Skip to content

Do not risk exposing unauthenticated webhook port on container #415

Do not risk exposing unauthenticated webhook port on container

Do not risk exposing unauthenticated webhook port on container #415

name: Lint and Test Chart
on:
pull_request:
paths:
- "charts/external-dns/**"
jobs:
lint-test:
if: github.repository == 'kubernetes-sigs/external-dns'
runs-on: ubuntu-latest
defaults:
run:
shell: bash
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0
- name: Install Helm Docs
uses: action-stars/install-tool-from-github-release@ece2623611b240002e0dd73a0d685505733122f6 # v0.2.4
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
owner: norwoodj
repository: helm-docs
arch_amd64: x86_64
os_linux: Linux
check_command: helm-docs --version
version: latest
- name: Run Helm Docs check
run: |
set -euo pipefail
helm-docs
if [[ -n "$(git status --porcelain --untracked-files=no)" ]]
then
echo "Documentation not up to date. Please run helm-docs and commit changes!" >&2
exit 1
fi
- name: Install Artifact Hub CLI
uses: action-stars/install-tool-from-github-release@ece2623611b240002e0dd73a0d685505733122f6 # v0.2.4
with:
github_token: ${{ github.token }}
owner: artifacthub
repository: hub
name: ah
check_command: ah version
version: latest
- name: Run Artifact Hub lint
run: ah lint --kind helm || exit 1
- name: Install Helm
uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0
with:
token: ${{ github.token }}
version: latest
- name: Install Python
uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
with:
token: ${{ github.token }}
python-version: "3.x"
- name: Set-up chart-testing
uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1
- name: Check for changes
id: changes
run: |
changed=$(ct list-changed)
if [[ -n "$changed" ]]; then
echo "changed=true" >> "${GITHUB_OUTPUT}"
fi
- name: Run chart-testing lint
run: ct lint --check-version-increment=false
- name: Create Kind cluster
if: steps.changes.outputs.changed == 'true'
uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0
with:
wait: 120s
- name: Run chart-testing install
if: steps.changes.outputs.changed == 'true'
run: ct install