Joe/gh-actions

.github/actions/chart-package/action.yml

@@ -0,0 +1,51 @@
+name: 'Package Helm Charts'
+description: 'Package all Helm charts and prepare release artifacts'
+inputs:
+  app-dir:
+    description: 'Application directory containing charts'
+    default: 'applications/wg-easy'
+  helm-version:
+    description: 'Helm version to use'
+    default: '3.17.3'
+  use-cache:
+    description: 'Whether to use dependency cache'
+    default: 'true'
+outputs:
+  release-path:
+    description: 'Path to release artifacts'
+    value: ${{ inputs.app-dir }}/release
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Setup tools
+      uses: ./.github/actions/setup-tools
+      with:
+        helm-version: ${{ inputs.helm-version }}
+
+    - name: Cache Helm dependencies
+      if: inputs.use-cache == 'true'
+      uses: actions/cache@v4
+      with:
+        path: |
+          ${{ inputs.app-dir }}/charts/*/charts
+          ${{ inputs.app-dir }}/Chart.lock
+        key: helm-deps-${{ hashFiles(format('{0}/charts/*/Chart.yaml', inputs.app-dir)) }}
+
+    - name: Package charts
+      shell: bash
+      working-directory: ${{ inputs.app-dir }}
+      run: task chart-package-all
+
+    - name: Verify release contents
+      shell: bash
+      working-directory: ${{ inputs.app-dir }}
+      run: |
+        echo "Verifying release directory contents:"
+        ls -la release/
+        echo "Checking required files:"
+        test -f release/application.yaml
+        test -f release/config.yaml
+        test -f release/cluster.yaml
+        echo "Chart packages:"
+        find release/ -name "*.tgz" | wc -l | grep -v "^0$"

.github/actions/chart-validate/action.yml

@@ -0,0 +1,35 @@
+name: 'Validate Helm Charts'
+description: 'Validate all Helm charts using Task-based operations'
+inputs:
+  app-dir:
+    description: 'Application directory containing charts'
+    default: 'applications/wg-easy'
+  helm-version:
+    description: 'Helm version to use'
+    default: '3.17.3'
+  use-cache:
+    description: 'Whether to use dependency cache'
+    default: 'true'
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Setup tools
+      uses: ./.github/actions/setup-tools
+      with:
+        helm-version: ${{ inputs.helm-version }}
+        install-helmfile: 'true'
+
+    - name: Cache Helm dependencies
+      if: inputs.use-cache == 'true'
+      uses: actions/cache@v4
+      with:
+        path: |
+          ${{ inputs.app-dir }}/charts/*/charts
+          ${{ inputs.app-dir }}/Chart.lock
+        key: helm-deps-${{ hashFiles(format('{0}/charts/*/Chart.yaml', inputs.app-dir)) }}
+
+    - name: Validate charts
+      shell: bash
+      working-directory: ${{ inputs.app-dir }}
+      run: task chart-validate

.github/actions/replicated-release/action.yml

@@ -0,0 +1,48 @@
+name: 'Create Replicated Release'
+description: 'Create channel and release using Task-based operations'
+inputs:
+  app-dir:
+    description: 'Application directory containing charts'
+    default: 'applications/wg-easy'
+  channel-name:
+    description: 'Release channel name'
+    required: true
+  channel-id:
+    description: 'Release channel ID (optional, takes precedence over channel-name)'
+    required: false
+  release-version:
+    description: 'Release version'
+    default: '0.0.1'
+  release-notes:
+    description: 'Release notes'
+    default: 'Release created via GitHub Actions'
+
+outputs:
+  channel-id:
+    description: 'Channel ID created or found'
+    value: ${{ steps.channel.outputs.channel-id }}
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Setup tools
+      uses: ./.github/actions/setup-tools
+
+    - name: Create channel
+      id: channel
+      shell: bash
+      working-directory: ${{ inputs.app-dir }}
+      run: |
+        CHANNEL_ID=$(task channel-create RELEASE_CHANNEL="${{ inputs.channel-name }}" --silent | tail -1)
+        echo "channel-id=$CHANNEL_ID" >> $GITHUB_OUTPUT
+        echo "Created/found channel with ID: $CHANNEL_ID"
+
+    - name: Create release
+      shell: bash
+      working-directory: ${{ inputs.app-dir }}
+      run: |
+        task release-create \
+          RELEASE_CHANNEL_ID="${{ steps.channel.outputs.channel-id }}" \
+          RELEASE_CHANNEL="${{ inputs.channel-name }}" \
+          RELEASE_VERSION="${{ inputs.release-version }}" \
+          RELEASE_NOTES="${{ inputs.release-notes }}"

.github/actions/setup-tools/action.yml

@@ -0,0 +1,94 @@
+name: 'Setup Common Tools'
+description: 'Setup Helm, Task, yq, kubectl, preflight, helmfile, and Replicated CLI'
+inputs:
+  helm-version:
+    description: 'Helm version'
+    default: '3.17.3'
+  kubectl-version:
+    description: 'kubectl version'
+    default: 'v1.30.0'
+  app-dir:
+    description: 'Application directory'
+    default: 'applications/wg-easy'
+  install-kubectl:
+    description: 'Whether to install kubectl'
+    default: 'false'
+  install-preflight:
+    description: 'Whether to install preflight'
+    default: 'false'
+  install-helmfile:
+    description: 'Whether to install helmfile'
+    default: 'false'
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Setup Helm
+      uses: azure/setup-helm@v4
+      with:
+        version: ${{ inputs.helm-version }}
+
+    - name: Setup Task
+      uses: arduino/setup-task@v2
+      with:
+        version: 3.x
+        repo-token: ${{ github.token }}
+
+    - name: Setup kubectl
+      if: inputs.install-kubectl == 'true'
+      uses: azure/setup-kubectl@v4
+      with:
+        version: ${{ inputs.kubectl-version }}
+
+    - name: Cache tools
+      uses: actions/cache@v4
+      with:
+        path: |
+          /usr/local/bin/yq
+          /usr/local/bin/preflight
+          /usr/local/bin/helmfile
+          ~/.replicated
+        key: tools-${{ runner.os }}-yq-v4.44.3-preflight-v0.95.0-helmfile-v0.170.0-replicated-latest
+        restore-keys: |
+          tools-${{ runner.os }}-yq-v4.44.3-preflight-v0.95.0-helmfile-v0.170.0-
+
+    - name: Install yq
+      shell: bash
+      run: |
+        if [ ! -f /usr/local/bin/yq ]; then
+          echo "Installing yq v4.44.3..."
+          sudo wget https://github.com/mikefarah/yq/releases/download/v4.44.3/yq_linux_amd64 -O /usr/local/bin/yq
+          sudo chmod +x /usr/local/bin/yq
+        else
+          echo "yq already installed (cached)"
+        fi
+
+    - name: Install preflight CLI
+      if: inputs.install-preflight == 'true'
+      shell: bash
+      run: |
+        if [ ! -f /usr/local/bin/preflight ]; then
+          echo "Installing preflight v0.95.0..."
+          curl -L https://github.com/replicatedhq/troubleshoot/releases/download/v0.95.0/preflight_linux_amd64.tar.gz | tar xz
+          sudo mv preflight /usr/local/bin/
+        else
+          echo "preflight already installed (cached)"
+        fi
+
+    - name: Install helmfile
+      if: inputs.install-helmfile == 'true'
+      shell: bash
+      run: |
+        if [ ! -f /usr/local/bin/helmfile ]; then
+          echo "Installing helmfile v0.170.0..."
+          curl -L https://github.com/helmfile/helmfile/releases/download/v0.170.0/helmfile_0.170.0_linux_amd64.tar.gz | tar xz
+          sudo mv helmfile /usr/local/bin/
+          sudo chmod +x /usr/local/bin/helmfile
+        else
+          echo "helmfile already installed (cached)"
+        fi
+
+    - name: Install Replicated CLI
+      shell: bash
+      working-directory: ${{ inputs.app-dir }}
+      run: task utils:install-replicated-cli

.github/actions/test-deployment/action.yml

@@ -0,0 +1,125 @@
+name: 'Test Deployment'
+description: 'Test deployment using customer workflow'
+inputs:
+  app-dir:
+    description: 'Application directory containing charts'
+    default: 'applications/wg-easy'
+  customer-name:
+    description: 'Customer name for testing'
+    required: true
+  cluster-name:
+    description: 'Cluster name for testing'
+    required: true
+  channel-name:
+    description: 'Channel name for testing'
+    required: false
+  channel-id:
+    description: 'Channel ID for testing (optional, takes precedence over channel-name)'
+    required: false
+  helm-version:
+    description: 'Helm version to use'
+    default: '3.17.3'
+  cleanup:
+    description: 'Whether to cleanup resources after testing'
+    default: 'false'
+
+outputs:
+  customer-license:
+    description: 'Customer license ID used for testing'
+    value: ${{ steps.license.outputs.license-id }}
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Setup tools
+      uses: ./.github/actions/setup-tools
+      with:
+        helm-version: ${{ inputs.helm-version }}
+        install-helmfile: 'true'
+
+    - name: Create customer
+      shell: bash
+      working-directory: ${{ inputs.app-dir }}
+      env:
+        REPLICATED_APP: ${{ env.REPLICATED_APP }}
+        REPLICATED_API_TOKEN: ${{ env.REPLICATED_API_TOKEN }}
+      run: |
+        if [ -n "${{ inputs.channel-id }}" ]; then
+          task customer-create \
+            CUSTOMER_NAME="${{ inputs.customer-name }}" \
+            RELEASE_CHANNEL_ID="${{ inputs.channel-id }}"
+        else
+          task customer-create \
+            CUSTOMER_NAME="${{ inputs.customer-name }}" \
+            RELEASE_CHANNEL="${{ inputs.channel-name }}"
+        fi
+
+    - name: Get customer license
+      id: license
+      shell: bash
+      working-directory: ${{ inputs.app-dir }}
+      env:
+        REPLICATED_APP: ${{ env.REPLICATED_APP }}
+        REPLICATED_API_TOKEN: ${{ env.REPLICATED_API_TOKEN }}
+      run: |
+        LICENSE_ID=$(task utils:get-customer-license CUSTOMER_NAME="${{ inputs.customer-name }}" --silent | tail -1)
+        echo "license-id=$LICENSE_ID" >> $GITHUB_OUTPUT
+        echo "::add-mask::$LICENSE_ID"
+
+    - name: Create cluster with retry
+      uses: nick-fields/[email protected]
+      with:
+        timeout_minutes: 20
+        retry_wait_seconds: 30
+        max_attempts: 3
+        command: |
+          cd ${{ inputs.app-dir }}
+          export REPLICATED_APP="${{ env.REPLICATED_APP }}"
+          export REPLICATED_API_TOKEN="${{ env.REPLICATED_API_TOKEN }}"
+          task cluster-create CLUSTER_NAME="${{ inputs.cluster-name }}"
+
+    - name: Setup cluster
+      shell: bash
+      working-directory: ${{ inputs.app-dir }}
+      env:
+        REPLICATED_APP: ${{ env.REPLICATED_APP }}
+        REPLICATED_API_TOKEN: ${{ env.REPLICATED_API_TOKEN }}
+      run: |
+        task setup-kubeconfig CLUSTER_NAME="${{ inputs.cluster-name }}"
+        task cluster-ports-expose CLUSTER_NAME="${{ inputs.cluster-name }}"
+
+    - name: Deploy application
+      shell: bash
+      working-directory: ${{ inputs.app-dir }}
+      env:
+        REPLICATED_APP: ${{ env.REPLICATED_APP }}
+        REPLICATED_API_TOKEN: ${{ env.REPLICATED_API_TOKEN }}
+      run: |
+        if [ -n "${{ inputs.channel-id }}" ]; then
+          task customer-helm-install \
+            CUSTOMER_NAME="${{ inputs.customer-name }}" \
+            CLUSTER_NAME="${{ inputs.cluster-name }}" \
+            CHANNEL_ID="${{ inputs.channel-id }}" \
+            REPLICATED_LICENSE_ID="${{ steps.license.outputs.license-id }}"
+        else
+          task customer-helm-install \
+            CUSTOMER_NAME="${{ inputs.customer-name }}" \
+            CLUSTER_NAME="${{ inputs.cluster-name }}" \
+            CHANNEL_SLUG="${{ inputs.channel-name }}" \
+            REPLICATED_LICENSE_ID="${{ steps.license.outputs.license-id }}"
+        fi
+
+    - name: Run tests
+      shell: bash
+      working-directory: ${{ inputs.app-dir }}
+      env:
+        REPLICATED_APP: ${{ env.REPLICATED_APP }}
+        REPLICATED_API_TOKEN: ${{ env.REPLICATED_API_TOKEN }}
+      run: task test
+
+    # - name: Cleanup resources
+    #   if: inputs.cleanup == 'true'
+    #   shell: bash
+    #   working-directory: ${{ inputs.app-dir }}
+    #   run: |
+    #     task cleanup-pr-resources BRANCH_NAME="${{ inputs.customer-name }}"