chore: update repository structure and workflows (#3)

* fix version increment check by moving chart back to charts directory
* pre-commit: add local hook for linting
* publish: create GitHub release after chart publish
* ci: set permissions on job level
* Update repository README.md

Author: bonddim

.github/workflows/ci.yml

@@ -6,12 +6,11 @@ on:
     branches:
       - main
 
-permissions:
-  contents: read
-
 jobs:
   lint:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     steps:
       - name: Checkout
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
@@ -31,4 +30,4 @@ jobs:
         uses: helm/chart-testing-action@6ec842c01de15ebb84c8627d2744a0c2f2755c9f # v2.8.0
 
       - name: Run chart-testing (lint)
-        run: ct lint --use-helmignore --charts .
+        run: ct lint

.github/workflows/publish.yaml

@@ -6,23 +6,17 @@ on:
     branches:
       - main
     paths:
-      - templates/**
-      - Chart.yaml
-      - values.yaml
-      - README.md
-
-permissions:
-  contents: read
-  packages: write
+      - charts
 
 jobs:
   publish:
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      packages: write
     steps:
       - name: Checkout
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          fetch-depth: 0
 
       - name: Login to GHCR
         uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
@@ -31,8 +25,16 @@ jobs:
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Package  helm charts
-        run: helm dependency build && helm package .
+      - name: Get chart version
+        run: echo "CHART_VERSION=$(helm show chart charts/base | yq .version)" | tee -a $GITHUB_ENV
+
+      - name: Package helm chart
+        run: helm package --dependency-update charts/base
 
       - name: Push chart to GHCR
-        run: helm push base-*.tgz oci://ghcr.io/${{ github.repository_owner }}/helm-charts
+        run: helm push base-${CHART_VERSION}.tgz oci://ghcr.io/${{ github.repository_owner }}/helm-charts
+
+      - name: Create GitHub Release
+        run: gh release create "${CHART_VERSION}" --title "${CHART_VERSION}" --generate-notes
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.pre-commit-config.yaml

@@ -8,7 +8,7 @@ repos:
       - id: check-executables-have-shebangs
       - id: check-shebang-scripts-are-executable
       - id: check-yaml
-        exclude: "^templates/.*\\.ya?ml$"
+        exclude: "^charts/.*/templates/.*\\.ya?ml$"
       - id: end-of-file-fixer
       - id: trailing-whitespace
 
@@ -17,5 +17,16 @@ repos:
     hooks:
       - id: helm-docs-container
         args:
-          - --chart-search-root=.
+          - --chart-search-root=charts
           - --sort-values-order=file
+
+  - repo: local
+    hooks:
+      - id: helm-chart-testing
+        name: Helm Chart Testing
+        language: docker_image
+        alias: ct
+        files: "^charts/"
+        pass_filenames: false
+        require_serial: false
+        entry: quay.io/helmpack/chart-testing ct lint

README.md

@@ -1,140 +1,45 @@
-# base
+# Helm Base Chart
 
-![Version: 0.1.1](https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
+[![Last Commit](https://img.shields.io/github/last-commit/bonddim/helm-base-chart/main?style=flat-square)](https://github.com/bonddim/helm-base-chart/commits/main)
+[![Latest Release](https://img.shields.io/github/v/release/bonddim/helm-base-chart?style=flat-square)](https://github.com/bonddim/helm-base-chart/releases)
 
-Base Helm chart for Kubernetes - fully values-driven.
+A simple, straightforward Helm chart driven entirely by `values.yaml` for deploying standard Kubernetes resources - scaffolded from `helm create` and intentionally kept close to that structure so anyone can read, understand, and maintain it without prior knowledge of the chart.
 
-## Maintainers
+## Usage
 
-| Name | Email | Url |
-| ---- | ------ | --- |
-| bonddim |  |  |
+The chart is published to GitHub Container Registry as an OCI artifact.
+You may install it directly with your own values - **no wrapper chart, no boilerplate templates required**:
 
-## Source Code
+```bash
+helm install my-release oci://ghcr.io/bonddim/helm-charts/base --values values.yaml
+```
 
-* <https://github.com/bonddim/helm-base-chart>
+```bash
+helm upgrade --install my-release oci://ghcr.io/bonddim/helm-charts/base --values values.yaml
+```
 
-## Values
+A minimal `values.yaml` to get started:
 
-### Global parameters
+```yaml
+image:
+  repository: my-app
+  tag: "1.0.0"
 
-| Key | Type | Default | Description |
-|-----|------|---------|-------------|
-| global.imageRegistry | string | `""` | Global image registry. Used as the default for all charts, but can be overridden by individual chart values. |
-| global.imageTag | string | `""` | Global image tag used as the default for all charts. Can be overridden by individual chart values. |
+service:
+  enabled: true
+  port: 8080
 
-### Common parameters
+ingress:
+  enabled: true
+  className: nginx
+  hosts:
+    - host: my-app.example.com
+      paths:
+        - path: /
+          pathType: Prefix
+```
 
-| Key | Type | Default | Description |
-|-----|------|---------|-------------|
-| nameOverride | string | `""` | Override resource names (partially) |
-| fullnameOverride | string | `""` | Override resource names (fully) |
-| commonLabels | object | `{}` | Labels to add to all deployed resources |
-| commonAnnotations | object | `{}` | Annotations to add to all deployed resources |
+See [values.yaml](charts/base/values.yaml) and [README.md](charts/base/README.md) for the full list of configurable parameters.
 
-### Workload parameters
-
-| Key | Type | Default | Description |
-|-----|------|---------|-------------|
-| annotations | object | `{}` | Additional annotations on the Deployment resource itself. |
-| labels | object | `{}` | Additional labels on the Deployment resource itself. |
-| replicas | int | `nil` | Number of pod replicas. Ignored when autoscaling.enabled=true. Must be >= 0 if specified. null by default, which defaults to 1 and not controlled by Helm. |
-| strategy | object | `{}` | Deployment update strategy. e.g. { type: RollingUpdate, rollingUpdate: { maxSurge: 1, maxUnavailable: 0 } } |
-| revisionHistoryLimit | int | `nil` | Number of old ReplicaSets to retain. |
-| podAnnotations | object | `{}` | Additional annotations on the Pod template. |
-| podLabels | object | `{}` | Additional labels on the Pod template. |
-| podSecurityContext | object | `{}` | Pod-level security context. |
-| imagePullSecrets | list | `[]` | Image pull secrets (list of { name: ... }). |
-| automountServiceAccountToken | bool | `nil` | Whether to auto-mount the service account token to the pod. |
-| initContainers | object/list | `{}` | Init containers (values are tpl-rendered). |
-| sidecarContainers | object/list | `{}` | Sidecar containers (values are tpl-rendered). |
-| volumes | object/list | `{}` | Volumes (values are tpl-rendered). |
-| nodeSelector | object | `{}` | Node selector for pod scheduling. |
-| tolerations | list | `[]` | Tolerations for pod scheduling. |
-| affinity | object | `{}` | Pod affinity/anti-affinity rules. |
-| topologySpreadConstraints | list | `[]` | Topology spread constraints. |
-| dnsPolicy | string | `""` | DNS policy for the pod. |
-| priorityClassName | string | `""` | Priority class name. |
-| terminationGracePeriodSeconds | int | `nil` | Grace period (seconds) before forceful termination. |
-| enableServiceLinks | bool | `nil` | Enable Kubernetes service links injected as env vars. |
-| image.registry | string | `""` | Container image registry. |
-| image.repository | string | `""` | Container image repository. |
-| image.tag | string | `""` | Container image tag. Defaults to Chart.AppVersion when empty. @default latest |
-| image.pullPolicy | string | `nil` | Image pull policy. |
-| command | list | `[]` | Override the container entrypoint. |
-| args | list | `[]` | Arguments to the entrypoint. |
-| env | object/list | `{}` | Environment variables (tpl-rendered). |
-| envFrom | list | `[]` | envFrom sources (tpl-rendered). |
-| extraPorts | object/list | `{}` | Extra ports in addition to the primary port derived from service.port. |
-| resources | object | `{}` | Compute resource requests and limits. |
-| securityContext | object | `{}` | Container-level security context. |
-| livenessProbe | object | `{}` | Liveness probe configuration. |
-| readinessProbe | object | `{}` | Readiness probe configuration. |
-| startupProbe | object | `{}` | Startup probe configuration. |
-| lifecycle | object | `{}` | Container lifecycle hooks. |
-| volumeMounts | object/list | `{}` | Volume mounts (tpl-rendered). Key = volume name. |
-
-### Security parameters
-
-| Key | Type | Default | Description |
-|-----|------|---------|-------------|
-| serviceAccount.create | bool | `false` | Whether to create a ServiceAccount resource. |
-| serviceAccount.annotations | object | `{}` | Annotations for the ServiceAccount. |
-| serviceAccount.automount | bool | `nil` | Automatically mount API credentials. |
-| serviceAccount.name | string | `""` | Name of the ServiceAccount. Auto-generated from fullname if empty and create=true. |
-
-### Network parameters
-
-| Key | Type | Default | Description |
-|-----|------|---------|-------------|
-| service.enabled | bool | `false` | Whether to create a Service resource. |
-| service.annotations | object | `{}` | Annotations for the Service. |
-| service.type | string | `"ClusterIP"` | Service type. |
-| service.port | int | `nil` | Primary port exposed by the Service (also used as the container's primary port). |
-| service.targetPort | string | `"http"` | Target port on the container. Defaults to the port name "http". |
-| service.protocol | string | `"TCP"` | Protocol for the primary port. |
-| service.nodePort | string | `nil` | NodePort value (only applies to NodePort/LoadBalancer service types). |
-| service.extraPorts | object | `{}` | Extra ports  Key is the port name. |
-| ingress.enabled | bool | `false` | Whether to create an Ingress resource. |
-| ingress.annotations | object | `{}` | Annotations for the Ingress. |
-| ingress.className | string | `""` | Ingress class name. |
-| ingress.hostnames | list | `[]` | List of hostnames to route traffic to this service. |
-| ingress.paths | list | `[{"path":"/","pathType":"Prefix"}]` | Path rules applied to every hostname. |
-| ingress.tls | object | `{"enabled":false,"secretName":""}` | TLS configuration. |
-| ingress.tls.secretName | string | `""` | Secret name; defaults to "<first-hostname>-tls" when empty. |
-| httpRoute.enabled | bool | `false` | Whether to create an HTTPRoute resource. |
-| httpRoute.annotations | object | `{}` | Annotations for the HTTPRoute. |
-| httpRoute.parentRefs | list | `[]` | Gateway parentRefs this route attaches to. |
-| httpRoute.hostnames | list | `[]` | Hostnames matched by this route. |
-| httpRoute.rules | list | `[]` | Routing rules. backendRefs are auto-populated from the Service. |
-
-### Autoscaling parameters
-
-| Key | Type | Default | Description |
-|-----|------|---------|-------------|
-| autoscaling.enabled | bool | `false` | Whether to create an HPA resource (also suppresses Deployment.spec.replicas). |
-| autoscaling.annotations | object | `{}` | Annotations for the HPA. |
-| autoscaling.labels | object | `{}` | Labels for the HPA. |
-| autoscaling.minReplicas | int | `1` | Minimum number of replicas when autoscaling is enabled. |
-| autoscaling.maxReplicas | int | `10` | Maximum number of replicas when autoscaling is enabled. |
-| autoscaling.targetCPUUtilizationPercentage | int | `80` | Target CPU utilization percentage. |
-| autoscaling.behavior | object | `{}` | Advanced scaling behavior. |
-| autoscaling.metrics | list | `[]` | Additional custom metrics (appended to the generated metrics list). |
-
-### ConfigMap parameters
-
-| Key | Type | Default | Description |
-|-----|------|---------|-------------|
-| configMap.enabled | bool | `false` | Whether to create a ConfigMap resource. |
-| configMap.annotations | object | `{}` | Annotations for the ConfigMap. |
-| configMap.labels | object | `{}` | Labels for the ConfigMap. |
-| configMap.data | object | `{}` | Key/value data for the ConfigMap. |
-
-### Extras
-
-| Key | Type | Default | Description |
-|-----|------|---------|-------------|
-| extraObjects | object/list | `[]` | Render additional Kubernetes manifests. Each entry may be a string (with Go template expressions) or a YAML object. |
-
-----------------------------------------------
-Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)
+## Contributing
+Contributions are welcome! Please open an issue or submit a pull request with any improvements or bug fixes.

.helmignore charts/base/.helmignore.helmignore renamed to charts/base/.helmignore

@@ -22,5 +22,3 @@
 .idea/
 *.tmproj
 .vscode/
-# Ignore pre-commit config file
-.pre-commit-config.yaml