fix: upgrade argo events to resolve security vulnerability #315
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## Reference: https://github.com/helm/chart-testing-action | |
name: Linting and Testing | |
on: pull_request | |
permissions: | |
contents: read | |
jobs: | |
linter-artifacthub: | |
runs-on: ubuntu-latest | |
container: | |
image: public.ecr.aws/artifacthub/ah:v1.14.0 | |
options: --user 1001 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
- name: Run ah lint | |
working-directory: ./charts | |
run: ah lint | |
chart-test: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
with: | |
fetch-depth: 0 | |
- name: Set up Helm | |
uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 | |
with: | |
version: v3.10.1 # Also update in publish.yaml | |
- name: Set up python | |
uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 | |
with: | |
python-version: 3.9 | |
- name: Setup Chart Linting | |
id: lint | |
uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1 | |
with: | |
# Note: Also update in scripts/lint.sh | |
version: v3.10.0 | |
- name: List changed charts | |
id: list-changed | |
run: | | |
## If executed with debug this won't work anymore. | |
changed=$(ct --config ./.github/configs/ct-lint.yaml --target-branch ${{ github.base_ref }} list-changed) | |
charts=$(echo "$changed" | tr '\n' ' ' | xargs) | |
if [[ -n "$changed" ]]; then | |
echo "changed=true" >> $GITHUB_OUTPUT | |
echo "changed_charts=$charts" >> $GITHUB_OUTPUT | |
fi | |
- name: Run chart-testing (lint) | |
run: ct lint --debug --config ./.github/configs/ct-lint.yaml --target-branch ${{ github.base_ref }} --lint-conf ./.github/configs/lintconf.yaml | |
- name: Run docs-testing (helm-docs) | |
id: helm-docs | |
run: | | |
./scripts/helm-docs.sh | |
if [[ $(git diff --stat) != '' ]]; then | |
echo -e '\033[0;31mDocumentation outdated!\033[0m ❌' | |
git diff --color | |
exit 1 | |
else | |
echo -e '\033[0;32mDocumentation up to date\033[0m ✔' | |
fi | |
- name: Create kind cluster | |
uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0 | |
if: steps.list-changed.outputs.changed == 'true' | |
with: | |
config: .github/configs/kind-config.yaml | |
- name: Deploy latest ArgoCD CRDs when testing ArgoCD extensions | |
if: | | |
contains(steps.list-changed.outputs.changed_charts, 'argocd-image-updater') || | |
contains(steps.list-changed.outputs.changed_charts, 'argocd-apps') | |
run: | | |
helm repo add dandydeveloper https://dandydeveloper.github.io/charts/ | |
helm dependency build charts/argo-cd/ | |
helm template charts/argo-cd/ --set server.extensions.enabled=true -s templates/crds/* | kubectl apply -f - | |
- name: Skip HPA tests of ArgoCD | |
if: contains(steps.list-changed.outputs.changed_charts, 'argo-cd') | |
run: | | |
## Metrics API not available in kind cluster | |
rm charts/argo-cd/ci/ha-autoscaling-values.yaml | |
- name: Deploy codefresh specific API Objects | |
run: | | |
kubectl create ns ${{ github.base_ref }} | |
kubectl -n ${{ github.base_ref }} apply -f .github/configs/codefresh-k8s.yaml | |
- name: Create an external redis for ArgoCD externalRedis feature | |
if: contains(steps.list-changed.outputs.changed_charts, 'argo-cd') | |
run: | | |
kubectl create namespace redis | |
helm repo add bitnami https://charts.bitnami.com/bitnami | |
helm install redis bitnami/redis --wait --namespace redis --set auth.password=argocd --set architecture=standalone | |
- name: Run chart-testing (install) | |
run: ct install --config ./.github/configs/ct-install.yaml --target-branch ${{ github.base_ref }} --namespace ${{ github.base_ref }} | |
if: steps.list-changed.outputs.changed == 'true' |