Merge pull request #3141 from manics/ovh-prime #1692
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This is a GitHub workflow defining a set of jobs with a set of steps. | |
# ref: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions | |
# | |
name: Test helm template --validate | |
on: | |
pull_request: | |
paths: | |
- "mybinder/**" | |
- "config/**" | |
- ".github/workflows/test-helm-template.yaml" | |
push: | |
paths: | |
- "mybinder/**" | |
- "config/**" | |
- ".github/workflows/test-helm-template.yaml" | |
branches-ignore: | |
- "dependabot/**" | |
- "pre-commit-ci-update-config" | |
- "update-*" | |
workflow_dispatch: | |
jobs: | |
# Validate rendered helm templates against a k8s api-server with a | |
# matching version of where we look to deploy. | |
# | |
helm-template: | |
runs-on: ubuntu-20.04 | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
# FIXME: The k3s-channel should preferably be deduced from the k8s | |
# clusters control plane's version rather than hardcoded. See | |
# https://github.com/jupyterhub/binderhub/issues/1495 about an | |
# idea on how to get that version dynamically. | |
# | |
- release: staging | |
k3s-channel: "v1.24" | |
- release: prod | |
k3s-channel: "v1.24" | |
- release: ovh2 | |
k3s-channel: "v1.24" | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version-file: ".python-version" | |
- run: helm dependency update ./mybinder | |
# Starts a k8s cluster with NetworkPolicy enforcement and installs both | |
# kubectl and helm. | |
# | |
# ref: https://github.com/jupyterhub/action-k3s-helm/ | |
- uses: jupyterhub/action-k3s-helm@v4 | |
with: | |
k3s-channel: ${{ matrix.k3s-channel }} | |
metrics-enabled: false | |
traefik-enabled: false | |
docker-enabled: true | |
# The k8s api-server will not recognize custom resources unless we have | |
# installed the associated CRDs defining them first. | |
# | |
# At this point in time, the mybinder chart only includes custom resources | |
# from cert-manager. | |
# | |
- name: Install cert-manager CRDs | |
run: | | |
. cert-manager.env | |
kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/${CERT_MANAGER_VERSION}/cert-manager.crds.yaml | |
- name: "helm template --validate (cert-manager chart)" | |
run: | | |
. cert-manager.env | |
echo "cert-manager version: ${CERT_MANAGER_VERSION}" | |
helm template --validate cert-manager cert-manager \ | |
--repo=https://charts.jetstack.io \ | |
--version=${CERT_MANAGER_VERSION} \ | |
--values=config/cert-manager.yaml | |
- name: "helm template --validate (mybinder chart)" | |
run: | | |
helm template --validate mybinder ./mybinder \ | |
--values=config/${{ matrix.release }}.yaml \ | |
--values=config/test-secrets.yaml |