Helm

Bump version #2

Workflow file for this run

	name: Helm

	on:
	push:
	branches: [main]
	paths:
	- 'helm/**'
	- '.github/workflows/helm.yml'
	pull_request:
	branches: [main]
	paths:
	- 'helm/**'
	- '.github/workflows/helm.yml'

	jobs:
	# Lint the Helm chart
	helm-lint:
	name: Helm Lint
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4

	- name: Set up Helm
	uses: azure/setup-helm@v4
	with:
	version: v3.14.0

	- name: Add Bitnami repo (for dependencies)
	run: helm repo add bitnami https://charts.bitnami.com/bitnami

	- name: Update dependencies
	run: helm dependency update helm/hadrian

	- name: Lint chart
	run: helm lint helm/hadrian

	- name: Lint chart (strict mode)
	run: helm lint helm/hadrian --strict

	- name: Validate values schema
	run: \|
	# Validate that values.yaml conforms to values.schema.json
	npm install -g ajv-cli ajv-formats
	ajv validate -s helm/hadrian/values.schema.json -d helm/hadrian/values.yaml --spec=draft2020 -c ajv-formats

	# Validate template rendering with various configurations
	helm-template:
	name: Helm Template (${{ matrix.scenario }})
	runs-on: ubuntu-latest
	strategy:
	fail-fast: false
	matrix:
	include:
	# Default configuration (SQLite + memory cache)
	- scenario: default
	values: ""
	api_versions: ""

	# PostgreSQL subchart enabled
	- scenario: postgresql
	values: \|
	postgresql:
	enabled: true
	auth:
	password: testpassword
	gateway:
	database:
	type: postgres
	api_versions: ""

	# Redis subchart enabled
	- scenario: redis
	values: \|
	redis:
	enabled: true
	auth:
	password: testpassword
	gateway:
	cache:
	type: redis
	api_versions: ""

	# Full production setup
	- scenario: production
	values: \|
	replicaCount: 3
	postgresql:
	enabled: true
	auth:
	password: testpassword
	redis:
	enabled: true
	auth:
	password: testpassword
	gateway:
	database:
	type: postgres
	cache:
	type: redis
	autoscaling:
	enabled: true
	minReplicas: 2
	maxReplicas: 10
	podDisruptionBudget:
	enabled: true
	minAvailable: 1
	topologySpreadConstraints:
	- maxSkew: 1
	topologyKey: topology.kubernetes.io/zone
	whenUnsatisfiable: DoNotSchedule
	api_versions: ""

	# Ingress enabled
	- scenario: ingress
	values: \|
	ingress:
	enabled: true
	className: nginx
	hosts:
	- host: gateway.example.com
	paths:
	- path: /
	pathType: Prefix
	tls:
	- secretName: gateway-tls
	hosts:
	- gateway.example.com
	api_versions: ""

	# NetworkPolicy enabled
	- scenario: networkpolicy
	values: \|
	networkPolicy:
	enabled: true
	ingress:
	allowSameNamespace: true
	egress:
	dns:
	enabled: true
	https:
	enabled: true
	api_versions: ""

	# ServiceMonitor enabled (requires prometheus-operator CRDs)
	- scenario: servicemonitor
	values: \|
	serviceMonitor:
	enabled: true
	interval: 30s
	labels:
	release: prometheus
	podMonitor:
	enabled: true
	prometheusRule:
	enabled: true
	api_versions: "monitoring.coreos.com/v1"

	# cert-manager integration
	- scenario: certmanager
	values: \|
	ingress:
	enabled: true
	className: nginx
	hosts:
	- host: gateway.example.com
	paths:
	- path: /
	pathType: Prefix
	certManager:
	enabled: true
	issuer:
	name: letsencrypt-prod
	kind: ClusterIssuer
	api_versions: "cert-manager.io/v1"

	# Gateway API HTTPRoute
	- scenario: gatewayapi
	values: \|
	gatewayAPI:
	enabled: true
	parentRefs:
	- name: main-gateway
	namespace: gateway-system
	hostnames:
	- gateway.example.com
	api_versions: "gateway.networking.k8s.io/v1"

	# Init containers and sidecars
	- scenario: sidecars
	values: \|
	initContainers:
	waitForDb:
	enabled: true
	migrate:
	enabled: true
	sidecars:
	vaultAgent:
	enabled: true
	role: hadrian
	vaultAddr: http://vault.vault:8200
	secrets:
	- name: api-keys
	path: secret/data/hadrian/api-keys
	template: \|
	{{ with secret "secret/data/hadrian/api-keys" }}
	OPENAI_API_KEY={{ .Data.data.openai }}
	{{ end }}
	postgresql:
	enabled: true
	auth:
	password: testpassword
	gateway:
	database:
	type: postgres
	api_versions: ""

	# File storage with PVC
	- scenario: filestorage
	values: \|
	persistence:
	enabled: true
	size: 5Gi
	fileStorage:
	enabled: true
	persistence:
	enabled: true
	size: 10Gi
	api_versions: ""

	steps:
	- uses: actions/checkout@v4

	- name: Set up Helm
	uses: azure/setup-helm@v4
	with:
	version: v3.14.0

	- name: Add Bitnami repo
	run: helm repo add bitnami https://charts.bitnami.com/bitnami

	- name: Update dependencies
	run: helm dependency update helm/hadrian

	- name: Create values file
	if: matrix.values != ''
	run: \|
	cat > /tmp/test-values.yaml << 'EOF'
	${{ matrix.values }}
	EOF

	- name: Template chart
	run: \|
	set -euo pipefail

	# Build arguments as an array for proper quoting
	ARGS=("helm/hadrian" "--debug")

	if [ -n "${{ matrix.values }}" ]; then
	ARGS+=("-f" "/tmp/test-values.yaml")
	fi

	# Add API versions for CRDs that may not be in default Kubernetes
	if [ -n "${{ matrix.api_versions }}" ]; then
	IFS=',' read -ra API_VERSIONS <<< "${{ matrix.api_versions }}"
	for api in "${API_VERSIONS[@]}"; do
	ARGS+=("--api-versions" "$api")
	done
	fi

	echo "Running: helm template test ${ARGS[*]}"
	helm template test "${ARGS[@]}" > /tmp/rendered.yaml

	- name: Validate rendered manifests
	run: \|
	# Check that output is valid YAML
	echo "Validating YAML syntax..."
	cat /tmp/rendered.yaml \| head -100

	# Count resources generated
	RESOURCE_COUNT=$(grep -c "^kind:" /tmp/rendered.yaml \|\| echo "0")
	echo "Generated $RESOURCE_COUNT Kubernetes resources"

	if [ "$RESOURCE_COUNT" -eq 0 ]; then
	echo "ERROR: No resources generated"
	exit 1
	fi

	- name: Upload rendered manifests
	uses: actions/upload-artifact@v4
	with:
	name: rendered-${{ matrix.scenario }}
	path: /tmp/rendered.yaml
	retention-days: 5

	# Install and test in a kind cluster
	helm-test:
	name: Helm Test (kind)
	runs-on: ubuntu-latest
	needs: [helm-lint, helm-template]
	steps:
	- uses: actions/checkout@v4

	- name: Set up Helm
	uses: azure/setup-helm@v4
	with:
	version: v3.14.0

	- name: Create kind cluster
	uses: helm/kind-action@v1
	with:
	cluster_name: helm-test
	wait: 120s

	- name: Add Bitnami repo
	run: helm repo add bitnami https://charts.bitnami.com/bitnami

	- name: Update dependencies
	run: helm dependency update helm/hadrian

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Build Docker image
	uses: docker/build-push-action@v6
	with:
	context: .
	load: true
	tags: hadrian-gateway:test
	cache-from: type=gha
	cache-to: type=gha,mode=max

	- name: Load image into kind
	run: kind load docker-image hadrian-gateway:test --name helm-test

	- name: Create test values
	run: \|
	cat > /tmp/kind-test-values.yaml << 'EOF'
	image:
	repository: hadrian-gateway
	tag: test
	pullPolicy: Never

	# Use test provider (no external API calls)
	gateway:
	providers:
	defaultProvider: "test"
	test:
	enabled: true

	# Minimal resources for CI
	resources:
	requests:
	cpu: 100m
	memory: 128Mi
	limits:
	cpu: 500m
	memory: 512Mi

	# Enable tests
	tests:
	enabled: true
	connection:
	retries: 10
	retryDelay: 3
	api:
	enabled: true
	EOF

	- name: Install chart
	run: \|
	helm install hadrian helm/hadrian \
	-f /tmp/kind-test-values.yaml \
	--wait \
	--timeout 5m

	- name: Check deployment status
	run: \|
	kubectl get pods -l app.kubernetes.io/name=hadrian
	kubectl get svc -l app.kubernetes.io/name=hadrian

	- name: Wait for pod ready
	run: \|
	kubectl wait --for=condition=ready pod \
	-l app.kubernetes.io/name=hadrian \
	--timeout=120s

	- name: Check pod logs
	if: always()
	run: \|
	echo "=== Pod logs ==="
	kubectl logs -l app.kubernetes.io/name=hadrian --tail=50 \|\| true

	- name: Run Helm tests
	run: \|
	if ! helm test hadrian --timeout 2m; then
	echo "=== Helm test failed, gathering debug info ==="
	echo "=== Pod descriptions ==="
	kubectl describe pods -l app.kubernetes.io/component=test \|\| true
	echo "=== All pod statuses ==="
	kubectl get pods -A \|\| true
	exit 1
	fi

	- name: Check test results
	if: always()
	run: \|
	echo "=== Test pod logs ==="
	kubectl logs hadrian-test-connection \|\| true
	kubectl logs hadrian-test-api \|\| true

	- name: Cleanup
	if: always()
	run: \|
	helm uninstall hadrian \|\| true
	kind delete cluster --name helm-test \|\| true

	# Package chart (only on main branch)
	helm-package:
	name: Helm Package
	runs-on: ubuntu-latest
	needs: [helm-lint, helm-template]
	if: github.ref == 'refs/heads/main'
	steps:
	- uses: actions/checkout@v4

	- name: Set up Helm
	uses: azure/setup-helm@v4
	with:
	version: v3.14.0

	- name: Add Bitnami repo
	run: helm repo add bitnami https://charts.bitnami.com/bitnami

	- name: Update dependencies
	run: helm dependency update helm/hadrian

	- name: Package chart
	run: helm package helm/hadrian -d /tmp/charts

	- name: Upload packaged chart
	uses: actions/upload-artifact@v4
	with:
	name: helm-chart
	path: /tmp/charts/*.tgz
	retention-days: 30

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump version #2

Workflow file

Bump version #2

Uh oh!

Workflow file for this run