ci: add chart testing (#111)

- closes #18

Reviewed-on: https://codeberg.org/forgejo-contrib/forgejo-helm/pulls/111
Co-authored-by: Michael Kriese <michael.kriese@visualon.de>
Co-committed-by: Michael Kriese <michael.kriese@visualon.de>

.woodpecker/e2e.yml

@@ -0,0 +1,48 @@
+platform: linux/amd64
+
+when:
+  event:
+    - pull_request
+    - push
+  branch:
+    - main
+    - release/**
+
+services:
+  docker:
+    image: docker:24.0.7-dind
+    pull: true
+    environment:
+      DOCKER_TLS_CERTDIR: ''
+
+matrix:
+  k8s:
+    # from https://hub.docker.com/r/kindest/node/tags
+    #    - v1.25.3 # renovate: kindest
+    - v1.28.0 # renovate: kindest
+
+pipeline:
+  create-cluster:
+    image: alpine:3.18.5
+    pull: true
+    environment:
+      DOCKER_HOST: tcp://docker:2375
+    commands:
+      - apk add docker-cli kind
+      - export KUBECONFIG=$${CI_WORKSPACE}/kube.config
+      - sleep 15s
+      - docker info
+      - kind create cluster --config e2e/kind.cluster.yml --image kindest/node:${k8s} --wait 1m
+      - kind get clusters
+      - docker ps
+      # replace localhost or 0.0.0.0 in the kubeconfig file with "docker", in order to be able to reach the cluster through the docker service
+      - sed -i -E -e 's/localhost|0\.0\.0\.0/docker/g' $${KUBECONFIG}
+
+  chart-testing:
+    image: quay.io/helmpack/chart-testing:v3.10.1
+    pull: true
+    commands:
+      - git fetch --no-tags --filter=blob:none origin
+      - export KUBECONFIG=$${CI_WORKSPACE}/kube.config
+      - kubectl get no -o wide
+      - ct install --config tools/ct.yml --charts .

.woodpecker/lint.yml

@@ -54,3 +54,10 @@ pipeline:
     commands:
       - apk add yamllint
       - yamllint -f colored .
+
+  chart-testing:
+    image: quay.io/helmpack/chart-testing:v3.10.1
+    pull: true
+    commands:
+      - git fetch --no-tags --filter=blob:none origin
+      - ct lint --config tools/ct.yml --charts .

.woodpecker/release-version.yml

@@ -2,6 +2,7 @@ platform: linux/amd64
 
 depends_on:
   - lint
+  - e2e
 
 when:
   event:

README.md

@@ -989,7 +989,10 @@ To comply with the Forgejo helm chart definition of the digest parameter, a "cus
 | `gitea.startupProbe.successThreshold`    | Success threshold for startup probe             | `1`     |
 | `gitea.startupProbe.failureThreshold`    | Failure threshold for startup probe             | `10`    |
 
-### redis-cluster
+### Redis® Cluster
+
+Redis® Cluster is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/redis-cluster) if enabled in the values.
+Complete Configuration can be taken from their website.
 
 | Name                             | Description                                  | Value   |
 | -------------------------------- | -------------------------------------------- | ------- |
@@ -998,11 +1001,14 @@ To comply with the Forgejo helm chart definition of the digest parameter, a "cus
 | `redis-cluster.cluster.nodes`    | Number of redis cluster master nodes         | `3`     |
 | `redis-cluster.cluster.replicas` | Number of redis cluster master node replicas | `0`     |
 
-### PostgreSQL-ha
+### PostgreSQL HA
+
+PostgreSQL HA is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/postgresql-ha) if enabled in the values.
+Complete Configuration can be taken from their website.
 
 | Name                                        | Description                                                      | Value       |
 | ------------------------------------------- | ---------------------------------------------------------------- | ----------- |
-| `postgresql-ha.enabled`                     | Enable PostgreSQL-ha                                             | `true`      |
+| `postgresql-ha.enabled`                     | Enable PostgreSQL HA chart                                       | `true`      |
 | `postgresql-ha.postgresql.password`         | Password for the `gitea` user (overrides `auth.password`)        | `changeme4` |
 | `postgresql-ha.global.postgresql.database`  | Name for a custom database to create (overrides `auth.database`) | `gitea`     |
 | `postgresql-ha.global.postgresql.username`  | Name for a custom user to create (overrides `auth.username`)     | `gitea`     |
@@ -1015,7 +1021,8 @@ To comply with the Forgejo helm chart definition of the digest parameter, a "cus
 
 ### PostgreSQL
 
-PostgreSQL is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/postgresql) if enabled in the values. Complete Configuration can be taken from their website.
+PostgreSQL is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/postgresql) if enabled in the values.
+Complete Configuration can be taken from their website.
 
 | Name                                                    | Description                                                      | Value   |
 | ------------------------------------------------------- | ---------------------------------------------------------------- | ------- |

e2e/kind.cluster.yml

@@ -0,0 +1,17 @@
+# based on https://github.com/kind-ci/examples
+apiVersion: kind.x-k8s.io/v1alpha4
+kind: Cluster
+name: chart-testing
+networking:
+  apiServerAddress: '0.0.0.0'
+
+nodes:
+  # add to the apiServer certSANs the name of the drone service in order to be able to reach the cluster through it
+  - role: control-plane
+    kubeadmConfigPatches:
+      - |
+        kind: ClusterConfiguration
+        apiServer:
+          certSANs:
+          - docker
+  - role: worker

tools/ct.yml

@@ -0,0 +1,6 @@
+# helm-extra-args: --timeout 600s
+check-version-increment: false
+debug: true
+target-branch: main
+lint-conf: .yamllint
+validate-maintainers: false # does not work with gitea

values.yaml

@@ -8,13 +8,13 @@
 ## @param global.storageClass global storage class override
 ## @param global.hostAliases global hostAliases which will be added to the pod's hosts files
 global:
-  imageRegistry: ""
+  imageRegistry: ''
   ## E.g.
   ## imagePullSecrets:
   ##   - myRegistryKeySecretName
   ##
   imagePullSecrets: []
-  storageClass: ""
+  storageClass: ''
   hostAliases: []
   # - ip: 192.168.137.2
   #   hostnames:
@@ -28,9 +28,9 @@ replicaCount: 1
 ## @param strategy.rollingUpdate.maxSurge maxSurge
 ## @param strategy.rollingUpdate.maxUnavailable maxUnavailable
 strategy:
-  type: "RollingUpdate"
+  type: 'RollingUpdate'
   rollingUpdate:
-    maxSurge: "100%"
+    maxSurge: '100%'
     maxUnavailable: 0
 
 ## @param clusterDomain cluster domain
@@ -48,11 +48,11 @@ image:
   registry: codeberg.org
   repository: forgejo/forgejo
   # Overrides the image tag whose default is the chart appVersion.
-  tag: ""
+  tag: ''
-  digest: ""
+  digest: ''
   pullPolicy: IfNotPresent
   rootless: true
-  fullOverride: ""
+  fullOverride: ''
 
 ## @param imagePullSecrets Secret to use for pulling the image
 imagePullSecrets: []
@@ -194,7 +194,7 @@ resources:
 ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
 ##
 ## @param schedulerName Use an alternate scheduler, e.g. "stork"
-schedulerName: ""
+schedulerName: ''
 
 ## @param nodeSelector NodeSelector for the deployment
 nodeSelector: {}
@@ -212,7 +212,7 @@ topologySpreadConstraints: []
 dnsConfig: {}
 
 ## @param priorityClassName priorityClassName for the deployment
-priorityClassName: ""
+priorityClassName: ''
 
 ## @param deployment.env  Additional environment variables to pass to containers
 ## @param deployment.terminationGracePeriodSeconds How long to wait until forcefully kill the pod
@@ -237,7 +237,7 @@ deployment:
 ## @param serviceAccount.labels Custom labels for the ServiceAccount
 serviceAccount:
   create: false
-  name: ""
+  name: ''
   automountServiceAccountToken: false
   imagePullSecrets: []
   # - name: private-registry-access
@@ -268,7 +268,7 @@ persistence:
   labels: {}
   storageClass:
   subPath:
-  volumeName: ""
+  volumeName: ''
   annotations:
     helm.sh/resource-policy: keep
 
@@ -296,7 +296,7 @@ extraVolumeMounts: []
 
 ## @section Init
 ## @param initPreScript Bash shell script copied verbatim to the start of the init-container.
-initPreScript: ""
+initPreScript: ''
 #
 # initPreScript: |
 #   mkdir -p /data/git/.postgresql
@@ -324,12 +324,12 @@ initContainers:
 signing:
   enabled: false
   gpgHome: /data/git/.gnupg
-  privateKey: ""
+  privateKey: ''
   # privateKey: |-
   #   -----BEGIN PGP PRIVATE KEY BLOCK-----
   #   ...
   #   -----END PGP PRIVATE KEY BLOCK-----
-  existingSecret: ""
+  existingSecret: ''
 
 ## @section Gitea
 #
@@ -343,7 +343,7 @@ gitea:
     existingSecret:
     username: gitea_admin
     password: r8sA8CPHD9!bt6d
-    email: "gitea@local.domain"
+    email: 'gitea@local.domain'
 
   ## @param gitea.metrics.enabled Enable Forgejo metrics
   ## @param gitea.metrics.serviceMonitor.enabled Enable Forgejo metrics service monitor
@@ -414,7 +414,7 @@ gitea:
 
   ## @param gitea.ssh.logLevel Configure OpenSSH's log level. Only available for root-based Forgejo image.
   ssh:
-    logLevel: "INFO"
+    logLevel: 'INFO'
 
   ## @section LivenessProbe
   #
@@ -476,7 +476,12 @@ gitea:
     successThreshold: 1
     failureThreshold: 10
 
-## @section redis-cluster
+## @section Redis® Cluster
+## @descriptionStart
+## Redis® Cluster is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/redis-cluster) if enabled in the values.
+## Complete Configuration can be taken from their website.
+## @descriptionEnd
+#
 ## @param redis-cluster.enabled Enable redis
 ## @param redis-cluster.usePassword Whether to use password authentication
 ## @param redis-cluster.cluster.nodes Number of redis cluster master nodes
@@ -488,9 +493,13 @@ redis-cluster:
     nodes: 3 # default: 6
     replicas: 0 # default: 1
 
-## @section postgresql-ha
+## @section PostgreSQL HA
+## @descriptionStart
+## PostgreSQL HA is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/postgresql-ha) if enabled in the values.
+## Complete Configuration can be taken from their website.
+## @descriptionEnd
 #
-## @param postgresql-ha.enabled Enable postgresql-ha
+## @param postgresql-ha.enabled Enable PostgreSQL HA chart
 ## @param postgresql-ha.postgresql.password Password for the `gitea` user (overrides `auth.password`)
 ## @param postgresql-ha.global.postgresql.database Name for a custom database to create (overrides `auth.database`)
 ## @param postgresql-ha.global.postgresql.username Name for a custom user to create (overrides `auth.username`)
@@ -498,8 +507,8 @@ redis-cluster:
 ## @param postgresql-ha.postgresql.repmgrPassword Repmgr Password
 ## @param postgresql-ha.postgresql.postgresPassword postgres Password
 ## @param postgresql-ha.pgpool.adminPassword pgpool adminPassword
-## @param postgresql-ha.service.ports.postgresql postgresql service port (overrides `service.ports.postgresql`)
+## @param postgresql-ha.service.ports.postgresql PostgreSQL service port (overrides `service.ports.postgresql`)
-## @param postgresql-ha.primary.persistence.size PVC Storage Request for postgresql-ha volume
+## @param postgresql-ha.primary.persistence.size PVC Storage Request for PostgreSQL-ha volume
 postgresql-ha:
   global:
     postgresql:
@@ -522,7 +531,8 @@ postgresql-ha:
 
 ## @section PostgreSQL
 ## @descriptionStart
-## PostgreSQL is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/postgresql) if enabled in the values. Complete Configuration can be taken from their website.
+## PostgreSQL is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/postgresql) if enabled in the values.
+## Complete Configuration can be taken from their website.
 ## @descriptionEnd
 #
 ## @param postgresql.enabled Enable PostgreSQL