ci: standardize CI/CD workflows, add release workflow and Renovate

- CI: single sequential job, local-ubuntu-latest runner, Node 22, workflow_call trigger, npm run commands - Release: new workflow with CI gate, concurrency protection, dynamic package name, tarball validation, gh CLI - Add artifacthub-pkg.yml for Artifact Hub listing - Add renovate.json with recommended config Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-04 00:41:38 +00:00
parent 3b9d007e8b
commit 2a712345ed
4 changed files with 148 additions and 6 deletions
@@ -5,9 +5,10 @@ on:
    branches: [main]
  pull_request:
    branches: [main]
+  workflow_call:

 jobs:
-  lint-and-test:
+  ci:
    runs-on: local-ubuntu-latest
    timeout-minutes: 10

@@ -18,7 +19,7 @@ jobs:
      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
-          node-version: '20'
+          node-version: '22'
          cache: 'npm'

      - name: Install dependencies
@@ -28,13 +29,13 @@ jobs:
        run: npx @kinvolk/headlamp-plugin build

      - name: Lint
-        run: npx eslint --ext .ts,.tsx src/
+        run: npm run lint

      - name: Type-check
-        run: npx tsc --noEmit
+        run: npm run tsc

      - name: Format check
-        run: npx prettier --check src/
+        run: npm run format:check

-      - name: Run unit tests
+      - name: Run tests
        run: npm test
@@ -0,0 +1,106 @@
+name: Release
+
+on:
+  workflow_dispatch:
+    inputs:
+      version:
+        description: 'Release version (e.g. 1.0.0)'
+        required: true
+        type: string
+
+permissions:
+  contents: write
+
+concurrency:
+  group: release
+  cancel-in-progress: false
+
+jobs:
+  ci:
+    uses: ./.github/workflows/ci.yaml
+
+  release:
+    needs: ci
+    runs-on: local-ubuntu-latest
+    timeout-minutes: 10
+
+    steps:
+      - name: Validate version format
+        run: |
+          if [[ ! "${{ inputs.version }}" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+            echo "Error: Version must be in X.Y.Z format"
+            exit 1
+          fi
+
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Configure Git
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+
+      - name: Update version in package.json
+        run: npm version ${{ inputs.version }} --no-git-tag-version
+
+      - name: Update artifacthub-pkg.yml
+        run: |
+          VERSION="${{ inputs.version }}"
+          PKG_NAME=$(jq -r .name package.json)
+          RELEASE_URL="https://github.com/${{ github.repository }}/releases/download/v${VERSION}/${PKG_NAME}-${VERSION}.tar.gz"
+          sed -i "s/^version:.*/version: \"${VERSION}\"/" artifacthub-pkg.yml
+          sed -i "s|headlamp/plugin/archive-url:.*|headlamp/plugin/archive-url: \"${RELEASE_URL}\"|" artifacthub-pkg.yml
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '22'
+          cache: 'npm'
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Build plugin
+        run: npx @kinvolk/headlamp-plugin build
+
+      - name: Package plugin
+        run: npx @kinvolk/headlamp-plugin package
+
+      - name: Prepare release tarball
+        run: |
+          VERSION="${{ inputs.version }}"
+          PKG_NAME=$(jq -r .name package.json)
+          TARBALL="${PKG_NAME}-${VERSION}.tar.gz"
+          mv *.tar.gz "$TARBALL"
+          echo "TARBALL=$TARBALL" >> $GITHUB_ENV
+          echo "PKG_NAME=$PKG_NAME" >> $GITHUB_ENV
+
+      - name: Validate tarball
+        run: |
+          echo "Tarball: ${{ env.TARBALL }}"
+          ls -lh "${{ env.TARBALL }}"
+          tar -tzf "${{ env.TARBALL }}" | head -20
+          tar -tzf "${{ env.TARBALL }}" | grep -q "main.js" || { echo "Error: main.js not found in tarball"; exit 1; }
+
+      - name: Compute checksum
+        run: |
+          CHECKSUM=$(sha256sum "${{ env.TARBALL }}" | awk '{print $1}')
+          echo "CHECKSUM=$CHECKSUM" >> $GITHUB_ENV
+          sed -i "s|headlamp/plugin/archive-checksum:.*|headlamp/plugin/archive-checksum: sha256:${CHECKSUM}|" artifacthub-pkg.yml
+
+      - name: Commit and tag
+        run: |
+          VERSION="${{ inputs.version }}"
+          git add package.json package-lock.json artifacthub-pkg.yml
+          git commit -m "release: v${VERSION}"
+          git tag "v${VERSION}"
+          git push origin main --tags
+
+      - name: Create GitHub Release
+        env:
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          VERSION="${{ inputs.version }}"
+          gh release create "v${VERSION}" "${{ env.TARBALL }}" \
+            --title "v${VERSION}" \
+            --generate-notes
@@ -0,0 +1,31 @@
+version: "0.1.0"
+name: kube-vip
+displayName: kube-vip
+createdAt: "2026-03-04T00:00:00Z"
+description: >-
+  Headlamp plugin for kube-vip virtual IP and load balancer visibility.
+  Monitors kube-vip DaemonSet/pods, LoadBalancer services, nodes, IP pools,
+  and leader election. Read-only — no cluster write operations.
+license: Apache-2.0
+homeURL: https://github.com/privilegedescalation/headlamp-kube-vip-plugin
+keywords:
+  - kube-vip
+  - virtual-ip
+  - load-balancer
+  - headlamp
+  - kubernetes
+links:
+  - name: Source
+    url: https://github.com/privilegedescalation/headlamp-kube-vip-plugin
+  - name: kube-vip
+    url: https://kube-vip.io/
+maintainers:
+  - name: privilegedescalation
+    email: chris@farhood.org
+provider:
+  name: privilegedescalation
+annotations:
+  headlamp/plugin/archive-url: "https://github.com/privilegedescalation/headlamp-kube-vip-plugin/releases/download/v0.1.0/kube-vip-0.1.0.tar.gz"
+  headlamp/plugin/archive-checksum: ""
+  headlamp/plugin/version-compat: ">=0.26"
+  headlamp/plugin/distro-compat: "in-cluster"
@@ -0,0 +1,4 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": ["config:recommended"]
+}