-
Notifications
You must be signed in to change notification settings - Fork 0
160 lines (138 loc) · 5.02 KB
/
ci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
name: Release Charts
on:
push:
branches:
- main
tags:
- "*"
pull_request:
branches:
- main
env:
HELM_EXPERIMENTAL_OCI: 1
jobs:
release:
runs-on: ubuntu-latest
steps:
- name: Checkout Vaas Helm
uses: actions/checkout@v4
with:
fetch-depth: 0
path: vaas-helm
- name: Checkout Vaas Java SDK
uses: actions/checkout@v4
with:
repository: GDATASoftwareAG/vaas
path: vaas-sdks
- name: Configure Git
run: |
cd vaas-helm
git config user.name "$GITHUB_ACTOR"
git config user.email "[email protected]"
cd ..
- name: Install Helm
uses: azure/setup-helm@v4
with:
version: v3.13.3
- name: Install python
uses: actions/setup-python@v5
with:
python-version: 3
- name: Set up chart-testing
uses: helm/[email protected]
- name: Extract tag
id: extract_tag
run: |
version=$(grep '^version:' Chart.yaml | sed 's/"//g' | awk '{print $2}')
echo "Chart version is $version"
echo "CHART_VERSION=$version" >> $GITHUB_ENV
echo "CHART_VERSION=$version" >> $GITHUB_OUTPUT
working-directory: vaas-helm/charts/vaas
- name: Run chart-testing (lint)
run: ct lint --validate-maintainers=false --charts vaas-helm/charts/vaas
- name: Install Minikube
uses: manusa/[email protected]
with:
minikube version: v1.34.0
kubernetes version: v1.30.0
driver: docker
start args: --cpus 4 --memory 8192
- name: Set up kubectl
uses: azure/setup-kubectl@v4
with:
version: 'latest'
- name: Install Helm
uses: azure/setup-helm@v4
with:
version: v3.13.3
- name: Enable ingress
run: |
minikube addons enable ingress
minikube kubectl -- wait --namespace ingress-nginx \
--for=condition=ready pod \
--selector=app.kubernetes.io/component=controller \
--timeout=120s
- name: Deploy Helm Chart
run: |
cat <<EOF > values-local.yaml
global:
secret:
dockerconfigjson: "${{ secrets.DOCKER_CONFIG_JSON }}"
cloud:
hashLookup:
enabled: false
allowlistLookup:
enabled: false
gdscan:
autoUpdate:
networkPolicy:
k8sApiPort: 6443
EOF
helm dep up vaas-helm/charts/vaas
helm upgrade --install vaas vaas-helm/charts/vaas -f values-local.yaml -n vaas --create-namespace --debug
- name: Verify Pods
run: |
sleep 5
minikube kubectl -- get pods --namespace vaas || true
minikube kubectl -- wait --for=condition=ready pods --namespace vaas --timeout=300s --all
# - name: Run Java SDK Example
# run: |
# sudo echo "$(minikube ip) vaas" | sudo tee -a /etc/hosts
# sudo apt-get update
# sudo apt-get install -y openjdk-21-jdk
# export JAVA_HOME=/usr/lib/jvm/java-21-openjdk-amd64
# export PATH=$JAVA_HOME/bin:$PATH
# cd ./vaas-sdks/java/examples/VaasExample
# export SCAN_PATH=$(pwd)/build.gradle
# export CLIENT_ID=vaas
# export CLIENT_SECRET=$(minikube kubectl -- get secret -n vaas vaas-client-secret -o jsonpath="{.data.secret}" | base64 -d)
# export VAAS_URL=ws://vaas/ws
# export TOKEN_URL=http://vaas/auth/protocol/openid-connect/token
# gradle fileScan
# minikube kubectl -- logs -n vaas $(minikube kubectl -- get pods -n vaas -l app.kubernetes.io/name=gateway -o jsonpath="{.items[0].metadata.name}") | grep "Got verdict from store: Unknown"
# gradle fileScan
# minikube kubectl -- logs -n vaas $(minikube kubectl -- get pods -n vaas -l app.kubernetes.io/name=gateway -o jsonpath="{.items[0].metadata.name}") | grep "Got verdict from store: Clean"
# cd -
- name: Push chart
if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
uses: appany/[email protected]
with:
name: vaas
repository: gdatasoftwareag/charts
tag: $CHART_VERSION
path: vaas-helm/charts/vaas
registry: ghcr.io
registry_username: ${{ secrets.REGISTRY_USERNAME }}
registry_password: ${{ secrets.CR_TOKEN }}
update_dependencies: "true"
- name: create zipfile
run: zip -r vaas-helm.zip vaas-helm/charts/vaas/
- name: Github Release
uses: softprops/action-gh-release@v2
if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
with:
tag_name: ${{steps.extract_tag.outputs.CHART_VERSION}}
generate_release_notes: true
make_latest: true
files: |
vaas-helm.zip