From 2a712345ed50cd1c9580134733c0bdab0c16305b Mon Sep 17 00:00:00 2001 From: DevContainer User Date: Wed, 4 Mar 2026 00:41:38 +0000 Subject: [PATCH] ci: standardize CI/CD workflows, add release workflow and Renovate - CI: single sequential job, local-ubuntu-latest runner, Node 22, workflow_call trigger, npm run commands - Release: new workflow with CI gate, concurrency protection, dynamic package name, tarball validation, gh CLI - Add artifacthub-pkg.yml for Artifact Hub listing - Add renovate.json with recommended config Co-Authored-By: Claude Opus 4.6 --- .github/workflows/ci.yaml | 13 ++-- .github/workflows/release.yaml | 106 +++++++++++++++++++++++++++++++++ artifacthub-pkg.yml | 31 ++++++++++ renovate.json | 4 ++ 4 files changed, 148 insertions(+), 6 deletions(-) create mode 100644 .github/workflows/release.yaml create mode 100644 artifacthub-pkg.yml create mode 100644 renovate.json diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 6602c8d..cfc2606 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -5,9 +5,10 @@ on: branches: [main] pull_request: branches: [main] + workflow_call: jobs: - lint-and-test: + ci: runs-on: local-ubuntu-latest timeout-minutes: 10 @@ -18,7 +19,7 @@ jobs: - name: Setup Node.js uses: actions/setup-node@v4 with: - node-version: '20' + node-version: '22' cache: 'npm' - name: Install dependencies @@ -28,13 +29,13 @@ jobs: run: npx @kinvolk/headlamp-plugin build - name: Lint - run: npx eslint --ext .ts,.tsx src/ + run: npm run lint - name: Type-check - run: npx tsc --noEmit + run: npm run tsc - name: Format check - run: npx prettier --check src/ + run: npm run format:check - - name: Run unit tests + - name: Run tests run: npm test diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 0000000..9f7eea4 --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,106 @@ +name: Release + +on: + workflow_dispatch: + inputs: + version: + description: 'Release version (e.g. 1.0.0)' + required: true + type: string + +permissions: + contents: write + +concurrency: + group: release + cancel-in-progress: false + +jobs: + ci: + uses: ./.github/workflows/ci.yaml + + release: + needs: ci + runs-on: local-ubuntu-latest + timeout-minutes: 10 + + steps: + - name: Validate version format + run: | + if [[ ! "${{ inputs.version }}" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then + echo "Error: Version must be in X.Y.Z format" + exit 1 + fi + + - name: Checkout + uses: actions/checkout@v4 + + - name: Configure Git + run: | + git config user.name "github-actions[bot]" + git config user.email "github-actions[bot]@users.noreply.github.com" + + - name: Update version in package.json + run: npm version ${{ inputs.version }} --no-git-tag-version + + - name: Update artifacthub-pkg.yml + run: | + VERSION="${{ inputs.version }}" + PKG_NAME=$(jq -r .name package.json) + RELEASE_URL="https://github.com/${{ github.repository }}/releases/download/v${VERSION}/${PKG_NAME}-${VERSION}.tar.gz" + sed -i "s/^version:.*/version: \"${VERSION}\"/" artifacthub-pkg.yml + sed -i "s|headlamp/plugin/archive-url:.*|headlamp/plugin/archive-url: \"${RELEASE_URL}\"|" artifacthub-pkg.yml + + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: '22' + cache: 'npm' + + - name: Install dependencies + run: npm ci + + - name: Build plugin + run: npx @kinvolk/headlamp-plugin build + + - name: Package plugin + run: npx @kinvolk/headlamp-plugin package + + - name: Prepare release tarball + run: | + VERSION="${{ inputs.version }}" + PKG_NAME=$(jq -r .name package.json) + TARBALL="${PKG_NAME}-${VERSION}.tar.gz" + mv *.tar.gz "$TARBALL" + echo "TARBALL=$TARBALL" >> $GITHUB_ENV + echo "PKG_NAME=$PKG_NAME" >> $GITHUB_ENV + + - name: Validate tarball + run: | + echo "Tarball: ${{ env.TARBALL }}" + ls -lh "${{ env.TARBALL }}" + tar -tzf "${{ env.TARBALL }}" | head -20 + tar -tzf "${{ env.TARBALL }}" | grep -q "main.js" || { echo "Error: main.js not found in tarball"; exit 1; } + + - name: Compute checksum + run: | + CHECKSUM=$(sha256sum "${{ env.TARBALL }}" | awk '{print $1}') + echo "CHECKSUM=$CHECKSUM" >> $GITHUB_ENV + sed -i "s|headlamp/plugin/archive-checksum:.*|headlamp/plugin/archive-checksum: sha256:${CHECKSUM}|" artifacthub-pkg.yml + + - name: Commit and tag + run: | + VERSION="${{ inputs.version }}" + git add package.json package-lock.json artifacthub-pkg.yml + git commit -m "release: v${VERSION}" + git tag "v${VERSION}" + git push origin main --tags + + - name: Create GitHub Release + env: + GH_TOKEN: ${{ github.token }} + run: | + VERSION="${{ inputs.version }}" + gh release create "v${VERSION}" "${{ env.TARBALL }}" \ + --title "v${VERSION}" \ + --generate-notes diff --git a/artifacthub-pkg.yml b/artifacthub-pkg.yml new file mode 100644 index 0000000..e230cdf --- /dev/null +++ b/artifacthub-pkg.yml @@ -0,0 +1,31 @@ +version: "0.1.0" +name: kube-vip +displayName: kube-vip +createdAt: "2026-03-04T00:00:00Z" +description: >- + Headlamp plugin for kube-vip virtual IP and load balancer visibility. + Monitors kube-vip DaemonSet/pods, LoadBalancer services, nodes, IP pools, + and leader election. Read-only — no cluster write operations. +license: Apache-2.0 +homeURL: https://github.com/privilegedescalation/headlamp-kube-vip-plugin +keywords: + - kube-vip + - virtual-ip + - load-balancer + - headlamp + - kubernetes +links: + - name: Source + url: https://github.com/privilegedescalation/headlamp-kube-vip-plugin + - name: kube-vip + url: https://kube-vip.io/ +maintainers: + - name: privilegedescalation + email: chris@farhood.org +provider: + name: privilegedescalation +annotations: + headlamp/plugin/archive-url: "https://github.com/privilegedescalation/headlamp-kube-vip-plugin/releases/download/v0.1.0/kube-vip-0.1.0.tar.gz" + headlamp/plugin/archive-checksum: "" + headlamp/plugin/version-compat: ">=0.26" + headlamp/plugin/distro-compat: "in-cluster" diff --git a/renovate.json b/renovate.json new file mode 100644 index 0000000..22a9943 --- /dev/null +++ b/renovate.json @@ -0,0 +1,4 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": ["config:recommended"] +}