Kubernetes - Lint, Test, and Publish Helm Charts

feat(helm): Cogstack CE - Opensearch dashboard provisioning #123

Workflow file for this run

.github/workflows/kubernetes-charts-build.yaml at 0d42b51

	name: Kubernetes - Lint, Test, and Publish Helm Charts

	on:
	push:
	branches: [main]
	tags:
	- "helm-charts-v..*" # e.g., helm-charts-v0.1.1
	paths:
	- "deployment/kubernetes/charts/**"
	- ".github/workflows/kubernetes-charts-build**"
	pull_request:
	paths:
	- "deployment/kubernetes/charts/**"
	- ".github/workflows/kubernetes**"

	defaults:
	run:
	working-directory: ./deployment/kubernetes

	jobs:
	helm-lint-test:
	runs-on: ubuntu-latest
	if: github.event.pull_request.user.login != 'dependabot[bot]' && github.repository == 'CogStack/cogstack-platform-toolkit'
	steps:
	- name: Checkout
	uses: actions/checkout@v5.0.0
	with:
	fetch-depth: 0

	- name: Set up Helm
	uses: azure/setup-helm@v4.3.1

	- uses: actions/setup-python@v6.0.0
	with:
	python-version: "3.x"
	check-latest: true

	- name: Set up chart-testing
	uses: helm/chart-testing-action@v2.8.0

	- name: Run chart-testing (list-changed)
	id: list-changed
	working-directory: .
	run: \|
	changed=$(ct list-changed --config .github/linters/ct.yaml)
	if [[ -n "$changed" ]]; then
	echo "changed=true" >> "$GITHUB_OUTPUT"
	fi

	- name: Recursive dependency update (all charts, including nested)
	working-directory: .
	run: \|
	# Run twice so nested subcharts (like cogstack-jupyterhub -> jupyterhub) are fully updated
	for _ in 1 2; do
	# Find every Chart.yaml under deployment/kubernetes/charts and run helm dependency update in its directory
	while IFS= read -r chartfile; do
	chart_dir="$(dirname "$chartfile")"
	if grep -q "^dependencies:" "$chartfile" 2>/dev/null; then
	echo "Updating dependencies for $chart_dir"
	helm dependency update "$chart_dir"
	fi
	done < <(find deployment/kubernetes/charts -type f -name Chart.yaml)
	done

	- name: Run chart-testing (lint)
	if: steps.list-changed.outputs.changed == 'true'
	working-directory: .
	env:
	CT_CHECK_VERSION_INCREMENT: "false"
	run: ct lint --config .github/linters/ct.yaml

	- name: Create kind cluster
	if: steps.list-changed.outputs.changed == 'true'
	uses: helm/kind-action@v1.12.0

	- name: Run chart-testing (install)
	if: steps.list-changed.outputs.changed == 'true'
	working-directory: .
	run: ct install --config .github/linters/ct.yaml

	helm-publish:
	runs-on: ubuntu-latest
	needs: helm-lint-test
	permissions:
	contents: write
	env:
	DEFAULT_CHART_VERSION: 0.0.1
	steps:
	- name: Log in to Docker Hub
	uses: docker/login-action@v1
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_TOKEN }}

	- name: Set up Helm
	uses: azure/setup-helm@v4.2.0
	with:
	version: v3.17.0

	- name: Checkout
	uses: actions/checkout@v5

	- name: Determine version
	id: version
	run: \|
	if [[ "${GITHUB_REF_TYPE}" == "tag" ]]; then
	# Strip the tag prefix helm-charts-v
	CHART_VERSION="${GITHUB_REF_NAME#helm-charts-v}"
	else
	CHART_VERSION="$DEFAULT_CHART_VERSION"
	fi
	echo "chart_version=$CHART_VERSION" >> "$GITHUB_OUTPUT"

	- name: Recursive dependency update (all charts, including nested)
	# Waiting on helm recursive feature https://github.com/helm/helm/pull/30855
	# Could alternatively switch to helm "cascade" plugin
	working-directory: .
	run: \|
	# Run twice so nested subcharts (like cogstack-jupyterhub -> jupyterhub) are fully updated
	for _ in 1 2; do
	# Find every Chart.yaml under deployment/kubernetes/charts and run helm dependency update in its directory
	while IFS= read -r chartfile; do
	chart_dir="$(dirname "$chartfile")"
	if grep -q "^dependencies:" "$chartfile" 2>/dev/null; then
	echo "Updating dependencies for $chart_dir"
	helm dependency update "$chart_dir"
	fi
	done < <(find deployment/kubernetes/charts -type f -name Chart.yaml)
	done

	- name: Package Helm Charts
	# TODO: List the dir instead of hardcoding each one
	run: \|
	helm package ./charts/medcat-service-helm --version ${{ steps.version.outputs.chart_version }}
	helm package ./charts/medcat-trainer-helm --version ${{ steps.version.outputs.chart_version }} --dependency-update
	helm package ./charts/cogstack-helm-ce --version ${{ steps.version.outputs.chart_version }} --dependency-update

	- name: Helm OCI login to Docker Hub
	run: helm registry login registry-1.docker.io -u ${{ secrets.DOCKERHUB_USERNAME }} -p ${{ secrets.DOCKERHUB_TOKEN }}

	- name: Push Helm Chart to Docker Hub OCI
	run: \|
	helm push ./medcat-service-helm-${{ steps.version.outputs.chart_version }}.tgz oci://registry-1.docker.io/cogstacksystems
	helm push ./medcat-trainer-helm-${{ steps.version.outputs.chart_version }}.tgz oci://registry-1.docker.io/cogstacksystems
	helm push ./cogstack-helm-ce-${{ steps.version.outputs.chart_version }}.tgz oci://registry-1.docker.io/cogstacksystems

	- name: Release
	uses: softprops/action-gh-release@v2
	if: github.ref_type == 'tag'
	with:
	draft: true
	files: \|
	./deployment/kubernetes/*.tgz

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat(helm): Cogstack CE - Opensearch dashboard provisioning #123

Workflow file

feat(helm): Cogstack CE - Opensearch dashboard provisioning #123

Uh oh!

Workflow file for this run