Skip to content

Commit

Permalink
fix: helm generation checker pipeline (#1209)
Browse files Browse the repository at this point in the history 
Signed-off-by: odubajDT <ondrej.dubaj@dynatrace.com>
  • Loading branch information
@odubajDT
odubajDT committed Apr 12, 2023
1 parent b261172 commit 72396cd
Show file tree
Hide file tree
Showing 18 changed files with 3,562 additions and 3,554 deletions.
23 changes: 9 additions & 14 deletions .github/workflows/validate-helm-chart.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,23 +69,18 @@ jobs:
path: ./bin
key: build-tools-${{ github.ref_name }}

- name: Generate current YAML
run: |
helm template helm/chart > current.yaml
- name: Generate new Helm Chart
- name: Generate helm charts
env:
RELEASE_REGISTRY: ghcr.keptn.sh/keptn
run: make helm-package

- name: Generate new YAML
run: |
helm template helm/chart > new.yaml
- name: Compare YAML files
- name: Compare YAML file changes
run: |
if ! diff -rq current.yaml new.yaml &>/dev/null; then
echo "Helm charts were not re-generated. Please regenerate them using make helm-package"
exit 1
else
if [ -z "$(git status --porcelain)" ]; then
echo ""
echo "There are no changes in the manifests"
else
echo ""
echo "Helm charts were not re-generated. Please regenerate them using make helm-package RELEASE_REGISTRY=ghcr.keptn.sh/keptn"
exit 1
fi
9 changes: 7 additions & 2 deletions .yamllint
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,15 @@ ignore: |
**/rendered/release.yaml
examples/support/observability/config/prometheus
dashboards/grafana
operator/config/crd/bases
metrics-operator/config/crd/bases
operator/config/crd/bases/*
metrics-operator/config/crd/bases/*
klt-cert-manager/config/crd/bases/*
operator/config/rbac/role.yaml
metrics-operator/config/rbac/role.yaml
klt-cert-manager/config/rbac/role.yaml
helm/chart/templates
helm/chart/rendered.yaml
helm/chart/values.yaml
helmchart.yaml

rules:
Expand Down
60 changes: 30 additions & 30 deletions helm/chart/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ certificateOperator:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
- ALL
readOnlyRootFilesystem: true
runAsGroup: 65532
runAsUser: 65532
Expand Down Expand Up @@ -56,7 +56,7 @@ lifecycleOperator:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
- ALL
privileged: false
runAsGroup: 65532
runAsNonRoot: true
Expand Down Expand Up @@ -104,16 +104,16 @@ lifecycleOperator:
topologySpreadConstraints: []
lifecycleOperatorMetricsService:
ports:
- name: metrics
port: 2222
protocol: TCP
targetPort: metrics
- name: metrics
port: 2222
protocol: TCP
targetPort: metrics
type: ClusterIP
lifecycleWebhookService:
ports:
- port: 443
protocol: TCP
targetPort: 9443
- port: 443
protocol: TCP
targetPort: 9443
type: ClusterIP
metricsManagerConfig:
controllerManagerConfigYaml:
Expand All @@ -132,7 +132,7 @@ metricsOperator:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
- ALL
env:
exposeKeptnMetrics: "true"
metricsControllerLogLevel: "0"
Expand Down Expand Up @@ -164,23 +164,23 @@ metricsOperator:
topologySpreadConstraints: []
metricsOperatorService:
ports:
- name: https
port: 8443
protocol: TCP
targetPort: https
- name: custom-metrics
port: 443
targetPort: custom-metrics
- name: metrics
port: 9999
protocol: TCP
targetPort: metrics
- name: https
port: 8443
protocol: TCP
targetPort: https
- name: custom-metrics
port: 443
targetPort: custom-metrics
- name: metrics
port: 9999
protocol: TCP
targetPort: metrics
type: ClusterIP
metricsWebhookService:
ports:
- port: 443
protocol: TCP
targetPort: 9443
- port: 443
protocol: TCP
targetPort: 9443
type: ClusterIP
scheduler:
nodeSelector: {}
Expand All @@ -190,7 +190,7 @@ scheduler:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
- ALL
privileged: false
readOnlyRootFilesystem: true
runAsNonRoot: true
Expand Down Expand Up @@ -228,8 +228,8 @@ schedulerConfig:
leaderElection:
leaderElect: false
profiles:
- plugins:
permit:
enabled:
- name: KLCPermit
schedulerName: keptn-scheduler
- plugins:
permit:
enabled:
- name: KLCPermit
schedulerName: keptn-scheduler
100 changes: 50 additions & 50 deletions klt-cert-manager/config/rbac/role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,44 +5,44 @@ metadata:
creationTimestamp: null
name: certificate-operator-role
rules:
- apiGroups:
- admissionregistration.k8s.io
resources:
- mutatingwebhookconfigurations
verbs:
- get
- list
- patch
- update
- watch
- apiGroups:
- admissionregistration.k8s.io
resources:
- validatingwebhookconfigurations
verbs:
- get
- list
- patch
- update
- watch
- apiGroups:
- apiextensions.k8s.io
resources:
- customresourcedefinitions
verbs:
- get
- list
- patch
- update
- watch
- apiGroups:
- apps
resources:
- deployments
verbs:
- get
- list
- watch
- apiGroups:
- admissionregistration.k8s.io
resources:
- mutatingwebhookconfigurations
verbs:
- get
- list
- patch
- update
- watch
- apiGroups:
- admissionregistration.k8s.io
resources:
- validatingwebhookconfigurations
verbs:
- get
- list
- patch
- update
- watch
- apiGroups:
- apiextensions.k8s.io
resources:
- customresourcedefinitions
verbs:
- get
- list
- patch
- update
- watch
- apiGroups:
- apps
resources:
- deployments
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
Expand All @@ -51,15 +51,15 @@ metadata:
name: certificate-operator-role
namespace: keptn-lifecycle-toolkit-system
rules:
- apiGroups:
- ""
resources:
- secrets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- secrets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
Loading

0 comments on commit 72396cd

Please sign in to comment.