From dbd7bf1354f0f25564f602276d44cb17913e0f9f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 11 Apr 2024 08:42:24 +0200 Subject: [PATCH 01/22] Bump sigstore/cosign-installer from 3.3.0 to 3.5.0 in the actions group (#143) Bumps the actions group with 1 update: [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer). Updates `sigstore/cosign-installer` from 3.3.0 to 3.5.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/9614fae9e5c5eddabb09f90a270fcb487c9f7149...59acb6260d9c0ba8f4a2f9d9b48431a222b68e20) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index b4d131b..a7efee4 100644 --- a/action.yml +++ b/action.yml @@ -20,7 +20,7 @@ inputs: runs: using: composite steps: - - uses: sigstore/cosign-installer@9614fae9e5c5eddabb09f90a270fcb487c9f7149 # v3.3.0 + - uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0 - run: | cd $GITHUB_ACTION_PATH \ && ./ct.sh \ From af96d800b1be6aab4e5770afe641ba93d52e3c8d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Francisco=20Robles=20Mart=C3=ADn?= Date: Sun, 21 Apr 2024 15:14:03 +0200 Subject: [PATCH 02/22] docs: update all version references to latest versions (#141) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * docs: update all version references to latest versions Signed-off-by: Francisco Robles Martín * Update README.md Co-authored-by: Thiago Perrotta Signed-off-by: Francisco Robles Martín --------- Signed-off-by: Francisco Robles Martín Co-authored-by: Thiago Perrotta --- README.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 55d92f9..60c27ad 100644 --- a/README.md +++ b/README.md @@ -15,9 +15,9 @@ A GitHub Action for installing the [helm/chart-testing](https://github.com/helm/ For more information on inputs, see the [API Documentation](https://developer.github.com/v3/repos/releases/#input) -- `version`: The chart-testing version to install (default: `3.9.0`) -- `yamllint_version`: The chart-testing version to install (default: `1.27.1`) -- `yamale_version`: The chart-testing version to install (default: `3.0.4`) +- `version`: The chart-testing version to install (default: `3.10.1`) +- `yamllint_version`: The `yamllint` version to install (default: `1.27.1`) +- `yamale_version`: The `yamale` version to install (default: `3.0.4`) ### Example Workflow @@ -44,15 +44,15 @@ jobs: - name: Set up Helm uses: azure/setup-helm@v3 with: - version: v3.12.1 + version: v3.14.0 - uses: actions/setup-python@v4 with: - python-version: '3.10' + python-version: '3.12' check-latest: true - name: Set up chart-testing - uses: helm/chart-testing-action@v2.6.0 + uses: helm/chart-testing-action@v2.6.1 - name: Run chart-testing (list-changed) id: list-changed From 16c6be374ac50a5ef2faa6a755d2fad76a94c9fd Mon Sep 17 00:00:00 2001 From: Carlos Tadeu Panato Junior Date: Sun, 28 Apr 2024 12:10:39 +0200 Subject: [PATCH 03/22] update ct to v3.11.0 / yamlint to 1.33.0 / yamale to 4.0.4 / add e2e test (#144) * update ct to v3.11.0 / yamlint to 1.33.0 / yamale to 4.0.4 Signed-off-by: cpanato * add e2e test Signed-off-by: cpanato --------- Signed-off-by: cpanato --- .github/workflows/test-action.yml | 54 +++++++++++++++++-- README.md | 18 +++---- action.yml | 6 +-- ct.sh | 6 +-- testdata/simple-deployment/Chart.yaml | 8 +++ testdata/simple-deployment/README.md | 4 ++ .../simple-deployment/templates/_helpers.tpl | 32 +++++++++++ .../templates/deployment.yaml | 29 ++++++++++ testdata/simple-deployment/values.yaml | 11 ++++ 9 files changed, 149 insertions(+), 19 deletions(-) create mode 100644 testdata/simple-deployment/Chart.yaml create mode 100644 testdata/simple-deployment/README.md create mode 100644 testdata/simple-deployment/templates/_helpers.tpl create mode 100644 testdata/simple-deployment/templates/deployment.yaml create mode 100644 testdata/simple-deployment/values.yaml diff --git a/.github/workflows/test-action.yml b/.github/workflows/test-action.yml index dbb9cb3..15a79ee 100644 --- a/.github/workflows/test-action.yml +++ b/.github/workflows/test-action.yml @@ -9,7 +9,7 @@ jobs: name: Install chart-testing and test presence in path steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 - name: Install chart-testing uses: ./ - name: Check install! @@ -17,8 +17,8 @@ jobs: ct version CT_VERSION_OUTPUT=$(ct version 2>&1 /dev/null) ACTUAL_VERSION=$(echo "$CT_VERSION_OUTPUT" | grep Version | rev | cut -d ' ' -f1 | rev) - if [[ $ACTUAL_VERSION != 'v3.10.1' ]]; then - echo 'should be v3.10.1' + if [[ $ACTUAL_VERSION != 'v3.11.0' ]]; then + echo 'should be v3.11.0' exit 1 else exit 0 @@ -38,7 +38,7 @@ jobs: name: Install Custom chart-testing and test presence in path steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 - name: Install chart-testing uses: ./ with: @@ -65,3 +65,49 @@ jobs: else exit 0 fi + + test_ct_action_with_helm: + runs-on: ubuntu-latest + + name: run action to test a helm chart + steps: + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + with: + fetch-depth: 0 + + - name: Set up Helm + uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 + with: + version: v3.14.4 + + - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + with: + python-version: '3.x' + check-latest: true + + - name: Install chart-testing + uses: ./ + + - run: | + sed -i "s/version: .*/version: 2.0.0/" testdata/simple-deployment/Chart.yaml + cat testdata/simple-deployment/Chart.yaml + + - name: Run chart-testing (list-changed) + id: list-changed + run: | + changed=$(ct list-changed --chart-dirs=testdata --target-branch ${{ github.event.repository.default_branch }}) + if [[ -n "$changed" ]]; then + echo "changed=true" >> "$GITHUB_OUTPUT" + fi + + - name: Run chart-testing (lint) + if: steps.list-changed.outputs.changed == 'true' + run: ct lint --chart-dirs=testdata --target-branch ${{ github.event.repository.default_branch }} + + - name: Create kind cluster + if: steps.list-changed.outputs.changed == 'true' + uses: helm/kind-action@v1.10.0 + + - name: Run chart-testing (install) + if: steps.list-changed.outputs.changed == 'true' + run: ct install --chart-dirs=testdata --target-branch ${{ github.event.repository.default_branch }} diff --git a/README.md b/README.md index 60c27ad..c9f8b80 100644 --- a/README.md +++ b/README.md @@ -15,9 +15,9 @@ A GitHub Action for installing the [helm/chart-testing](https://github.com/helm/ For more information on inputs, see the [API Documentation](https://developer.github.com/v3/repos/releases/#input) -- `version`: The chart-testing version to install (default: `3.10.1`) -- `yamllint_version`: The `yamllint` version to install (default: `1.27.1`) -- `yamale_version`: The `yamale` version to install (default: `3.0.4`) +- `version`: The chart-testing version to install (default: `3.11.0`) +- `yamllint_version`: The `yamllint` version to install (default: `1.33.0`) +- `yamale_version`: The `yamale` version to install (default: `4.0.4`) ### Example Workflow @@ -42,17 +42,17 @@ jobs: fetch-depth: 0 - name: Set up Helm - uses: azure/setup-helm@v3 + uses: azure/setup-helm@v4.2.0 with: - version: v3.14.0 + version: v3.14.4 - - uses: actions/setup-python@v4 + - uses: actions/setup-python@v5 with: - python-version: '3.12' + python-version: '3.x' check-latest: true - name: Set up chart-testing - uses: helm/chart-testing-action@v2.6.1 + uses: helm/chart-testing-action@v2.7.0 - name: Run chart-testing (list-changed) id: list-changed @@ -68,7 +68,7 @@ jobs: - name: Create kind cluster if: steps.list-changed.outputs.changed == 'true' - uses: helm/kind-action@v1.8.0 + uses: helm/kind-action@v1.10.0 - name: Run chart-testing (install) if: steps.list-changed.outputs.changed == 'true' diff --git a/action.yml b/action.yml index a7efee4..315f15a 100644 --- a/action.yml +++ b/action.yml @@ -8,15 +8,15 @@ inputs: version: description: "The chart-testing version to install (default: 3.10.1)" required: false - default: '3.10.1' + default: '3.11.0' yamllint_version: description: "The yamllint version to install (default: 1.27.1)" required: false - default: '1.27.1' + default: '1.33.0' yamale_version: description: "The yamale version to install (default: 3.0.4)" required: false - default: '3.0.4' + default: '4.0.4' runs: using: composite steps: diff --git a/ct.sh b/ct.sh index 4394de4..5e0f87d 100755 --- a/ct.sh +++ b/ct.sh @@ -4,9 +4,9 @@ set -o errexit set -o nounset set -o pipefail -DEFAULT_CHART_TESTING_VERSION=3.10.1 -DEFAULT_YAMLLINT_VERSION=1.27.1 -DEFAULT_YAMALE_VERSION=3.0.4 +DEFAULT_CHART_TESTING_VERSION=3.11.0 +DEFAULT_YAMLLINT_VERSION=1.33.0 +DEFAULT_YAMALE_VERSION=4.0.4 show_help() { cat << EOF diff --git a/testdata/simple-deployment/Chart.yaml b/testdata/simple-deployment/Chart.yaml new file mode 100644 index 0000000..8ac9244 --- /dev/null +++ b/testdata/simple-deployment/Chart.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +appVersion: "1.0" +description: A Helm chart for Kubernetes +name: nginx +version: 0.1.0 +maintainers: + - name: cpanato + - name: davidkarlsen diff --git a/testdata/simple-deployment/README.md b/testdata/simple-deployment/README.md new file mode 100644 index 0000000..280f67f --- /dev/null +++ b/testdata/simple-deployment/README.md @@ -0,0 +1,4 @@ +Simple chart with a Deployment. + +The integration test will install first simple-deployment and then try to upgrade +to simple-deployment-different-selector failing as expected diff --git a/testdata/simple-deployment/templates/_helpers.tpl b/testdata/simple-deployment/templates/_helpers.tpl new file mode 100644 index 0000000..165d01e --- /dev/null +++ b/testdata/simple-deployment/templates/_helpers.tpl @@ -0,0 +1,32 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "nginx.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "nginx.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "nginx.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} diff --git a/testdata/simple-deployment/templates/deployment.yaml b/testdata/simple-deployment/templates/deployment.yaml new file mode 100644 index 0000000..ac64e0d --- /dev/null +++ b/testdata/simple-deployment/templates/deployment.yaml @@ -0,0 +1,29 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "nginx.fullname" . }} + labels: + app.kubernetes.io/name: {{ include "nginx.name" . }} + helm.sh/chart: {{ include "nginx.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: {{ include "nginx.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "nginx.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + spec: + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: 80 + protocol: TCP diff --git a/testdata/simple-deployment/values.yaml b/testdata/simple-deployment/values.yaml new file mode 100644 index 0000000..cefd3a0 --- /dev/null +++ b/testdata/simple-deployment/values.yaml @@ -0,0 +1,11 @@ +# Default values for nginx. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +image: + repository: nginx + tag: stable + pullPolicy: IfNotPresent + +nameOverride: "" +fullnameOverride: "" From 4f62db170e3aa295575ba779f7141287841da474 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 7 May 2024 10:03:11 +0200 Subject: [PATCH 04/22] Bump actions/checkout from 4.1.4 to 4.1.5 in the actions group (#147) Bumps the actions group with 1 update: [actions/checkout](https://github.com/actions/checkout). Updates `actions/checkout` from 4.1.4 to 4.1.5 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/0ad4b8fadaa221de15dcec353f45205ec38ea70b...44c2b7a8a4ea60a981eaca3cf939b5f4305c123b) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/test-action.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/test-action.yml b/.github/workflows/test-action.yml index 15a79ee..d0da246 100644 --- a/.github/workflows/test-action.yml +++ b/.github/workflows/test-action.yml @@ -9,7 +9,7 @@ jobs: name: Install chart-testing and test presence in path steps: - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Install chart-testing uses: ./ - name: Check install! @@ -38,7 +38,7 @@ jobs: name: Install Custom chart-testing and test presence in path steps: - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Install chart-testing uses: ./ with: @@ -71,7 +71,7 @@ jobs: name: run action to test a helm chart steps: - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 with: fetch-depth: 0 From 9c98eaab2efcdc7233e9c49d05cb68d0bec56aba Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 13 Jun 2024 15:19:07 +0200 Subject: [PATCH 05/22] Bump actions/checkout in the actions group across 1 directory (#152) Bumps the actions group with 1 update in the / directory: [actions/checkout](https://github.com/actions/checkout). Updates `actions/checkout` from 4.1.5 to 4.1.7 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/44c2b7a8a4ea60a981eaca3cf939b5f4305c123b...692973e3d937129bcbf40652eb9f2f61becf3332) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/test-action.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/test-action.yml b/.github/workflows/test-action.yml index d0da246..a6d24fd 100644 --- a/.github/workflows/test-action.yml +++ b/.github/workflows/test-action.yml @@ -9,7 +9,7 @@ jobs: name: Install chart-testing and test presence in path steps: - - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Install chart-testing uses: ./ - name: Check install! @@ -38,7 +38,7 @@ jobs: name: Install Custom chart-testing and test presence in path steps: - - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Install chart-testing uses: ./ with: @@ -71,7 +71,7 @@ jobs: name: run action to test a helm chart steps: - - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: 0 From 5aa1c68405a43a57240a9b2869379324b2bec0fc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 11 Jul 2024 12:32:11 +0200 Subject: [PATCH 06/22] Bump actions/setup-python from 5.1.0 to 5.1.1 in the actions group (#154) Bumps the actions group with 1 update: [actions/setup-python](https://github.com/actions/setup-python). Updates `actions/setup-python` from 5.1.0 to 5.1.1 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/82c7e631bb3cdc910f68e0081d67478d79c6982d...39cd14951b08e74b54015e9e001cdefcf80e669f) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/test-action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test-action.yml b/.github/workflows/test-action.yml index a6d24fd..01d0584 100644 --- a/.github/workflows/test-action.yml +++ b/.github/workflows/test-action.yml @@ -80,7 +80,7 @@ jobs: with: version: v3.14.4 - - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + - uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1 with: python-version: '3.x' check-latest: true From 66b7521f19a51e5cc1bbfa81f216ec7b1fd5198c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 20 Jan 2025 11:28:03 +0100 Subject: [PATCH 07/22] Bump the actions group across 1 directory with 3 updates (#164) Bumps the actions group with 3 updates in the / directory: [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer), [actions/checkout](https://github.com/actions/checkout) and [actions/setup-python](https://github.com/actions/setup-python). Updates `sigstore/cosign-installer` from 3.5.0 to 3.7.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/59acb6260d9c0ba8f4a2f9d9b48431a222b68e20...dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da) Updates `actions/checkout` from 4.1.7 to 4.2.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/692973e3d937129bcbf40652eb9f2f61becf3332...11bd71901bbe5b1630ceea73d27597364c9af683) Updates `actions/setup-python` from 5.1.1 to 5.3.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/39cd14951b08e74b54015e9e001cdefcf80e669f...0b93645e9fea7318ecaed2b359559ac225c90a2b) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/test-action.yml | 8 ++++---- action.yml | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/test-action.yml b/.github/workflows/test-action.yml index 01d0584..27d691b 100644 --- a/.github/workflows/test-action.yml +++ b/.github/workflows/test-action.yml @@ -9,7 +9,7 @@ jobs: name: Install chart-testing and test presence in path steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install chart-testing uses: ./ - name: Check install! @@ -38,7 +38,7 @@ jobs: name: Install Custom chart-testing and test presence in path steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install chart-testing uses: ./ with: @@ -71,7 +71,7 @@ jobs: name: run action to test a helm chart steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 @@ -80,7 +80,7 @@ jobs: with: version: v3.14.4 - - uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1 + - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: '3.x' check-latest: true diff --git a/action.yml b/action.yml index 315f15a..49cafa5 100644 --- a/action.yml +++ b/action.yml @@ -20,7 +20,7 @@ inputs: runs: using: composite steps: - - uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0 + - uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 - run: | cd $GITHUB_ACTION_PATH \ && ./ct.sh \ From ef3072d53ad1414685abf498585614aca7eb78ff Mon Sep 17 00:00:00 2001 From: Carlos Tadeu Panato Junior Date: Mon, 20 Jan 2025 11:57:42 +0100 Subject: [PATCH 08/22] use ct 3.12.0 as default (#165) Signed-off-by: cpanato --- .github/workflows/test-action.yml | 4 ++-- README.md | 10 +++++----- action.yml | 2 +- ct.sh | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/test-action.yml b/.github/workflows/test-action.yml index 27d691b..9290efb 100644 --- a/.github/workflows/test-action.yml +++ b/.github/workflows/test-action.yml @@ -17,8 +17,8 @@ jobs: ct version CT_VERSION_OUTPUT=$(ct version 2>&1 /dev/null) ACTUAL_VERSION=$(echo "$CT_VERSION_OUTPUT" | grep Version | rev | cut -d ' ' -f1 | rev) - if [[ $ACTUAL_VERSION != 'v3.11.0' ]]; then - echo 'should be v3.11.0' + if [[ $ACTUAL_VERSION != 'v3.12.0' ]]; then + echo 'should be v3.12.0' exit 1 else exit 0 diff --git a/README.md b/README.md index c9f8b80..6ba1708 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@ A GitHub Action for installing the [helm/chart-testing](https://github.com/helm/ For more information on inputs, see the [API Documentation](https://developer.github.com/v3/repos/releases/#input) -- `version`: The chart-testing version to install (default: `3.11.0`) +- `version`: The chart-testing version to install (default: `3.12.0`) - `yamllint_version`: The `yamllint` version to install (default: `1.33.0`) - `yamale_version`: The `yamale` version to install (default: `4.0.4`) @@ -44,15 +44,15 @@ jobs: - name: Set up Helm uses: azure/setup-helm@v4.2.0 with: - version: v3.14.4 + version: v3.17.0 - - uses: actions/setup-python@v5 + - uses: actions/setup-python@v5.3.0 with: python-version: '3.x' check-latest: true - name: Set up chart-testing - uses: helm/chart-testing-action@v2.7.0 + uses: helm/chart-testing-action@v2.8.0 - name: Run chart-testing (list-changed) id: list-changed @@ -68,7 +68,7 @@ jobs: - name: Create kind cluster if: steps.list-changed.outputs.changed == 'true' - uses: helm/kind-action@v1.10.0 + uses: helm/kind-action@v1.12.0 - name: Run chart-testing (install) if: steps.list-changed.outputs.changed == 'true' diff --git a/action.yml b/action.yml index 49cafa5..e1edb1d 100644 --- a/action.yml +++ b/action.yml @@ -8,7 +8,7 @@ inputs: version: description: "The chart-testing version to install (default: 3.10.1)" required: false - default: '3.11.0' + default: '3.12.0' yamllint_version: description: "The yamllint version to install (default: 1.27.1)" required: false diff --git a/ct.sh b/ct.sh index 5e0f87d..32523a7 100755 --- a/ct.sh +++ b/ct.sh @@ -4,7 +4,7 @@ set -o errexit set -o nounset set -o pipefail -DEFAULT_CHART_TESTING_VERSION=3.11.0 +DEFAULT_CHART_TESTING_VERSION=3.12.0 DEFAULT_YAMLLINT_VERSION=1.33.0 DEFAULT_YAMALE_VERSION=4.0.4 From 0d28d3144d3a25ea2cc349d6e59901c4ff469b3b Mon Sep 17 00:00:00 2001 From: Carlos Tadeu Panato Junior Date: Mon, 20 Jan 2025 12:04:01 +0100 Subject: [PATCH 09/22] clean up and fix cr action next release (#166) Signed-off-by: cpanato --- .github/workflows/test-action.yml | 2 +- README.md | 2 +- action.yml | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/test-action.yml b/.github/workflows/test-action.yml index 9290efb..289e70e 100644 --- a/.github/workflows/test-action.yml +++ b/.github/workflows/test-action.yml @@ -78,7 +78,7 @@ jobs: - name: Set up Helm uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 with: - version: v3.14.4 + version: v3.17.0 - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: diff --git a/README.md b/README.md index 6ba1708..1272521 100644 --- a/README.md +++ b/README.md @@ -52,7 +52,7 @@ jobs: check-latest: true - name: Set up chart-testing - uses: helm/chart-testing-action@v2.8.0 + uses: helm/chart-testing-action@v2.7.0 - name: Run chart-testing (list-changed) id: list-changed diff --git a/action.yml b/action.yml index e1edb1d..146d154 100644 --- a/action.yml +++ b/action.yml @@ -6,7 +6,7 @@ branding: icon: anchor inputs: version: - description: "The chart-testing version to install (default: 3.10.1)" + description: "The chart-testing version to install (default: 3.12.0)" required: false default: '3.12.0' yamllint_version: @@ -14,7 +14,7 @@ inputs: required: false default: '1.33.0' yamale_version: - description: "The yamale version to install (default: 3.0.4)" + description: "The yamale version to install (default: 4.0.4)" required: false default: '4.0.4' runs: From c71c0c75b701ed8af5d4dfc586918923241a0368 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 10 Oct 2025 14:42:23 +0200 Subject: [PATCH 10/22] Bump the actions group across 1 directory with 4 updates (#171) Bumps the actions group with 4 updates in the / directory: [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer), [azure/setup-helm](https://github.com/azure/setup-helm), [actions/setup-python](https://github.com/actions/setup-python) and [helm/kind-action](https://github.com/helm/kind-action). Updates `sigstore/cosign-installer` from 3.7.0 to 3.8.1 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da...d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a) Updates `azure/setup-helm` from 4.2.0 to 4.3.0 - [Release notes](https://github.com/azure/setup-helm/releases) - [Changelog](https://github.com/Azure/setup-helm/blob/main/CHANGELOG.md) - [Commits](https://github.com/azure/setup-helm/compare/fe7b79cd5ee1e45176fcad797de68ecaf3ca4814...b9e51907a09c216f16ebe8536097933489208112) Updates `actions/setup-python` from 5.3.0 to 5.4.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/0b93645e9fea7318ecaed2b359559ac225c90a2b...42375524e23c412d93fb67b49958b491fce71c38) Updates `helm/kind-action` from 1.10.0 to 1.12.0 - [Release notes](https://github.com/helm/kind-action/releases) - [Commits](https://github.com/helm/kind-action/compare/v1.10.0...v1.12.0) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: azure/setup-helm dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: helm/kind-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/test-action.yml | 6 +++--- action.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/test-action.yml b/.github/workflows/test-action.yml index 289e70e..6a86730 100644 --- a/.github/workflows/test-action.yml +++ b/.github/workflows/test-action.yml @@ -76,11 +76,11 @@ jobs: fetch-depth: 0 - name: Set up Helm - uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 + uses: azure/setup-helm@b9e51907a09c216f16ebe8536097933489208112 # v4.3.0 with: version: v3.17.0 - - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 + - uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0 with: python-version: '3.x' check-latest: true @@ -106,7 +106,7 @@ jobs: - name: Create kind cluster if: steps.list-changed.outputs.changed == 'true' - uses: helm/kind-action@v1.10.0 + uses: helm/kind-action@v1.12.0 - name: Run chart-testing (install) if: steps.list-changed.outputs.changed == 'true' diff --git a/action.yml b/action.yml index 146d154..00a9c71 100644 --- a/action.yml +++ b/action.yml @@ -20,7 +20,7 @@ inputs: runs: using: composite steps: - - uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 + - uses: sigstore/cosign-installer@d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a # v3.8.1 - run: | cd $GITHUB_ACTION_PATH \ && ./ct.sh \ From 0941a6baa8bc6b125d646711df1b0693f8644cb2 Mon Sep 17 00:00:00 2001 From: Subramani Ramanathan Date: Fri, 10 Oct 2025 18:14:09 +0530 Subject: [PATCH 11/22] Fix the broken link for GitHub Help Documentation (#174) Signed-off-by: Subramani Ramanathan --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 1272521..c0bf1ab 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ A GitHub Action for installing the [helm/chart-testing](https://github.com/helm/ 1. A GitHub repo containing a directory with your Helm charts (e.g: `charts`) 1. A workflow YAML file in your `.github/workflows` directory. An [example workflow](#example-workflow) is available below. - For more information, reference the GitHub Help Documentation for [Creating a workflow file](https://help.github.com/en/articles/configuring-a-workflow#creating-a-workflow-file) + For more information, reference the GitHub Help Documentation for [Creating a workflow file](https://docs.github.com/en/actions/writing-workflows/quickstart#creating-your-first-workflow) ### Inputs From 2fe8321aa1dba9b7e3f8de6d8a37d511c8142e40 Mon Sep 17 00:00:00 2001 From: Carlos Tadeu Panato Junior Date: Mon, 3 Nov 2025 11:08:04 +0100 Subject: [PATCH 12/22] bump ct and yamale version (#178) Signed-off-by: Carlos Panato --- .github/workflows/test-action.yml | 4 ++-- README.md | 18 ++++++++++-------- action.yml | 4 ++-- ct.sh | 4 ++-- 4 files changed, 16 insertions(+), 14 deletions(-) diff --git a/.github/workflows/test-action.yml b/.github/workflows/test-action.yml index 6a86730..14bddca 100644 --- a/.github/workflows/test-action.yml +++ b/.github/workflows/test-action.yml @@ -17,8 +17,8 @@ jobs: ct version CT_VERSION_OUTPUT=$(ct version 2>&1 /dev/null) ACTUAL_VERSION=$(echo "$CT_VERSION_OUTPUT" | grep Version | rev | cut -d ' ' -f1 | rev) - if [[ $ACTUAL_VERSION != 'v3.12.0' ]]; then - echo 'should be v3.12.0' + if [[ $ACTUAL_VERSION != 'v3.14.0' ]]; then + echo 'should be v3.14.0' exit 1 else exit 0 diff --git a/README.md b/README.md index c0bf1ab..3c762d8 100644 --- a/README.md +++ b/README.md @@ -15,9 +15,9 @@ A GitHub Action for installing the [helm/chart-testing](https://github.com/helm/ For more information on inputs, see the [API Documentation](https://developer.github.com/v3/repos/releases/#input) -- `version`: The chart-testing version to install (default: `3.12.0`) +- `version`: The chart-testing version to install (default: `3.14.0`) - `yamllint_version`: The `yamllint` version to install (default: `1.33.0`) -- `yamale_version`: The `yamale` version to install (default: `4.0.4`) +- `yamale_version`: The `yamale` version to install (default: `6.0.0`) ### Example Workflow @@ -32,27 +32,29 @@ name: Lint and Test Charts on: pull_request +permissions: {} + jobs: lint-test: runs-on: ubuntu-latest + permisions: + contents: read steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v5.0.0 with: fetch-depth: 0 - name: Set up Helm - uses: azure/setup-helm@v4.2.0 - with: - version: v3.17.0 + uses: azure/setup-helm@v4.3.1 - - uses: actions/setup-python@v5.3.0 + - uses: actions/setup-python@v6.0.0 with: python-version: '3.x' check-latest: true - name: Set up chart-testing - uses: helm/chart-testing-action@v2.7.0 + uses: helm/chart-testing-action@v2.8.0 - name: Run chart-testing (list-changed) id: list-changed diff --git a/action.yml b/action.yml index 00a9c71..d1ff45e 100644 --- a/action.yml +++ b/action.yml @@ -8,7 +8,7 @@ inputs: version: description: "The chart-testing version to install (default: 3.12.0)" required: false - default: '3.12.0' + default: '3.14.0' yamllint_version: description: "The yamllint version to install (default: 1.27.1)" required: false @@ -16,7 +16,7 @@ inputs: yamale_version: description: "The yamale version to install (default: 4.0.4)" required: false - default: '4.0.4' + default: '6.0.0' runs: using: composite steps: diff --git a/ct.sh b/ct.sh index 32523a7..797f945 100755 --- a/ct.sh +++ b/ct.sh @@ -4,9 +4,9 @@ set -o errexit set -o nounset set -o pipefail -DEFAULT_CHART_TESTING_VERSION=3.12.0 +DEFAULT_CHART_TESTING_VERSION=3.14.0 DEFAULT_YAMLLINT_VERSION=1.33.0 -DEFAULT_YAMALE_VERSION=4.0.4 +DEFAULT_YAMALE_VERSION=6.0.0 show_help() { cat << EOF From e27de75c91e0f939bbffea4638c3c70430d7b857 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 3 Nov 2025 11:15:10 +0100 Subject: [PATCH 13/22] Bump actions/checkout from 4.2.2 to 5.0.0 (#181) Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2 to 5.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/11bd71901bbe5b1630ceea73d27597364c9af683...08c6903cd8c0fde910a37f88322edcfb5dd907a8) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/test-action.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/test-action.yml b/.github/workflows/test-action.yml index 14bddca..578d7d5 100644 --- a/.github/workflows/test-action.yml +++ b/.github/workflows/test-action.yml @@ -9,7 +9,7 @@ jobs: name: Install chart-testing and test presence in path steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Install chart-testing uses: ./ - name: Check install! @@ -38,7 +38,7 @@ jobs: name: Install Custom chart-testing and test presence in path steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Install chart-testing uses: ./ with: @@ -71,7 +71,7 @@ jobs: name: run action to test a helm chart steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 From 0bfa5c021b3e5bf2fa118230a44a27e0f20628d5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 3 Nov 2025 13:17:11 +0100 Subject: [PATCH 14/22] Bump actions/setup-python from 5.4.0 to 6.0.0 (#179) Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.4.0 to 6.0.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/42375524e23c412d93fb67b49958b491fce71c38...e797f83bcb11b83ae66e0230d6156d7c80228e7c) --- updated-dependencies: - dependency-name: actions/setup-python dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/test-action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test-action.yml b/.github/workflows/test-action.yml index 578d7d5..e01f8dd 100644 --- a/.github/workflows/test-action.yml +++ b/.github/workflows/test-action.yml @@ -80,7 +80,7 @@ jobs: with: version: v3.17.0 - - uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0 + - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 with: python-version: '3.x' check-latest: true From b0c06062b7b8cb6f3bf1473a0c117ba2a86f3442 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 3 Nov 2025 14:48:03 +0100 Subject: [PATCH 15/22] Bump the actions group across 1 directory with 2 updates (#183) Bumps the actions group with 2 updates in the / directory: [azure/setup-helm](https://github.com/azure/setup-helm) and [helm/kind-action](https://github.com/helm/kind-action). Updates `azure/setup-helm` from 4.3.0 to 4.3.1 - [Release notes](https://github.com/azure/setup-helm/releases) - [Changelog](https://github.com/Azure/setup-helm/blob/main/CHANGELOG.md) - [Commits](https://github.com/azure/setup-helm/compare/b9e51907a09c216f16ebe8536097933489208112...1a275c3b69536ee54be43f2070a358922e12c8d4) Updates `helm/kind-action` from 1.12.0 to 1.13.0 - [Release notes](https://github.com/helm/kind-action/releases) - [Commits](https://github.com/helm/kind-action/compare/v1.12.0...v1.13.0) --- updated-dependencies: - dependency-name: azure/setup-helm dependency-version: 4.3.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: helm/kind-action dependency-version: 1.13.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/test-action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test-action.yml b/.github/workflows/test-action.yml index e01f8dd..016d2d6 100644 --- a/.github/workflows/test-action.yml +++ b/.github/workflows/test-action.yml @@ -76,7 +76,7 @@ jobs: fetch-depth: 0 - name: Set up Helm - uses: azure/setup-helm@b9e51907a09c216f16ebe8536097933489208112 # v4.3.0 + uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # v4.3.1 with: version: v3.17.0 @@ -106,7 +106,7 @@ jobs: - name: Create kind cluster if: steps.list-changed.outputs.changed == 'true' - uses: helm/kind-action@v1.12.0 + uses: helm/kind-action@v1.13.0 - name: Run chart-testing (install) if: steps.list-changed.outputs.changed == 'true' From 4ea74f62c9503ceaffb14a189bf252e7c68e87a3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nikolai=20R=C3=B8ed=20Kristiansen?= Date: Wed, 5 Nov 2025 12:57:20 +0100 Subject: [PATCH 16/22] Use uv instead of python venv (#172) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Also roll default yamale version to 6.0.0 Signed-off-by: Nikolai Røed Kristiansen --- action.yml | 3 ++- ct.sh | 20 +++++++++----------- 2 files changed, 11 insertions(+), 12 deletions(-) diff --git a/action.yml b/action.yml index d1ff45e..97f4ac3 100644 --- a/action.yml +++ b/action.yml @@ -14,13 +14,14 @@ inputs: required: false default: '1.33.0' yamale_version: - description: "The yamale version to install (default: 4.0.4)" + description: "The yamale version to install (default: 6.0.0)" required: false default: '6.0.0' runs: using: composite steps: - uses: sigstore/cosign-installer@d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a # v3.8.1 + - uses: astral-sh/setup-uv@eb1897b8dc4b5d5bfe39a428a8f2304605e0983c # v7.0.0 - run: | cd $GITHUB_ACTION_PATH \ && ./ct.sh \ diff --git a/ct.sh b/ct.sh index 797f945..93931e8 100755 --- a/ct.sh +++ b/ct.sh @@ -92,11 +92,11 @@ install_chart_testing() { mkdir -p "${cache_dir}" echo "Installing chart-testing v${version}..." - CT_CERT=https://github.com/helm/chart-testing/releases/download/v$version/chart-testing_${version#v}_linux_$arch.tar.gz.pem - CT_SIG=https://github.com/helm/chart-testing/releases/download/v$version/chart-testing_${version#v}_linux_$arch.tar.gz.sig + CT_CERT=https://github.com/helm/chart-testing/releases/download/v${version}/chart-testing_${version#v}_linux_${arch}.tar.gz.pem + CT_SIG=https://github.com/helm/chart-testing/releases/download/v${version}/chart-testing_${version#v}_linux_${arch}.tar.gz.sig - curl --retry 5 --retry-delay 1 -sSLo ct.tar.gz "https://github.com/helm/chart-testing/releases/download/v$version/chart-testing_${version#v}_linux_$arch.tar.gz" - cosign verify-blob --certificate $CT_CERT --signature $CT_SIG \ + curl --retry 5 --retry-delay 1 -sSLo ct.tar.gz "https://github.com/helm/chart-testing/releases/download/v${version}/chart-testing_${version#v}_linux_${arch}.tar.gz" + cosign verify-blob --certificate "${CT_CERT}" --signature "${CT_SIG}" \ --certificate-identity "https://github.com/helm/chart-testing/.github/workflows/release.yaml@refs/heads/main" \ --certificate-oidc-issuer "https://token.actions.githubusercontent.com" ct.tar.gz retVal=$? @@ -109,17 +109,15 @@ install_chart_testing() { rm -f ct.tar.gz echo 'Creating virtual Python environment...' - python3 -m venv "${venv_dir}" - - echo 'Activating virtual environment...' - # shellcheck disable=SC1090 - source "${venv_dir}/bin/activate" + export UV_LINK_MODE=copy + uv venv "${venv_dir}" + export VIRTUAL_ENV="${venv_dir}" echo 'Installing yamllint...' - pip3 install "yamllint==${yamllint_version}" + uv pip install "yamllint==${yamllint_version}" echo 'Installing Yamale...' - pip3 install "yamale==${yamale_version}" + uv pip install "yamale==${yamale_version}" fi # https://github.com/helm/chart-testing-action/issues/62 From 6ec842c01de15ebb84c8627d2744a0c2f2755c9f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 5 Nov 2025 12:59:54 +0100 Subject: [PATCH 17/22] Bump sigstore/cosign-installer from 3.8.1 to 4.0.0 (#184) Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.8.1 to 4.0.0. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a...faadad0cce49287aee09b3a48701e75088a2c6ad) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 97f4ac3..df3006d 100644 --- a/action.yml +++ b/action.yml @@ -20,7 +20,7 @@ inputs: runs: using: composite steps: - - uses: sigstore/cosign-installer@d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a # v3.8.1 + - uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0 - uses: astral-sh/setup-uv@eb1897b8dc4b5d5bfe39a428a8f2304605e0983c # v7.0.0 - run: | cd $GITHUB_ACTION_PATH \ From 0fe10ffb58912040c1c480be09c1ed6d41c0fad3 Mon Sep 17 00:00:00 2001 From: Updater DevOps Admin <78870838+updater-devopsadmin@users.noreply.github.com> Date: Thu, 12 Oct 2023 17:41:12 -0400 Subject: [PATCH 18/22] ci: use Terraform-managed FOSSA workflow --- .github/workflows/fossa.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 .github/workflows/fossa.yaml diff --git a/.github/workflows/fossa.yaml b/.github/workflows/fossa.yaml new file mode 100644 index 0000000..2a23b3a --- /dev/null +++ b/.github/workflows/fossa.yaml @@ -0,0 +1,16 @@ +--- +name: Fossa + +on: + push: + workflow_dispatch: + +jobs: + fossa: + uses: Updater/.github/.github/workflows/fossa.yaml@main + secrets: + fossa-api-key: ${{ secrets.FOSSA_API_KEY }} + token: ${{ secrets.GITHUB_TOKEN }} + with: + repository: ${{ github.repository }} + ref: ${{ github.ref }} From d5c965978e29ab0752c0e5d95cd372ca91ba766f Mon Sep 17 00:00:00 2001 From: Updater DevOps Admin <78870838+updater-devopsadmin@users.noreply.github.com> Date: Mon, 16 Sep 2024 12:27:35 -0400 Subject: [PATCH 19/22] ci: use Terraform-managed FOSSA workflow From 69ad073dd1dd2d86d6e0ac7d0e2964c1577ea8de Mon Sep 17 00:00:00 2001 From: Updater DevOps Admin <78870838+updater-devopsadmin@users.noreply.github.com> Date: Wed, 6 Nov 2024 10:19:56 -0500 Subject: [PATCH 20/22] ci: use Terraform-managed FOSSA workflow --- .github/workflows/fossa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/fossa.yaml b/.github/workflows/fossa.yaml index 2a23b3a..367c5e5 100644 --- a/.github/workflows/fossa.yaml +++ b/.github/workflows/fossa.yaml @@ -7,7 +7,7 @@ on: jobs: fossa: - uses: Updater/.github/.github/workflows/fossa.yaml@main + uses: Updater/.github-private/.github/workflows/fossa.yaml@main secrets: fossa-api-key: ${{ secrets.FOSSA_API_KEY }} token: ${{ secrets.GITHUB_TOKEN }} From 9e068b3be24724d9085169e5d4954cb21e5409f9 Mon Sep 17 00:00:00 2001 From: Updater DevOps Admin <78870838+updater-devopsadmin@users.noreply.github.com> Date: Mon, 8 Dec 2025 10:45:31 -0600 Subject: [PATCH 21/22] ci: use Terraform-managed gitStream configuration --- .cm/gitstream.cm | 162 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 162 insertions(+) create mode 100644 .cm/gitstream.cm diff --git a/.cm/gitstream.cm b/.cm/gitstream.cm new file mode 100644 index 0000000..4ef8c65 --- /dev/null +++ b/.cm/gitstream.cm @@ -0,0 +1,162 @@ +# -*- mode: yaml -*- +# This example configuration provides basic automations to get started with gitStream. +# View the gitStream quickstart for more examples: https://docs.gitstream.cm/examples/ +manifest: + version: 1.0 + + +automations: + # Use LinearB's AI service to review the changes + linearb_ai_review: + on: + - pr_created + - commit + if: + - {{ not pr.draft }} + - {{ not is.bot }} + run: + - action: code-review@v1 + args: + approve_on_LGTM: {{ calc.safe_changes }} + + # Use LinearB's AI service to add a description to the PR + linearb_ai_description: + on: + - pr_created + - commit + if: + - {{ not pr.draft }} + - {{ not is.bot }} + run: + - action: describe-changes@v1 + args: + concat_mode: append + + # Add a label indicating how long it will take to review the PR. + estimated_time_to_review: + if: + - true + run: + - action: add-label@v1 + args: + label: "{{ calc.etr }} min review" + color: {{ colors.red if (calc.etr >= 20) else ( colors.yellow if (calc.etr >= 5) else colors.green ) }} + + # Inform PR authors when they fail to reference Jira tickets in the PR title or description. + label_missing_jira_info: + if: + - {{ not (has.jira_ticket_in_title or has.jira_ticket_in_desc) }} + run: + - action: add-label@v1 + args: + label: "missing-jira" + color: {{ colors.red }} + - action: add-comment@v1 + args: + comment: | + This PR is missing a Jira ticket reference in the title or description. + Please add a Jira ticket reference to the title or description of this PR. + + # Label PRs where the user indicated Claude Code usage via checkbox + label_claude_code_pr: + on: + - pr_created + - commit + if: + - {{ pr.comments | filter(attr='commenter', term='gitstream-cm') | filter (attr='content', regex=r/\- \[x\] Claude Code Assisted/) | some}} + run: + - action: add-label@v1 + args: + label: '🤖 Claude Code' + + # Label PRs that contain Claude Code commits (by detecting commit message signature) + label_claude_code_by_commit: + on: + - pr_created + - commit + if: + - {{ source.commits | some(attr='message', regex=r/🤖 Generated with \[Claude Code\]|Co-Authored-By: Claude /) }} + run: + - action: add-label@v1 + args: + label: '🤖 Claude Code' + + # Label PRs created with GitHub Copilot assistance via checkbox + label_github_copilot_pr: + on: + - pr_created + - commit + if: + - {{ pr.comments | filter(attr='commenter', term='gitstream-cm') | filter (attr='content', regex=r/\- \[x\] GitHub Copilot Assisted/) | some}} + run: + - action: add-label@v1 + args: + label: '🤖 GitHub Copilot' + + # Label PRs that contain GitHub Copilot commits (by detecting commit message patterns) + label_github_copilot_by_commit: + on: + - pr_created + - commit + if: + - {{ source.commits | some(attr='message', regex=r/Co-authored-by: github-copilot|Generated by GitHub Copilot|Copilot|with GitHub Copilot/i) }} + run: + - action: add-label@v1 + args: + label: '🤖 GitHub Copilot' + + # Label Claude Code PRs - Label by Tag + label_claude_code: + if: + - {{ claude_code_tag.pr_title or claude_code_tag.pr_desc or claude_code_tag.pr_comments or claude_code_tag.commit_messages }} + run: + - action: add-label@v1 + args: + label: '🤖 Claude Code' + + # Label GitHub Copilot PRs - Label by Tag + label_copilot: + if: + - {{ copilot_tag.pr_title or copilot_tag.pr_desc or copilot_tag.pr_comments or copilot_tag.commit_messages }} + run: + - action: add-label@v1 + args: + label: '🤖 Copilot' + +claude_code_tag: + pr_title: {{ pr.title | includes(regex=r/#claude_code#/) }} + pr_desc: {{pr.description | includes(regex=r/#claude_code#/) }} + pr_comments: {{ pr.comments | map(attr='content') | match(regex=r/#claude_code#/) | some }} + commit_messages: {{ branch.commits.messages | match(regex=r/#claude_code#/) | some }} + +copilot_tag: + pr_title: {{ pr.title | includes(regex=r/#copilot#/) }} + pr_desc: {{ pr.description | includes(regex=r/#copilot#/) }} + pr_comments: {{ pr.comments | map(attr='content') | match(regex=r/#copilot#/) | some }} + commit_messages: {{ branch.commits.messages | match(regex=r/#copilot#/) | some }} + + +# +----------------------------------------------------------------------------+ +# | Custom Expressions | +# | https://docs.gitstream.cm/how-it-works/#custom-expressions | +# +----------------------------------------------------------------------------+ + +calc: + etr: {{ branch | estimatedReviewTime }} + safe_changes: {{ is.formatting or is.docs or is.tests or is.image }} + +has: + jira_ticket_in_title: {{ pr.title | includes(regex=r/\b[A-Za-z]+-\d+\b/) }} + jira_ticket_in_desc: {{ pr.description | includes(regex=r/atlassian.net\/browse\/\w{1,}-\d{3,4}/) }} + +colors: + red: 'b60205' + yellow: 'fbca04' + green: '0e8a16' + +is: + formatting: {{ source.diff.files | isFormattingChange }} + docs: {{ files | allDocs }} + tests: {{ files | allTests }} + image: {{ files | allImages }} + bot: {{ pr.author | match(list=['github-actions', '_bot_', '[bot]', 'dependabot']) | some }} From 367a91e1bf7b33ff3891b55ecaa469a7c9090b7d Mon Sep 17 00:00:00 2001 From: Updater DevOps Admin <78870838+updater-devopsadmin@users.noreply.github.com> Date: Mon, 8 Dec 2025 10:45:52 -0600 Subject: [PATCH 22/22] ci: use Terraform-managed gitStream workflow --- .github/workflows/gitstream.yml | 49 +++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 .github/workflows/gitstream.yml diff --git a/.github/workflows/gitstream.yml b/.github/workflows/gitstream.yml new file mode 100644 index 0000000..4720f73 --- /dev/null +++ b/.github/workflows/gitstream.yml @@ -0,0 +1,49 @@ +# Code generated by gitStream GitHub app - DO NOT EDIT + +name: gitStream workflow automation +run-name: | + /:\ gitStream: PR #${{ fromJSON(fromJSON(github.event.inputs.client_payload)).pullRequestNumber }} from ${{ github.event.inputs.full_repository }} + +on: + workflow_dispatch: + inputs: + client_payload: + description: The Client payload + required: true + full_repository: + description: the repository name include the owner in `owner/repo_name` format + required: true + head_ref: + description: the head sha + required: true + base_ref: + description: the base ref + required: true + installation_id: + description: the installation id + required: false + resolver_url: + description: the resolver url to pass results to + required: true + resolver_token: + description: Optional resolver token for resolver service + required: false + default: '' + +jobs: + gitStream: + timeout-minutes: 15 + runs-on: ubuntu-latest + name: gitStream workflow automation + steps: + - name: Evaluate Rules + uses: linear-b/gitstream-github-action@v2-lite + id: rules-engine + with: + full_repository: ${{ github.event.inputs.full_repository }} + head_ref: ${{ github.event.inputs.head_ref }} + base_ref: ${{ github.event.inputs.base_ref }} + client_payload: ${{ github.event.inputs.client_payload }} + installation_id: ${{ github.event.inputs.installation_id }} + resolver_url: ${{ github.event.inputs.resolver_url }} + resolver_token: ${{ github.event.inputs.resolver_token }}