=true | |
helm -n metallb-system get values metallb | |
echo "MetalLB rendered manifests:" | |
cat $MANIFESTS_PATH | |
kubectl apply -f $MANIFESTS_PATH | |
- name: kind-1 - Wait for all pods in the cluster to be ready | |
run: | | |
for i in $(seq 1 10); do | |
echo "Attempt: $i" | |
kubectl wait pod --for=condition=Ready --all --all-namespaces && break; | |
sleep 5; | |
done | |
- name: kind-2 - Create cluster | |
uses: helm/[email protected] | |
env: | |
KUBECONFIG: /home/runner/.kube/kind-2.yaml | |
with: | |
cluster_name: kind-2 | |
# renovate: depName=kubernetes-sigs/kind datasource=github-releases | |
version: v0.20.0 | |
config: test/kind-config.yaml | |
- name: kind-2 - Install allow-all network policies on system namespaces | |
env: | |
KUBECONFIG: /home/runner/.kube/kind-2.yaml | |
run: | | |
kubectl -n kube-system apply -f test/netpol-allow-all.yaml | |
kubectl -n local-path-storage apply -f test/netpol-allow-all.yaml | |
- name: kind-2 - Install Cilium with default-deny policy | |
env: | |
KUBECONFIG: /home/runner/.kube/kind-2.yaml | |
run: cilium install --set policyEnforcementMode=always | |
- name: kind-2 - Wait for all pods in the cluster to be ready | |
env: | |
KUBECONFIG: /home/runner/.kube/kind-2.yaml | |
run: | | |
for i in $(seq 1 10); do | |
echo "Attempt: $i" | |
kubectl wait pod --for=condition=Ready --all --all-namespaces && break; | |
sleep 5; | |
done | |
- name: Run tests | |
env: | |
RICHGO_FORCE_COLOR: "1" | |
PVMIG_TEST_EXTRA_KUBECONFIG: /home/runner/.kube/kind-2.yaml | |
run: richgo test -tags integration -race -coverpkg=./... -coverprofile=coverage.txt -covermode=atomic -timeout 20m -v ./... | |
- name: Send coverage | |
uses: codecov/[email protected] | |
with: | |
files: coverage.txt |