GDB-9036: Added CI workflow

- Added CI workflow for PRs and the main branch
- Added build status badge in the readme
- Added trivy configuration

.github/workflows/ci.yml

@@ -0,0 +1,43 @@
+name: Continuous Integration
+
+on:
+  pull_request:
+  push:
+    branches: [ "master" ]
+
+jobs:
+  analyze:
+    name: Analyze the Helm chart
+    runs-on: ubuntu-22.04
+    timeout-minutes: 5
+    steps:
+      - id: checkout_repository
+        name: Checkout repository
+        # actions/checkout@v4.1.1
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
+
+      - id: setup_helm
+        name: Setup Helm
+        # azure/setup-helm@v3.5
+        uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78
+        with:
+          version: v3.14.0
+
+      - id: run_helm_lint
+        name: Run Helm lint
+        run: helm lint --strict .
+
+      - id: run_helm_template
+        name: Run Helm template
+        run: helm template . > template_output.yaml
+
+      - id: run_trivy_config
+        name: Run Trivy vulnerability scanner
+        # aquasecurity/trivy-action@v0.16.1
+        uses: aquasecurity/trivy-action@d43c1f16c00cfd3978dde6c07f4bbcf9eb6993ca
+        with:
+          scan-type: config
+          trivy-config: trivy.yaml
+          hide-progress: false
+          format: sarif
+          output: trivy.sarif

.gitignore

@@ -10,3 +10,4 @@
 
 # Helm
 values_overrides.yaml
+template_output.yaml

README.md

@@ -1,5 +1,7 @@
 # Helm charts for GraphDB
 
+[![CI](https://github.com/Ontotext-AD/graphdb-helm/actions/workflows/ci.yml/badge.svg)](https://github.com/Ontotext-AD/graphdb-helm/actions/workflows/ci.yml)
+
 You can download the GraphDB Helm chart, including all sub-charts managed by Ontotext, from the [Ontotext Helm repository](https://maven.ontotext.com/repository/helm-public/).
 
 ## Install

trivy.yaml

@@ -0,0 +1,7 @@
+timeout: 5m
+exit-code: 1
+severity:
+  - HIGH
+  - CRITICAL
+  - MEDIUM
+format: table