actions

nycmeshnet · Apr 28, 2024 · c998325 · c998325
1 parent a4a5c3b
commit c998325
Show file tree

Hide file tree

Showing 3 changed files with 63 additions and 0 deletions.
diff --git a/.github/workflows/checkov.yaml b/.github/workflows/checkov.yaml
@@ -3,6 +3,8 @@ name: Checkov
 on:
   push:
     branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
   workflow_dispatch:
 
 permissions: read-all

diff --git a/.github/workflows/helm_lint.yaml b/.github/workflows/helm_lint.yaml
@@ -0,0 +1,45 @@
+name: Lint and Test Chart
+
+on: pull_request
+
+jobs:
+  lint-test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Set up Helm
+        uses: azure/setup-helm@v3
+        with:
+          version: v3.14.0
+
+      - uses: actions/setup-python@v4
+        with:
+          python-version: '3.12'
+          check-latest: true
+
+      - name: Set up chart-testing
+        uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1
+
+      - name: Run chart-testing (list-changed)
+        id: list-changed
+        run: |
+          changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }})
+          if [[ -n "$changed" ]]; then
+            echo "changed=true" >> "$GITHUB_OUTPUT"
+          fi
+
+      - name: Run chart-testing (lint)
+        if: steps.list-changed.outputs.changed == 'true'
+        run: ct lint --target-branch ${{ github.event.repository.default_branch }}
+
+      - name: Create kind cluster
+        if: steps.list-changed.outputs.changed == 'true'
+        uses: helm/[email protected]
+
+      - name: Run chart-testing (install)
+        if: steps.list-changed.outputs.changed == 'true'
+        run: ct install --target-branch ${{ github.event.repository.default_branch }}
diff --git a/.github/workflows/publish-and-deploy.yaml b/.github/workflows/publish-and-deploy.yaml
@@ -51,3 +51,19 @@ jobs:
         if_key_exists: fail # replace / ignore / fail; optional (defaults to fail)
     - name: Pull new Docker image
       run: ssh ${{ secrets.GRANDSVC_SSH_TARGET }} "cd ${{ secrets.GRANDSVC_PROJECT_PATH }} && git pull && docker compose pull && docker compose up -d"
+
+  deploy_to_dev0:
+    name: Deploy to dev0
+    needs: push_to_registry
+    runs-on: ubuntu-latest
+    steps:
+    - name: Install SSH key
+      uses: shimataro/ssh-key-action@d4fffb50872869abe2d9a9098a6d9c5aa7d16be4 # v2
+      with:
+        key: ${{ secrets.DEV0_KEY }}
+        name: id_ed25519 # optional
+        known_hosts: ${{ secrets.DEV0_KNOWN_HOSTS }}
+        #config: ${{ secrets.CONFIG }} # ssh_config; optional
+        if_key_exists: fail # replace / ignore / fail; optional (defaults to fail)
+    - name: Pull new Docker image
+      run: ssh ${{ secrets.DEV0_SSH_TARGET }} "cd ${{ secrets.DEV0_PROJECT_PATH }} && git pull && cd infra/helm/meshdb && helm template . -f values.yaml -f ${{ secrets.DEV0_HELM_SECRETS_PATH }} | kubectl apply -f -"