Merge pull request #6 from weave-lab/ct-pod-security-context-version-3 #46
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow: | |
| # - lints the chart, runs tests and verifies documentation is up to date | |
| # Additionally if the event isn't a pull-request (and hence a merge/push to main): | |
| # - sync README to gh-pages branch | |
| # - release a new chart version if the version isn't already released | |
| name: CI/CD | |
| on: | |
| push: | |
| branches: | |
| - build | |
| pull_request: | |
| # Cancel previous PR builds. | |
| concurrency: | |
| # Cancel all workflow runs except latest within a concurrency group. This is achieved by defining a concurrency group for the PR. | |
| # Non-PR builds have singleton concurrency groups. | |
| group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && github.event.number || github.sha }} | |
| cancel-in-progress: true | |
| jobs: | |
| lint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up chart-testing | |
| uses: helm/[email protected] | |
| - name: Lint charts | |
| run: ct lint --charts=charts/trino --validate-maintainers=false | |
| # test: | |
| # runs-on: ubuntu-latest | |
| # name: test ${{ matrix.label }} | |
| # strategy: | |
| # fail-fast: false | |
| # matrix: | |
| # include: | |
| # - { label: default, args: '' } | |
| # # last Trino version that requires JDK 21 | |
| # - { label: 446, args: '-a "--set image.tag=446"' } | |
| # # last Trino version that requires JDK 17 | |
| # - { label: 435, args: '-a "--set image.tag=435"' } | |
| # # skip cleanup to test deploying multiple releases in a single namespace | |
| # - { label: overrides, args: '-s -t default,overrides' } | |
| # steps: | |
| # - uses: actions/checkout@v4 | |
| # - name: Set up Helm | |
| # uses: azure/setup-helm@v4 | |
| # with: | |
| # version: v3.14.4 | |
| # - name: Set up chart-testing | |
| # uses: helm/[email protected] | |
| # - name: Create kind cluster | |
| # uses: helm/[email protected] | |
| # - name: Run tests | |
| # run: ./test.sh ${{ matrix.args }} | |
| docs: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.x' | |
| - uses: pre-commit/[email protected] | |
| # Everything above is CI, everything here and below is for releases and runs only on non-pull-request events | |
| sync-readme: | |
| needs: [lint, docs] | |
| runs-on: ubuntu-latest | |
| if: github.event_name != 'pull_request' | |
| steps: | |
| - name: Checkout main | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: build | |
| path: main | |
| - name: Checkout gh-pages | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: gh-pages | |
| path: gh-pages | |
| - name: Copy all README files from main to gh-pages | |
| run: | | |
| cd main | |
| # cp --parents preserves directory structure | |
| find . -name 'README.md' -exec cp --parents '{}' "../gh-pages/" ';' | |
| - name: Commit changes to gh-pages and push | |
| run: | | |
| cd gh-pages | |
| git add . | |
| git config user.name "GITHUB_ACTOR" | |
| git config user.email "[email protected]" | |
| # Commit only if changes exist to avoid failure in this step | |
| git diff-index --quiet HEAD || git commit --signoff -m "Sync READMEs from main" | |
| git push | |
| release: | |
| needs: [lint, docs, sync-readme] | |
| runs-on: ubuntu-latest | |
| if: github.event_name != 'pull_request' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Configure Git | |
| run: | | |
| git config user.name "$GITHUB_ACTOR" | |
| git config user.email "[email protected]" | |
| - name: Release charts | |
| uses: helm/[email protected] | |
| env: | |
| CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | |
| CR_GENERATE_RELEASE_NOTES: true | |
| # If we didn't bump the chart version then we can skip the release | |
| CR_SKIP_EXISTING: false |