From f30b5d34bd502935d811b781af54bc268f30a780 Mon Sep 17 00:00:00 2001
From: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
Date: Tue, 13 Jun 2023 15:04:29 +0200
Subject: [PATCH] test: run tests with the prebuilt helm chart package

Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
---
 .github/workflows/artifacts.yaml | 24 ++++++++++++++++++++----
 .github/workflows/ci.yaml        |  6 ++++++
 e2e/main_test.go                 | 13 +++++++++----
 3 files changed, 35 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/artifacts.yaml b/.github/workflows/artifacts.yaml
index fedbb130..9507785c 100644
--- a/.github/workflows/artifacts.yaml
+++ b/.github/workflows/artifacts.yaml
@@ -26,6 +26,15 @@ on:
       container-image-ref:
         description: Container image ref
         value: ${{ jobs.container-image.outputs.ref }}
+      helm-chart-name:
+        description: Helm chart OCI name
+        value: ${{ jobs.helm-chart.outputs.name }}
+      helm-chart-tag:
+        description: Helm chart tag
+        value: ${{ jobs.helm-chart.outputs.tag }}
+      helm-chart-package:
+        description: Helm chart package name
+        value: ${{ jobs.helm-chart.outputs.package }}
 
 permissions:
   contents: read
@@ -165,7 +174,8 @@ jobs:
 
     outputs:
       name: ${{ steps.oci-chart-name.outputs.value }}
-      tag: ${{ github.ref_name }}
+      tag: ${{ steps.version.outputs.value }}
+      package: ${{ steps.build.outputs.package }}
 
     steps:
       - name: Checkout repository
@@ -176,9 +186,9 @@ jobs:
         with:
           version: v3.12.0
 
-      - name: Set chart base name
+      - name: Set chart name
         id: chart-name
-        run: echo "value=vault-secrets-webhook" >> "$GITHUB_OUTPUT"
+        run: echo "value=${{ github.event.repository.name }}" >> "$GITHUB_OUTPUT"
 
       - name: Set OCI registry name
         id: oci-registry-name
@@ -189,7 +199,7 @@ jobs:
         run: echo "value=${{ steps.oci-registry-name.outputs.value }}/${{ steps.chart-name.outputs.value }}" >> "$GITHUB_OUTPUT"
 
       - name: Helm lint
-        run: helm lint charts/vault-secrets-webhook
+        run: helm lint charts/${{ steps.chart-name.outputs.value }}
 
       - name: Determine raw version
         uses: haya14busa/action-cond@1d6e8a12b20cdb4f1954feef9aa475b9c390cab5 # v1.1.1
@@ -231,6 +241,12 @@ jobs:
           HELM_REGISTRY_CONFIG: ~/.docker/config.json
         if: inputs.publish && inputs.release
 
+      - name: Upload package as artifact
+        uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
+        with:
+          name: "[${{ github.job }}] package"
+          path: ${{ steps.build.outputs.package }}
+
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@41f05d9ecffa2ed3f1580af306000f734b733e54 # 0.11.2
         with:
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index f41596d8..a72e6cb0 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -188,6 +188,11 @@ jobs:
         with:
           name: "[container-image] Docker tarball"
 
+      - name: Download helm chart
+        uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
+        with:
+          name: "[helm-chart] package"
+
       - name: Test
         run: nix develop --impure .#ci -c make test-e2e
         env:
@@ -195,4 +200,5 @@ jobs:
           LOAD_IMAGE_ARCHIVE: ${{ github.workspace }}/docker.tar
           # VAULT_VERSION: ${{ matrix.vault_version }}
           WEBHOOK_VERSION: ${{ needs.artifacts.outputs.container-image-tag }}
+          HELM_CHART: "${{ github.workspace }}/${{ needs.artifacts.outputs.helm-chart-package }}"
           LOG_VERBOSE: "true"
diff --git a/e2e/main_test.go b/e2e/main_test.go
index d0675af3..65f6d763 100644
--- a/e2e/main_test.go
+++ b/e2e/main_test.go
@@ -149,16 +149,21 @@ func uninstallVaultOperator(ctx context.Context, cfg *envconf.Config) (context.C
 func installVaultSecretsWebhook(ctx context.Context, cfg *envconf.Config) (context.Context, error) {
 	manager := helm.New(cfg.KubeconfigFile())
 
-	webhookVersion := "latest"
+	version := "latest"
 	if v := os.Getenv("WEBHOOK_VERSION"); v != "" {
-		webhookVersion = v
+		version = v
+	}
+
+	chart := "../charts/vault-secrets-webhook/"
+	if v := os.Getenv("HELM_CHART"); v != "" {
+		chart = v
 	}
 
 	err := manager.RunInstall(
 		helm.WithName("vault-secrets-webhook"), // This is weird that ReleaseName works differently, but it is what it is
-		helm.WithChart("../charts/vault-secrets-webhook/"),
+		helm.WithChart(chart),
 		helm.WithNamespace("vault-secrets-webhook"),
-		helm.WithArgs("-f", "deploy/vault-secrets-webhook/values.yaml", "--set", "image.tag="+webhookVersion),
+		helm.WithArgs("-f", "deploy/vault-secrets-webhook/values.yaml", "--set", "image.tag="+version),
 		helm.WithWait(),
 		helm.WithTimeout("2m"),
 	)