Automation

[difabion]

Add some nice-to-haves for the updating workflow:

Github Actions

on pull request:
✅ lint chart
✅ test chart against some basic configurations

on pull request commit:
✅ check version in chart.yaml
✅ if new version, tag main at latest commit

on tag:
✅ sync readme from main to gh-pages
✅ helm package new tag
✅ helm index
✅ Either push commit to repo or create PR for review and manual merging

[difabion]

Automation to tag and publish new helm releases is covered by #20.

[difabion]

Actions currently has only read permissions, automation will fail until it has write permissions.

[difabion]

Automation to tag and publish new helm releases is covered by #20.

This has been refactored and is working much better now.

[difabion]

Trying out stackrox/kube-linter for linting on PRs and commits. Stock out of the box, this is the output of linting chart 0.5.0:

% kube-linter lint .
KubeLinter 0.3.0

templates/deployment.yaml: (object: <no namespace>/test-release-benthos apps/v1, Kind=Deployment) container "benthos" does not have a read-only root file system (check: no-read-only-root-fs, remediation: Set readOnlyRootFilesystem to true in the container securityContext.)

templates/deployment.yaml: (object: <no namespace>/test-release-benthos apps/v1, Kind=Deployment) container "benthos" is not set to runAsNonRoot (check: run-as-non-root, remediation: Set runAsUser to a non-zero number and runAsNonRoot to true in your pod or container securityContext. Refer to https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ for details.)

templates/deployment.yaml: (object: <no namespace>/test-release-benthos apps/v1, Kind=Deployment) container "benthos" has cpu request 0 (check: unset-cpu-requirements, remediation: Set CPU requests and limits for your container based on its requirements. Refer to https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#requests-and-limits for details.)

templates/deployment.yaml: (object: <no namespace>/test-release-benthos apps/v1, Kind=Deployment) container "benthos" has cpu limit 0 (check: unset-cpu-requirements, remediation: Set CPU requests and limits for your container based on its requirements. Refer to https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#requests-and-limits for details.)

templates/deployment.yaml: (object: <no namespace>/test-release-benthos apps/v1, Kind=Deployment) container "benthos" has memory request 0 (check: unset-memory-requirements, remediation: Set memory requests and limits for your container based on its requirements. Refer to https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#requests-and-limits for details.)

templates/deployment.yaml: (object: <no namespace>/test-release-benthos apps/v1, Kind=Deployment) container "benthos" has memory limit 0 (check: unset-memory-requirements, remediation: Set memory requests and limits for your container based on its requirements. Refer to https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#requests-and-limits for details.)

Error: found 6 lint errors

There are some potential enhancements from this list, but needs some more consideration.

EDIT: The linter will exclude these checks for now.

[difabion]

This may be a good local alternative to shitposting commits just to test GitHub Actions:

https://github.com/nektos/act

[difabion]

Act is awesome, confirmed.

Re: linting, it is in place and SARIF uploads are available in the code scanning tool in the repo.

[difabion]

Basic testing added to actions.