Align files

giantswarm · Aug 4, 2023 · 77a0b16 · 77a0b16
1 parent 4fb3a49
commit 77a0b16
Show file tree

Hide file tree

Showing 13 changed files with 167 additions and 140 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -1,7 +1,7 @@
 version: 2.1
 
 orbs:
-  architect: giantswarm/architect@4.24.0
+  architect: giantswarm/architect@4.31.0
 
 workflows:
   build:

diff --git a/.github/workflows/zz_generated.add-team-labels.yaml b/.github/workflows/zz_generated.add-team-labels.yaml
@@ -1,4 +1,4 @@
-name: Add Issue to Project when assigned
+name: Add appropriate labels to issue
 
 on:
   issues:
@@ -9,12 +9,12 @@ jobs:
     name: Get yaml config of GS users
     runs-on: ubuntu-latest
     steps:
-    - name: Fetch issue templates
+    - name: Get user-mapping
       run: |
         mkdir -p artifacts
-        wget --header "Authorization: token ${{ github.token }}" \
+        wget --header "Authorization: token ${{ secrets.ISSUE_AUTOMATION }}" \
           -O artifacts/users.yaml \
-          https://raw.githubusercontent.com/giantswarm/github/master/tools/issue-automation/user-mapping.yaml
+          https://raw.githubusercontent.com/giantswarm/github/main/tools/issue-automation/user-mapping.yaml
     - name: Upload Artifact
       uses: actions/upload-artifact@v3
       with:
@@ -48,6 +48,6 @@ jobs:
       if: ${{ env.LABEL != '' }}
       uses: actions-ecosystem/action-add-labels@v1
       with:
-        github-token: ${{ secrets.ISSUE_AUTOMATION }}
+        github_token: ${{ secrets.ISSUE_AUTOMATION }}
         labels: |
           ${{ env.LABEL }}
diff --git a/.github/workflows/zz_generated.add-to-project-board.yaml b/.github/workflows/zz_generated.add-to-project-board.yaml
@@ -2,7 +2,9 @@ name: Add Issue to Project when assigned
 
 on:
   issues:
-    types: [assigned]
+    types:
+    - assigned
+    - labeled
 
 jobs:
   build_user_list:
@@ -12,9 +14,9 @@ jobs:
     - name: Get user-mapping
       run: |
         mkdir -p artifacts
-        wget --header "Authorization: token ${{ github.token }}" \
+        wget --header "Authorization: token ${{ secrets.ISSUE_AUTOMATION }}" \
           -O artifacts/users.yaml \
-          https://raw.githubusercontent.com/giantswarm/github/master/tools/issue-automation/user-mapping.yaml
+          https://raw.githubusercontent.com/giantswarm/github/main/tools/issue-automation/user-mapping.yaml
     - name: Upload Artifact
       uses: actions/upload-artifact@v3
       with:
@@ -24,9 +26,9 @@ jobs:
     - name: Get label-mapping
       run: |
         mkdir -p artifacts
-        wget --header "Authorization: token ${{ github.token }}" \
+        wget --header "Authorization: token ${{ secrets.ISSUE_AUTOMATION }}" \
           -O artifacts/labels.yaml \
-          https://raw.githubusercontent.com/giantswarm/github/master/tools/issue-automation/label-mapping.yaml
+          https://raw.githubusercontent.com/giantswarm/github/main/tools/issue-automation/label-mapping.yaml
     - name: Upload Artifact
       uses: actions/upload-artifact@v3
       with:
@@ -38,6 +40,7 @@ jobs:
     name: Add issue to personal board
     runs-on: ubuntu-latest
     needs: build_user_list
+    if: github.event.action == 'assigned'
     steps:
     - uses: actions/download-artifact@v3
       id: download-users
@@ -60,24 +63,25 @@ jobs:
         github-token: ${{ secrets.ISSUE_AUTOMATION }}
 
   add_to_team_board:
-    name: Add issue to personal board
+    name: Add issue to team board
     runs-on: ubuntu-latest
     needs: build_user_list
+    if: github.event.action == 'labeled'
     steps:
     - uses: actions/download-artifact@v3
       id: download-labels
       with:
         name: labels
     - name: Find team board based on label
       run: |
-        event_label=$(cat $GITHUB_EVENT_PATH | jq -r .label | tr '[:upper:]' '[:lower:]')
+        event_label=$(cat $GITHUB_EVENT_PATH | jq -r .label.name | tr '[:upper:]' '[:lower:]')
         echo "Issue labelled with: ${event_label}"
 
-        BOARD=($(cat ${{steps.download-users.outputs.download-path}}/labels.yaml | tr '[:upper:]' '[:lower:]' | yq ".${event_label}.projectBoard"))
+        BOARD=($(cat ${{steps.download-labels.outputs.download-path}}/labels.yaml | tr '[:upper:]' '[:lower:]' | yq ".[\"${event_label}\"].projectboard"))
         echo "Team board URL: ${BOARD}"
 
         echo "BOARD=${BOARD}" >> $GITHUB_ENV
-    - name: Add issue to personal board
+    - name: Add issue to team board
       if: ${{ env.BOARD != 'null' && env.BOARD != '' }}
       uses: actions/add-to-project@main
       with:

diff --git a/.github/workflows/zz_generated.check_values_schema.yaml b/.github/workflows/zz_generated.check_values_schema.yaml
@@ -1,84 +1,53 @@
 # DO NOT EDIT. Generated with:
 #
-#    devctl@5.9.0
+#    devctl@6.5.0
 #
-name: 'Check if values schema file has been updated'
-on: pull_request
+name: 'Values and schema'
+on:
+  pull_request:
+    branches:
+      - master
+      - main
+    paths:
+      - 'helm/**/values.yaml'         # default helm chart values
+      - 'helm/**/values.schema.json'  # schema
+      - 'helm/**/ci/ci-values.yaml'   # overrides for CI (can contain required entries)
+
+  push: {}
 
 jobs:
   check:
-    name: 'Check values.yaml and its schema in PR'
+    name: 'validate values.yaml against values.schema.json'
     runs-on: ubuntu-latest
     steps:
-      - name: 'Checkout'
+      - name: Checkout
         uses: actions/checkout@v3
-      - name: 'Check if values.schema.json was updated'
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          echo "Comparing ${GITHUB_BASE_REF}...${GITHUB_HEAD_REF}"
-
-          # check if repo contains a schema file
-          if grep -q "values.schema.json" <<< $(git ls-tree -r --name-only ${GITHUB_SHA}); then
-
-            # get a list of files changed in the PR
-            CHANGED_FILES=$(gh api repos/{owner}/{repo}/compare/${GITHUB_BASE_REF}...${GITHUB_HEAD_REF} \
-              --jq ".files[].filename")
-
-            # check if values.yaml in main chart was modified by this PR
-            # (this won't check values files in subcharts)
-            if grep -q 'helm\/[-a-z].*\/values.yaml' <<< "${CHANGED_FILES}" ; then
-
-              # get the path to values.yaml
-              VALUES_FILE=$(gh api repos/{owner}/{repo}/compare/${GITHUB_BASE_REF}...${GITHUB_HEAD_REF} \
-                --jq ".files[].filename" | grep 'helm\/[-a-z].*\/values.yaml')
-
-              # fetch branches so we can use them to compare
-              git fetch &> /dev/null
-
-              # calculate hash of the keys from values.yaml from the default branch
-              DEFAULT_BRANCH_SHA=$(git show origin/${GITHUB_BASE_REF}:${VALUES_FILE} \
-                | yq -P 'sort_keys(..)' -o=json | jq -r '[paths | join(".")]' \
-                | sha1sum | awk '{print $1}')
+        with:
+          fetch-depth: 0
 
-              # calculate hash of the keys from values.yaml from this branch
-              THIS_BRANCH_SHA=$(git show origin/${GITHUB_HEAD_REF}:${VALUES_FILE} \
-                | yq -P 'sort_keys(..)' -o=json | jq -r '[paths | join(".")]' \
-                | sha1sum | awk '{print $1}')
-
-              # compare hashes of the values files
-              if [[ "${DEFAULT_BRANCH_SHA}" != "${THIS_BRANCH_SHA}" ]]; then
-
-                # values file structure has been modified so we need to ensure the schema
-                # file is also updated
-
-                if grep -q "values.schema.json" <<< "${CHANGED_FILES}" ; then
-                  # we assume that the schema has been updated, nothing to do
-                  echo "PASSED: values.yaml and values.schema.json both appear to have been updated"
-                  exit 0
-                else
-                  # schema must be updated
-                  echo "FAILED: values.yaml was updated but values.schema.json hasn't been regenerated"
-                  echo "Please refer to this document: https://intranet.giantswarm.io/docs/organizational-structure/teams/cabbage/app-updates/helm-values-schema/"
-                  exit 1
-                fi
+      - name: Install validator
+        run: |
+          wget -q -O ${HOME}/yajsv https://github.com/neilpa/yajsv/releases/download/v1.4.1/yajsv.linux.amd64
+          chmod +x ${HOME}/yajsv
 
-              else
-                # values file structure hasn't changed, nothing to do
-                echo "values.yaml structure hasn't been changed by this PR"
-                exit 0
-              fi
+      - name: 'Check if values.yaml is a valid instance of values.schema.json'
+        run: |
+          for chart_yaml in helm/*/Chart.yaml; do
+            helm_dir="${chart_yaml%/Chart.yaml}"
 
-            else
-              # values file not included in PR, nothing to see here
-              echo "values.yaml not included in this PR"
-              exit 0
+            if [ ! -f ${helm_dir}/values.schema.json ]; then
+              echo "Skipping validation for '${helm_dir}' folder, because 'values.schema.json' does not exist..."
+              continue
             fi
 
-          else
-
-            # if grep returns negative then there isn't a values.schema.json to check
-            echo "No values.schema.json file found in branch '${GITHUB_BASE_REF}', nothing to check"
-            exit 0
+            values=${helm_dir}/values.yaml
+            if [ -f ${helm_dir}/ci/ci-values.yaml ]; then
+              # merge ci-values.yaml into values.yaml (providing required values)
+              echo -e "\nMerged values:\n=============="
+              yq '. *= load("'${helm_dir}'/ci/ci-values.yaml")' ${helm_dir}/values.yaml | tee ${helm_dir}/combined-values.yaml
+              echo -e "\n==============\n"
+              values=${helm_dir}/combined-values.yaml
+            fi
 
-          fi
+            ${HOME}/yajsv -s ${helm_dir}/values.schema.json ${values}
+          done
diff --git a/.github/workflows/zz_generated.create_release.yaml b/.github/workflows/zz_generated.create_release.yaml
@@ -1,6 +1,6 @@
 # DO NOT EDIT. Generated with:
 #
-#    devctl@5.9.0
+#    devctl@6.5.0
 #
 name: Create Release
 on:
@@ -50,7 +50,7 @@ jobs:
           fi
           version="${version#v}" # Strip "v" prefix.
           echo "version=\"${version}\""
-          echo "::set-output name=version::${version}"
+          echo "version=${version}" >> $GITHUB_OUTPUT
       - name: Checkout code
         if: ${{ steps.get_version.outputs.version != '' }}
         uses: actions/checkout@v3
@@ -63,7 +63,7 @@ jobs:
             path=''
           fi
           echo "path=\"$path\""
-          echo "::set-output name=path::${path}"
+          echo "path=${path}" >> $GITHUB_OUTPUT
       - name: Check if reference version
         id: ref_version
         run: |
@@ -81,7 +81,7 @@ jobs:
             refversion=true
           fi
           echo "refversion =\"${refversion}\""
-          echo "::set-output name=refversion::${refversion}"
+          echo "refversion=${refversion}" >> $GITHUB_OUTPUT
   update_project_go:
     name: Update project.go
     runs-on: ubuntu-20.04
@@ -90,12 +90,12 @@ jobs:
       - gather_facts
     steps:
       - name: Install architect
-        uses: giantswarm/install-binary-action@v1.0.0
+        uses: giantswarm/install-binary-action@v1.1.0
         with:
           binary: "architect"
-          version: "6.1.0"
+          version: "6.11.0"
       - name: Install semver
-        uses: giantswarm/install-binary-action@v1.0.0
+        uses: giantswarm/install-binary-action@v1.1.0
         with:
           binary: "semver"
           version: "3.2.0"
@@ -114,30 +114,30 @@ jobs:
           version="${{ needs.gather_facts.outputs.version }}"
           new_version="$(semver bump patch $version)-dev"
           echo "version=\"$version\" new_version=\"$new_version\""
-          echo "::set-output name=new_version::${new_version}"
+          echo "new_version=${new_version}" >> $GITHUB_OUTPUT
           sed -Ei "s/(version[[:space:]]*=[[:space:]]*)\"${version}\"/\1\"${new_version}\"/" $file
           if git diff --exit-code $file ; then
             echo "error: no changes in \"$file\"" >&2
             exit 1
           fi
       - name: Set up git identity
         run: |
-          git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
-          git config --local user.name "github-actions[bot]"
+          git config --local user.email "dev@giantswarm.io"
+          git config --local user.name "taylorbot"
       - name: Commit changes
         run: |
           file="${{ needs.gather_facts.outputs.project_go_path }}"
           git add $file
           git commit -m "Bump version to ${{ steps.update_project_go.outputs.new_version }}"
       - name: Push changes
         env:
-          REMOTE_REPO: "https://${{ github.actor }}:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git"
+          REMOTE_REPO: "https://${{ github.actor }}:${{ secrets.TAYLORBOT_GITHUB_ACTION }}@github.com/${{ github.repository }}.git"
           branch: "${{ github.ref }}-version-bump"
         run: |
           git push "${REMOTE_REPO}" HEAD:${{ env.branch }}
       - name: Create PR
         env:
-          GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+          GITHUB_TOKEN: "${{ secrets.TAYLORBOT_GITHUB_ACTION }}"
           base: "${{ github.ref }}"
           branch: "${{ github.ref }}-version-bump"
           version: "${{ needs.gather_facts.outputs.version }}"
@@ -171,22 +171,22 @@ jobs:
           path: ./CHANGELOG.md
       - name: Set up git identity
         run: |
-          git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
-          git config --local user.name "github-actions[bot]"
+          git config --local user.email "dev@giantswarm.io"
+          git config --local user.name "taylorbot"
       - name: Create tag
         run: |
           version="${{ needs.gather_facts.outputs.version }}"
           git tag "v$version" ${{ github.sha }}
       - name: Push tag
         env:
-          REMOTE_REPO: "https://${{ github.actor }}:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git"
+          REMOTE_REPO: "https://${{ github.actor }}:${{ secrets.TAYLORBOT_GITHUB_ACTION }}@github.com/${{ github.repository }}.git"
         run: |
           git push "${REMOTE_REPO}" --tags
       - name: Create release
         id: create_gh_release
         uses: actions/create-release@v1
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: "${{ secrets.TAYLORBOT_GITHUB_ACTION }}"
         with:
           body: ${{ steps.changelog_reader.outputs.changes }}
           tag_name: "v${{ needs.gather_facts.outputs.version }}"
@@ -200,7 +200,7 @@ jobs:
     if: ${{ needs.gather_facts.outputs.version }}
     steps:
       - name: Install semver
-        uses: giantswarm/install-binary-action@v1.0.0
+        uses: giantswarm/install-binary-action@v1.1.0
         with:
           binary: "semver"
           version: "3.0.0"