From 3241bda49427c7c9b9ddec4c7c1fb41b1f1506f5 Mon Sep 17 00:00:00 2001
From: Richard Tief <richard.tief@sap.com>
Date: Thu, 17 Oct 2024 14:19:38 +0200
Subject: [PATCH] chore(gh-actions): add helm lint and test

---
 .github/configs/helm-lint.yaml      | 10 ++++
 .github/workflows/helm-lint.yaml    | 74 +++++++++++++++++++++++++++++
 .github/workflows/helm-release.yaml | 12 ++---
 3 files changed, 90 insertions(+), 6 deletions(-)
 create mode 100644 .github/configs/helm-lint.yaml
 create mode 100644 .github/workflows/helm-lint.yaml

diff --git a/.github/configs/helm-lint.yaml b/.github/configs/helm-lint.yaml
new file mode 100644
index 0000000..153489f
--- /dev/null
+++ b/.github/configs/helm-lint.yaml
@@ -0,0 +1,10 @@
+# SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Greenhouse contributors
+# SPDX-License-Identifier: Apache-2.0
+
+# See https://github.com/helm/chart-testing#configuration
+remote: origin
+target-branch: main
+validate-maintainers: false
+check-version-increment: false
+chart-dirs:
+  - charts/kubernetes-operations
diff --git a/.github/workflows/helm-lint.yaml b/.github/workflows/helm-lint.yaml
new file mode 100644
index 0000000..fbcdffb
--- /dev/null
+++ b/.github/workflows/helm-lint.yaml
@@ -0,0 +1,74 @@
+name: "Helm lint and tests"
+on:
+  pull_request:
+    types: [ opened, synchronize, reopened ]
+
+env:
+  REGISTRY: ghcr.io
+
+jobs:
+  helm-lint-test:
+    runs-on: [ default ]
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Set up Helm
+        uses: azure/setup-helm@v4.2.0
+
+      - uses: actions/setup-python@v5
+        with:
+          python-version: 3.9
+          check-latest: true
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Set up chart-linting and chart-testing
+        uses: helm/chart-testing-action@v2.6.1
+
+      - name: Run chart-linting (list-changed)
+        id: list-changed
+        run: |
+          changed=$(ct list-changed --config .github/configs/helm-lint.yaml --target-branch ${{ github.event.repository.default_branch }})
+          if [[ -n "$changed" ]]; then
+            echo "changed=true" >> "$GITHUB_OUTPUT"
+          fi
+
+      - name: Run chart-linting
+        if: steps.list-changed.outputs.changed == 'true'
+        run: ct lint --config .github/configs/helm-lint.yaml --target-branch ${{ github.event.repository.default_branch }}
+
+      - name: Run chart-testing (list-changed)
+        id: chart-test-list-changed
+        run: |
+          changed=$(ct list-changed --config .github/configs/helm-test.yaml --target-branch ${{ github.event.repository.default_branch }})
+          if [[ -n "$changed" ]]; then
+            echo "changed=true" >> "$GITHUB_OUTPUT"
+          fi
+
+      - name: Check version bump
+        id: check-bump
+        if: steps.list-changed.outputs.changed == 'true'
+        continue-on-error: true
+        run: |
+          for chart in $(ct list-changed --config .github/configs/helm-lint.yaml --target-branch ${{ github.event.repository.default_branch }}); do
+            chart_version=$(yq .version "$chart/Chart.yaml")
+            if helm pull "oci://${{ env.REGISTRY }}/${{ github.repository }}/charts/$(dirname $chart)" --version $chart_version; then
+              echo "chart=$(dirname $chart)" >> "$GITHUB_OUTPUT"
+              echo "chart_version=${chart_version}" >> "$GITHUB_OUTPUT"
+              echo "needsbump=true" >> "$GITHUB_OUTPUT"
+            fi
+          done
+
+      - uses: actions/github-script@v7
+        if: steps.check-bump.outputs.needsbump == 'true'
+        with:
+          script: |
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: ':warning: Chart `oci://${{ env.REGISTRY }}/${{ github.repository }}/charts/${{ steps.check-bump.outputs.chart }}:${{ steps.check-bump.outputs.chart_version }}` already exists in OCI registry. Please increment the chart version.'
+            })
+            core.setFailed(`Action failed with error: Chart version bump required`);
diff --git a/.github/workflows/helm-release.yaml b/.github/workflows/helm-release.yaml
index a1ff422..df3a778 100644
--- a/.github/workflows/helm-release.yaml
+++ b/.github/workflows/helm-release.yaml
@@ -47,12 +47,6 @@ jobs:
             check-latest: true
             token: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Run chart-releaser
-        uses: helm/chart-releaser-action@v1.6.0
-        env:
-          CR_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          CR_GENERATE_RELEASE_NOTES: true
-
       - name: Log into registry ${{ env.REGISTRY }}
         if: github.event_name != 'pull_request'
         uses: docker/login-action@v3
@@ -97,3 +91,9 @@ jobs:
           helm package ${{ matrix.chartDir }} -d ${{ matrix.chartDir }}
           PKG_NAME=`ls ${{ matrix.chartDir }}/*.tgz`
           helm push ${PKG_NAME} oci://${{ env.REGISTRY }}/${{ github.repository }}/charts/
+
+      - name: Run chart-releaser
+        uses: helm/chart-releaser-action@v1.6.0
+        env:
+          CR_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          CR_GENERATE_RELEASE_NOTES: true