Skip to content

Commit

Permalink
Use existing kubeconfig from workspace
Browse files Browse the repository at this point in the history
  • Loading branch information
@WyriHaximus
WyriHaximus committed Nov 14, 2020
1 parent 40b2863 commit 696536f
Show file tree
Hide file tree
Showing 74 changed files with 7,961 additions and 112 deletions.
21 changes: 0 additions & 21 deletions .docker/security/docker-compose.yml
View file

This file was deleted.

150 changes: 78 additions & 72 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,4 @@
name: Continuous Integration
env:
DOCKER_IMAGE: wyrihaximusgithubactions/helm3
DOCKER_BUILDKIT: 1
on:
push:
branches:
Expand All @@ -14,7 +11,9 @@ jobs:
outputs:
REF: ${{ steps.generate-ref.outputs.ref }}
steps:
- run: helm version
- uses: actions/checkout@v1
- run: helm version
- id: generate-ref
name: Generate Ref
run: |
Expand All @@ -26,68 +25,8 @@ jobs:
fi
echo "${GITHUB_REF##*/}"
echo "::set-output name=ref::${GITHUB_REF##*/}"
lint-dockerfile:
name: Lint Dockerfile
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Lint Dockerfile
uses: docker://hadolint/hadolint:latest-debian
with:
entrypoint: hadolint
args: Dockerfile-build
build-docker-image:
name: Build Docker image
needs:
- generate-ref
- lint-dockerfile
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- run: docker version
- run: docker images
- name: Install clair-scanner
run: |
sudo curl -L https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64 -o /usr/local/bin/clair-scanner
sudo chmod +x /usr/local/bin/clair-scanner
- run: docker images
- run: mkdir -p $(echo "./clair/${DOCKER_IMAGE}:${REF}" | tr '[:upper:]' '[:lower:]')
env:
REF: ${{ needs.generate-ref.outputs.ref }}
- run: docker-compose -f .docker/security/docker-compose.yml -p clair-ci up -d
- run: docker build --no-cache -t "${DOCKER_IMAGE}:${REF}" . -f Dockerfile-build --target=runtime
env:
REF: ${{ needs.generate-ref.outputs.ref }}
- run: docker tag "${DOCKER_IMAGE}:${REF}" "${DOCKER_IMAGE}:sha-${GITHUB_SHA}"
env:
REF: ${{ needs.generate-ref.outputs.ref }}
- run: echo -e "${DOCKER_IMAGE}:${REF}" | xargs -I % sh -c 'clair-scanner --ip 172.17.0.1 -r "./clair/%.json" -l ./clair/clair.log % || (echo "% is vulnerable" && exit 1)'
env:
REF: ${{ needs.generate-ref.outputs.ref }}
- run: docker-compose -f .docker/security/docker-compose.yml -p clair-ci down
- run: docker images
- name: Login to Docker Hub
if: contains(github.ref, 'dependabot') == false
env:
DOCKER_USER: ${{ secrets.HUB_USERNAME }}
DOCKER_PASSWORD: ${{ secrets.HUB_PASSCODE }}
run: |
echo "${{ secrets.DOCKER_PASSWORD }}" | \
docker login \
--username "${{ secrets.DOCKER_USER }}" \
--password-stdin
- name: Push branch image to Docker Hub
if: contains(github.ref, 'dependabot') == false
run: docker push "${DOCKER_IMAGE}:${REF}"
env:
REF: ${{ needs.generate-ref.outputs.ref }}
- name: Push commit sha image to Docker Hub
if: contains(github.ref, 'dependabot') == false
run: docker push "${DOCKER_IMAGE}:sha-${GITHUB_SHA}"
tests-helm-works:
name: "Testing Helm Command: ${{ matrix.exec }}"
needs:
- build-docker-image
runs-on: ubuntu-latest
strategy:
matrix:
Expand All @@ -100,19 +39,16 @@ jobs:
- "helm env"
steps:
- uses: actions/checkout@v1
- run: sed -i "s/master/sha-${GITHUB_SHA}/g" Dockerfile
- uses: ./
with:
exec: ${{ matrix.exec }}
kubeconfig: tada
tests-helm-output:
name: "Testing Helm Output"
needs:
- build-docker-image
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- run: sed -i "s/master/sha-${GITHUB_SHA}/g" Dockerfile
- run: helm version
- uses: ./
id: helm3
with:
Expand All @@ -130,14 +66,11 @@ jobs:
php -r "exit(strpos('${HELM_OUTPUT}', 'https://helm.wyrihaximus.net/') !== false ? 0 : 255);"
env:
HELM_OUTPUT: ${{ steps.helm3.outputs.helm_output }}
tests-helm-install:
name: "Testing Helm Install"
needs:
- build-docker-image
tests-helm-install-input:
name: "Testing Helm Install (input)"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- run: sed -i "s/master/sha-${GITHUB_SHA}/g" Dockerfile
- name: Create k8s Kind Cluster
uses: helm/[email protected]
- name: Get running image ID
Expand Down Expand Up @@ -191,6 +124,7 @@ jobs:
id: helmlistcountseccond
with:
exec: |
helm list
printf "::set-output name=count::%s" $(helm list | grep ducker-hub-exporter | wc -l)
kubeconfig: ${{ steps.kubeconfig.outputs.kubeconfig }}
- run: |
Expand All @@ -208,9 +142,81 @@ jobs:
id: helmlistcountthird
with:
exec: |
helm list
printf "::set-output name=count::%s" $(helm list | grep ducker-hub-exporter | wc -l)
kubeconfig: ${{ steps.kubeconfig.outputs.kubeconfig }}
- run: |
php -r "exit('${COUNT}' === '0' ? 0 : 255);"
env:
COUNT: ${{ steps.helmlistcountthird.outputs.count }}
tests-helm-install-file:
name: "Testing Helm Install (file)"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Create k8s Kind Cluster
uses: helm/[email protected]
- name: Get running image ID
id: ps
run: printf "::set-output name=id::%s" $(docker ps --format "{{.ID}}")
env:
IMAGE: ${{ steps.build.outputs.tag }}
- name: Get running image IP
id: inspect
run: printf "::set-output name=ip::%s" $(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' ${IMAGE_ID})
env:
IMAGE_ID: ${{ steps.ps.outputs.id }}
- run: sed -i "s/127.0.0.1:32768/${KIND_IP}:6443/g" ~/.kube/config
env:
KIND_IP: ${{ steps.inspect.outputs.ip }}
- name: List installed packages
uses: ./
id: helmlistcountfirst
with:
exec: |
env
helm version
printf "::set-output name=count::%s" $(helm list | grep ducker-hub-exporter | wc -l)
- run: |
php -r "exit('${COUNT}' === '0' ? 0 : 255);"
env:
COUNT: ${{ steps.helmlistcountfirst.outputs.count }}
- name: Install ducker-hub-exporter
uses: ./
id: helm3
with:
exec: |
helm repo add WyriHaximusNet https://helm.wyrihaximus.net/
helm install ducker-hub-exporter WyriHaximusNet/docker-hub-exporter --atomic
- name: List installed packages
uses: ./
with:
exec: |
helm list
- name: List installed packages
uses: ./
id: helmlistcountseccond
with:
exec: |
helm version
printf "::set-output name=count::%s" $(helm list | grep ducker-hub-exporter | wc -l)
- run: |
php -r "exit('${COUNT}' === '1' ? 0 : 255);"
env:
COUNT: ${{ steps.helmlistcountseccond.outputs.count }}
- name: UnInstall ducker-hub-exporter
uses: ./
with:
exec: |
helm uninstall ducker-hub-exporter
- name: List installed packages
uses: ./
id: helmlistcountthird
with:
exec: |
helm version
printf "::set-output name=count::%s" $(helm list | grep ducker-hub-exporter | wc -l)
- run: |
php -r "exit('${COUNT}' === '0' ? 0 : 255);"
env:
COUNT: ${{ steps.helmlistcountthird.outputs.count }}
1 change: 0 additions & 1 deletion Dockerfile
View file

This file was deleted.

14 changes: 0 additions & 14 deletions Dockerfile-build
View file

This file was deleted.

4 changes: 2 additions & 2 deletions action.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,5 +11,5 @@ inputs:
description: 'The full helm command to run (including helm)'
required: false
runs:
using: 'docker'
image: 'Dockerfile'
using: 'node12'
main: 'main.js'
10 changes: 8 additions & 2 deletions entrypoint.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,14 @@
set -e

echo -e "\033[36mSetting up kubectl configuration\033[0m"
mkdir -p ~/.kube/
echo "${INPUT_KUBECONFIG}" > ~/.kube/config

mkdir ~/.kube/ || true
if [ -f "~/.kube/config" ]; then
echo -e "\033[36mExisting kubeconfig found, using that and ignoring input\033[0m"
else
echo -e "\033[36mUsing kubeconfig from input\033[0m"
echo "${INPUT_KUBECONFIG}" > ~/.kube/config
fi

echo -e "\033[36mPreparing helm execution\033[0m"
echo "${INPUT_EXEC}" > run.sh
Expand Down
19 changes: 19 additions & 0 deletions main.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
const fs = require('fs');
const { execFileSync } = require('child_process');
const tmp = require('tmp');

tmp.setGracefulCleanup();

const tmpobj = tmp.fileSync({
mode: 0o744,
prefix: 'helm-exec-',
postfix: '.sh',
discardDescriptor: true,
});

fs.appendFile(tmpobj.name, process.env.INPUT_EXEC, function (err) {
if (err) throw err;

console.log(execFileSync(tmpobj.name).toString().split('%').join('%25').split('\n').join('%0A').split('\r').join('%0D'));
// console.log('::set-output name=helm_output::' + execFileSync(tmpobj.name).toString().split('%').join('%25').split('\n').join('%0A').split('\r').join('%0D'));
});
1 change: 1 addition & 0 deletions node_modules/.bin/rimraf
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 5 additions & 0 deletions node_modules/balanced-match/.npmignore
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

21 changes: 21 additions & 0 deletions node_modules/balanced-match/LICENSE.md
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit 696536f

Please sign in to comment.