From 6f844b7b135fcd0ea3997139ab882093610da3c4 Mon Sep 17 00:00:00 2001 From: Brave Okafor Date: Mon, 25 Mar 2024 10:51:10 +0100 Subject: [PATCH] Added `Chart Testing` GitHub Action, to Lint and Install Chart on PR (#7) --- .github/workflows/ci.yaml | 179 ++++++++++++++++++ README.md | 4 + charts/ct-lint.yaml | 13 ++ charts/surrealdb/Chart.yaml | 8 +- charts/surrealdb/README.md | 89 +++++++++ charts/surrealdb/README.md.gotmpl | 95 ++++++++++ .../templates/tests/test-connection.yaml | 2 +- charts/surrealdb/values.yaml | 70 ++++++- 8 files changed, 449 insertions(+), 11 deletions(-) create mode 100644 .github/workflows/ci.yaml create mode 100644 charts/ct-lint.yaml create mode 100644 charts/surrealdb/README.md create mode 100644 charts/surrealdb/README.md.gotmpl diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml new file mode 100644 index 0000000..fc55667 --- /dev/null +++ b/.github/workflows/ci.yaml @@ -0,0 +1,179 @@ +name: Test Charts + +on: + workflow_dispatch: + pull_request: + paths: + - "charts/**" + +permissions: + contents: read + +env: + HELM_DOCS_VERSION: "1.13.1" + +concurrency: + group: ${{ github.workflow }}-${{ github.event.number || github.ref }} + cancel-in-progress: true + +jobs: + lint-chart: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Set up Helm + uses: azure/setup-helm@v3 + with: + version: v3.6.3 + + - name: Set up python + uses: actions/setup-python@v4 + with: + python-version: 3.7 + + - name: Set up chart-testing + uses: helm/chart-testing-action@v2.6.0 + + - name: Run chart-testing (lint) + run: ct lint --config charts/ct-lint.yaml + + lint-docs: + runs-on: ubuntu-latest + permissions: + contents: write + packages: write + id-token: write + needs: lint-chart + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: install helm-docs + run: | + cd /tmp + wget https://github.com/norwoodj/helm-docs/releases/download/v${{env.HELM_DOCS_VERSION}}/helm-docs_${{env.HELM_DOCS_VERSION}}_Linux_x86_64.tar.gz + tar -xvf helm-docs_${{env.HELM_DOCS_VERSION}}_Linux_x86_64.tar.gz + sudo mv helm-docs /usr/local/sbin + + - name: Run helm-docs + run: | + helm-docs -t README.md.gotmpl -o README.md -b for-the-badge + + kubeval-chart: + runs-on: ubuntu-latest + permissions: + contents: write + packages: write + id-token: write + needs: + - lint-chart + - lint-docs + strategy: + matrix: + k8s: + # from https://github.com/yannh/kubernetes-json-schema + - v1.27.6 + - v1.28.3 + - v1.29.2 + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Set up Helm + uses: azure/setup-helm@v3 + with: + version: v3.6.3 + + - name: Run helm-template + run: | + mkdir manifests + + for dir in charts/*/ + do + helm template "${dir}" > "manifests/$(basename $dir).yaml" + done + - name: Run kubeval + uses: instrumenta/kubeval-action@master + with: + files: "manifests" + version: ${{ matrix.k8s }} + + install-chart: + name: install-chart + runs-on: ubuntu-latest + permissions: + contents: write + packages: write + id-token: write + needs: + - lint-chart + - lint-docs + - kubeval-chart + strategy: + matrix: + k8s: + # from https://hub.docker.com/r/kindest/node/tags + - v1.27.3 # renovate: kindest + - v1.28.0 # renovate: kindest + - v1.29.2 # renovate: kindest + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Create kind ${{ matrix.k8s }} cluster + uses: helm/kind-action@v1.8.0 + with: + node_image: kindest/node:${{ matrix.k8s }} + version: v0.20.0 + + - name: Set up chart-testing + uses: helm/chart-testing-action@v2.6.0 + + - name: Run chart install + run: ct install --config charts/ct-lint.yaml + + # Catch-all required check for test matrix + test-success: + needs: + - lint-chart + - lint-docs + - kubeval-chart + - install-chart + runs-on: ubuntu-latest + permissions: + contents: write + packages: write + id-token: write + timeout-minutes: 1 + if: always() + steps: + - name: Fail for failed or cancelled lint-chart + if: | + needs.lint-chart.result == 'failure' || + needs.lint-chart.result == 'cancelled' + run: exit 1 + - name: Fail for failed or cancelled lint-docs + if: | + needs.lint-docs.result == 'failure' || + needs.lint-docs.result == 'cancelled' + run: exit 1 + - name: Fail for failed or cancelled kubeval-chart + if: | + needs.kubeval-chart.result == 'failure' || + needs.kubeval-chart.result == 'cancelled' + run: exit 1 + - name: Fail for failed or cancelled install-chart + if: | + needs.install-chart.result == 'failure' || + needs.install-chart.result == 'cancelled' + run: exit 1 diff --git a/README.md b/README.md index f2a7237..7f212e8 100644 --- a/README.md +++ b/README.md @@ -2,4 +2,8 @@ Repository containing the SurrealDB Helm Charts +# Usage Read the Kubernetes Deployment guides in https://surrealdb.com/docs/deployment + +# Documentation +You can find documentation about the chart [here](https://github.com/surrealdb/helm-charts/blob/main/charts/surrealdb/README.md). \ No newline at end of file diff --git a/charts/ct-lint.yaml b/charts/ct-lint.yaml new file mode 100644 index 0000000..172655e --- /dev/null +++ b/charts/ct-lint.yaml @@ -0,0 +1,13 @@ +## Reference: https://github.com/helm/chart-testing/blob/master/doc/ct_lint-and-install.md +# Don't add the 'debug' attribute, otherwise the workflow won't work anymore +# Only Used for the CT Lint Stage +remote: origin +target-branch: main +chart-dirs: + - charts +validate-chart-schema: true +validate-chart-values: true +validate-maintainers: true +validate-yaml: true +exclude-deprecated: true +excluded-charts: [] \ No newline at end of file diff --git a/charts/surrealdb/Chart.yaml b/charts/surrealdb/Chart.yaml index 6e31767..b29205b 100644 --- a/charts/surrealdb/Chart.yaml +++ b/charts/surrealdb/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: surrealdb type: application -version: 0.3.2 +version: 0.3.3 appVersion: 1.0.0 description: SurrealDB is the ultimate cloud database for tomorrow's applications. keywords: @@ -12,4 +12,8 @@ keywords: - cloud - tikv home: https://github.com/surrealdb/surrealdb -logoUrl: https://raw.githubusercontent.com/surrealdb/surrealdb/main/img/icon.png +icon: https://raw.githubusercontent.com/surrealdb/surrealdb/main/img/icon.png + +maintainers: + - name: surrealdb + url: https://github.com/surrealdb diff --git a/charts/surrealdb/README.md b/charts/surrealdb/README.md new file mode 100644 index 0000000..ae27208 --- /dev/null +++ b/charts/surrealdb/README.md @@ -0,0 +1,89 @@ +# SurrealDB Helm Chart + +![Version: 0.3.3](https://img.shields.io/badge/Version-0.3.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.0.0](https://img.shields.io/badge/AppVersion-1.0.0-informational?style=flat-square) + +SurrealDB is the ultimate cloud database for tomorrow's applications. + +## Introduction + +This chart facilitates the deployment of [SurrealDB](https://surrealdb.com/docs/surrealdb/) on Kubernetes clusters. + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| surrealdb | | | + +## Usage + +Read the Kubernetes Deployment guides in https://surrealdb.com/docs/deployment + +## Overrides + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| fullnameOverride | string | `""` | String to fully override `"surrealdb"` | +| nameOverride | string | `""` | Provide a name in place of `surrealdb` | + +## General parameters + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | Assign custom [affinity] rules to the deployment | +| args | list | `["start"]` | Command line arguments to pass to SurrealDB | +| nodeSelector | object | `{}` | [Node selector] | +| podAnnotations | object | `{}` | Annotations to be added to SurrealDB pods | +| podSecurityContext | object | `{}` (See [values.yaml]) | Toggle and define pod-level security context. | +| replicaCount | int | `1` | The number of SurrealDB pods to run | +| resources | object | `{}` | Resource limits and requests | +| securityContext | object | `{}` (See [values.yaml]) | SurrealDB container-level security context | +| tolerations | list | `[]` | [Tolerations] for use with node taints | + +## SurrealDB parameters + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| surrealdb.auth | string | `"true"` | Authentication enabled | +| surrealdb.log | string | `"info"` | Log configuration | +| surrealdb.path | string | `"memory"` | path: tikv://tikv-pd:2379 | +| surrealdb.port | int | `8000` | SurrealDB container port | + +## Image parameters + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| image.pullPolicy | string | `"IfNotPresent"` | Image pull policy for SurrealDB | +| image.repository | string | `"surrealdb/surrealdb"` | Repository to use for SurrealDB | +| image.tag | string | `""` (defaults to chart appVersion) | Tag to use for SurrealDB | +| imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | + +## Service parameters + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| service.annotations | object | `{}` | Service annotations | +| service.port | int | `8000` | Service port | +| service.targetPort | string | `"http"` | Target container port | +| service.type | string | `"ClusterIP"` | Service type | + +## Service account parameters + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| serviceAccount.annotations | object | `{}` | Annotations to add to the service account | +| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| serviceAccount.name | string | `""` (defaults to the fullname template) | The name of the service account to use. | + +## Ingress parameters + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| ingress.annotations | object | `{}` | Additional ingress annotations | +| ingress.className | string | `""` | Defines which ingress controller will implement the resource | +| ingress.defaultBackend | bool | `true` | Create default backend | +| ingress.enabled | bool | `false` | Enable an ingress resource | +| ingress.hosts | list | `[]` (See [values.yaml]) | List of hosts to be covered by ingress record | +| ingress.tls | list | `[]` (See [values.yaml]) | List of TLS configuration | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) \ No newline at end of file diff --git a/charts/surrealdb/README.md.gotmpl b/charts/surrealdb/README.md.gotmpl new file mode 100644 index 0000000..bb257b9 --- /dev/null +++ b/charts/surrealdb/README.md.gotmpl @@ -0,0 +1,95 @@ +# SurrealDB Helm Chart + +{{ template "chart.deprecationWarning" . }} + +{{ template "chart.versionBadge" . }}{{ template "chart.typeBadge" . }}{{ template "chart.appVersionBadge" . }} + +{{ template "chart.description" . }} + + +## Introduction + +This chart facilitates the deployment of [SurrealDB](https://surrealdb.com/docs/surrealdb/) on Kubernetes clusters. + +{{ template "chart.sourcesSection" . }} + +{{ template "chart.maintainersSection" . }} + + +## Usage + +Read the Kubernetes Deployment guides in https://surrealdb.com/docs/deployment + + +## Overrides + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if or (eq .Key "nameOverride") (eq .Key "fullnameOverride") }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +## General parameters + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if not (or (hasPrefix "surrealdb" .Key) (hasPrefix "image" .Key) (hasPrefix "ingress" .Key) (hasPrefix "service" .Key) (hasPrefix "serviceAccount" .Key) (or (eq .Key "nameOverride") (eq .Key "fullnameOverride"))) }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +## SurrealDB parameters + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if hasPrefix "surrealdb" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +## Image parameters + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if hasPrefix "image" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +## Service parameters + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if and (hasPrefix "service" .Key) (not (hasPrefix "serviceAccount" .Key))}} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +## Service account parameters + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if hasPrefix "serviceAccount" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +## Ingress parameters + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +{{- range .Values }} + {{- if hasPrefix "ingress" .Key }} +| {{ .Key }} | {{ .Type }} | {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} | {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} | + {{- end }} +{{- end }} + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) \ No newline at end of file diff --git a/charts/surrealdb/templates/tests/test-connection.yaml b/charts/surrealdb/templates/tests/test-connection.yaml index 7bd9c78..3a07282 100644 --- a/charts/surrealdb/templates/tests/test-connection.yaml +++ b/charts/surrealdb/templates/tests/test-connection.yaml @@ -10,5 +10,5 @@ spec: containers: - name: test-isready image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - args: ['isready', '-c', '{{ include "surrealdb.fullname" . }}:{{ .Values.service.port }}'] + args: ['isready', '--endpoint', 'http://{{ include "surrealdb.fullname" . }}:{{ .Values.service.port }}'] restartPolicy: Never diff --git a/charts/surrealdb/values.yaml b/charts/surrealdb/values.yaml index 3a9d0cd..72513d1 100644 --- a/charts/surrealdb/values.yaml +++ b/charts/surrealdb/values.yaml @@ -2,72 +2,126 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. +# -- The number of SurrealDB pods to run replicaCount: 1 image: + # -- Repository to use for SurrealDB repository: surrealdb/surrealdb + # -- Image pull policy for SurrealDB pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. + # -- Tag to use for SurrealDB + # @default -- `""` (defaults to chart appVersion) tag: "" - +# -- Secrets with credentials to pull images from a private registry imagePullSecrets: [] + +# -- Provide a name in place of `surrealdb` nameOverride: "" +# -- String to fully override `"surrealdb"` fullnameOverride: "" +# -- Command line arguments to pass to SurrealDB args: [start] surrealdb: # Datastore path # # * tikv example - # path: tikv://tikv-pd:2379 + # -- path: tikv://tikv-pd:2379 path: memory - # Log configuration + # -- Log configuration log: info - # Authentication enabled + # -- Authentication enabled auth: "true" # If you want to bootstrap the datastore with an initial user, use these values the first time you install the chart # Remember to remove them after the first install, as they are no longer used: # initial_user: "" # initial_pass: "" + + # -- SurrealDB container port port: 8000 # Enable the following for jwks feature # object_cache: "file:/data/cache" # object_store: "file:/data/store" serviceAccount: - # Specifies whether a service account should be created + # -- Specifies whether a service account should be created create: true - # Annotations to add to the service account + # -- Annotations to add to the service account annotations: {} - # The name of the service account to use. # If not set and create is true, a name is generated using the fullname template + # -- The name of the service account to use. + # @default -- `""` (defaults to the fullname template) name: "" +# -- Annotations to be added to SurrealDB pods podAnnotations: {} +# -- Toggle and define pod-level security context. +# @default -- `{}` (See [values.yaml]) podSecurityContext: {} +# runAsUser: 999 +# runAsGroup: 999 +# fsGroup: 999 +# -- SurrealDB container-level security context +# @default -- `{}` (See [values.yaml]) securityContext: {} +# runAsNonRoot: true +# readOnlyRootFilesystem: true +# allowPrivilegeEscalation: false +# seccompProfile: +# type: RuntimeDefault +# capabilities: +# drop: +# - ALL service: + # -- Service annotations + annotations: {} + # -- Service type type: ClusterIP + # -- Service port port: 8000 + # -- Target container port targetPort: http ingress: + # -- Enable an ingress resource enabled: false + # -- Defines which ingress controller will implement the resource className: "" + # -- Additional ingress annotations annotations: {} + # -- List of hosts to be covered by ingress record + # @default -- `[]` (See [values.yaml]) hosts: [] - defaultBackend: true + # - host: surreal.example.com + # paths: + # - path: /* + # pathType: Prefix + # -- Create default backend + defaultBackend: true + # -- List of TLS configuration + # @default -- `[]` (See [values.yaml]) tls: [] + # - hosts: + # - surreal.example.com + # secretName: your-certificate-name +# -- Resource limits and requests resources: {} +# requests: {} +# limits: {} +# -- [Node selector] nodeSelector: {} +# -- [Tolerations] for use with node taints tolerations: [] +# -- Assign custom [affinity] rules to the deployment affinity: {}