From 20d1c7fdc85a4707a8af781d165491f1872ad052 Mon Sep 17 00:00:00 2001
From: github-actions <action@github.com>
Date: Mon, 22 Aug 2022 16:48:38 +0000
Subject: [PATCH] Align files

---
 .../zz_generated.check_values_schema.yaml     | 76 ++++++++++++++-----
 .../zz_generated.create_release.yaml          |  2 +-
 .../zz_generated.create_release_pr.yaml       |  2 +-
 .github/workflows/zz_generated.gitleaks.yaml  |  2 +-
 .pre-commit-config.yaml                       |  6 +-
 Makefile                                      |  2 +-
 Makefile.gen.app.mk                           |  2 +-
 7 files changed, 65 insertions(+), 27 deletions(-)

diff --git a/.github/workflows/zz_generated.check_values_schema.yaml b/.github/workflows/zz_generated.check_values_schema.yaml
index 03f532f..fa01fef 100644
--- a/.github/workflows/zz_generated.check_values_schema.yaml
+++ b/.github/workflows/zz_generated.check_values_schema.yaml
@@ -1,6 +1,6 @@
 # DO NOT EDIT. Generated with:
 #
-#    devctl@5.8.0
+#    devctl@5.9.0
 #
 name: 'Check if values schema file has been updated'
 on: pull_request
@@ -16,31 +16,69 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
-          VALUES_FILE_CHANGED="false"
-          SCHEMA_FILE_CHANGED="false"
-
           echo "Comparing ${GITHUB_BASE_REF}...${GITHUB_HEAD_REF}"
 
-          changed_files=$(gh api "repos/{owner}/{repo}/compare/${GITHUB_BASE_REF}...${GITHUB_HEAD_REF}" --jq ".files[] | .filename")
-
+          # check if repo contains a schema file
           if grep -q "values.schema.json" <<< $(git ls-tree -r --name-only ${GITHUB_SHA}); then
 
-            if grep -q "values.yaml" <<< "${changed_files}" ; then
-              VALUES_FILE_CHANGED="true"
-            fi
+            # get a list of files changed in the PR
+            CHANGED_FILES=$(gh api repos/{owner}/{repo}/compare/${GITHUB_BASE_REF}...${GITHUB_HEAD_REF} \
+              --jq ".files[].filename")
 
-            if grep -q "values.schema.json" <<< "${changed_files}" ; then
-              SCHEMA_FILE_CHANGED="true"
-            fi
+            # check if values.yaml in main chart was modified by this PR
+            # (this won't check values files in subcharts)
+            if grep -q 'helm\/[-a-z].*\/values.yaml' <<< "${CHANGED_FILES}" ; then
+
+              # get the path to values.yaml
+              VALUES_FILE=$(gh api repos/{owner}/{repo}/compare/${GITHUB_BASE_REF}...${GITHUB_HEAD_REF} \
+                --jq ".files[].filename" | grep 'helm\/[-a-z].*\/values.yaml')
+
+              # fetch branches so we can use them to compare
+              git fetch &> /dev/null
+
+              # calculate hash of the keys from values.yaml from the default branch
+              DEFAULT_BRANCH_SHA=$(git show origin/${GITHUB_BASE_REF}:${VALUES_FILE} \
+                | yq -P 'sort_keys(..)' -o=json | jq -r '[paths | join(".")]' \
+                | sha1sum | awk '{print $1}')
+
+              # calculate hash of the keys from values.yaml from this branch
+              THIS_BRANCH_SHA=$(git show origin/${GITHUB_HEAD_REF}:${VALUES_FILE} \
+                | yq -P 'sort_keys(..)' -o=json | jq -r '[paths | join(".")]' \
+                | sha1sum | awk '{print $1}')
 
-            if [ $VALUES_FILE_CHANGED != $SCHEMA_FILE_CHANGED ]; then
-              echo "FAILED: values.yaml was updated but values.schema.json hasn't been regenerated"
-              echo "Please refer to this document: https://intranet.giantswarm.io/docs/organizational-structure/teams/cabbage/app-updates/helm-values-schema/"
-              exit 1
+              # compare hashes of the values files
+              if [[ "${DEFAULT_BRANCH_SHA}" != "${THIS_BRANCH_SHA}" ]]; then
+
+                # values file structure has been modified so we need to ensure the schema
+                # file is also updated
+
+                if grep -q "values.schema.json" <<< "${CHANGED_FILES}" ; then
+                  # we assume that the schema has been updated, nothing to do
+                  echo "PASSED: values.yaml and values.schema.json both appear to have been updated"
+                  exit 0
+                else
+                  # schema must be updated
+                  echo "FAILED: values.yaml was updated but values.schema.json hasn't been regenerated"
+                  echo "Please refer to this document: https://intranet.giantswarm.io/docs/organizational-structure/teams/cabbage/app-updates/helm-values-schema/"
+                  exit 1
+                fi
+
+              else
+                # values file structure hasn't changed, nothing to do
+                echo "values.yaml structure hasn't been changed by this PR"
+                exit 0
+              fi
+
+            else
+              # values file not included in PR, nothing to see here
+              echo "values.yaml not included in this PR"
+              exit 0
             fi
 
-            echo "PASSED: values.yaml and values.schema.json both appear to have been updated"
+          else
+
+            # if grep returns negative then there isn't a values.schema.json to check
+            echo "No values.schema.json file found in branch '${GITHUB_BASE_REF}', nothing to check"
             exit 0
-          fi
 
-          echo "INFO: values.schema.json not present in this repo - nothing to do"
+          fi
diff --git a/.github/workflows/zz_generated.create_release.yaml b/.github/workflows/zz_generated.create_release.yaml
index 2972a7b..e9c6c4d 100644
--- a/.github/workflows/zz_generated.create_release.yaml
+++ b/.github/workflows/zz_generated.create_release.yaml
@@ -1,6 +1,6 @@
 # DO NOT EDIT. Generated with:
 #
-#    devctl@5.8.0
+#    devctl@5.9.0
 #
 name: Create Release
 on:
diff --git a/.github/workflows/zz_generated.create_release_pr.yaml b/.github/workflows/zz_generated.create_release_pr.yaml
index 197c305..d5cec93 100644
--- a/.github/workflows/zz_generated.create_release_pr.yaml
+++ b/.github/workflows/zz_generated.create_release_pr.yaml
@@ -1,6 +1,6 @@
 # DO NOT EDIT. Generated with:
 #
-#    devctl@5.8.0
+#    devctl@5.9.0
 #
 name: Create Release PR
 on:
diff --git a/.github/workflows/zz_generated.gitleaks.yaml b/.github/workflows/zz_generated.gitleaks.yaml
index 89ffd13..e0f6786 100644
--- a/.github/workflows/zz_generated.gitleaks.yaml
+++ b/.github/workflows/zz_generated.gitleaks.yaml
@@ -1,6 +1,6 @@
 # DO NOT EDIT. Generated with:
 #
-#    devctl@5.8.0
+#    devctl@5.9.0
 #
 name: gitleaks
 
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 5ee294c..ea6f1ca 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -34,12 +34,12 @@ repos:
 
     # static type checking with mypy
     - repo: https://github.com/pre-commit/mirrors-mypy
-      rev: v0.961
+      rev: v0.971
       hooks:
           - id: mypy
 
     - repo: https://github.com/pycqa/flake8
-      rev: '4.0.1'  # pick a git hash / tag to point to
+      rev: '5.0.4'  # pick a git hash / tag to point to
       hooks:
           - id: flake8
 
@@ -51,7 +51,7 @@ repos:
             args: [ --format=json ]
 
     - repo: https://github.com/igorshubovych/markdownlint-cli
-      rev: v0.31.1
+      rev: v0.32.2
       hooks:
           - id: markdownlint
 
diff --git a/Makefile b/Makefile
index 39bab68..b916857 100644
--- a/Makefile
+++ b/Makefile
@@ -1,6 +1,6 @@
 # DO NOT EDIT. Generated with:
 #
-#    devctl@5.8.0
+#    devctl@5.9.0
 #
 
 include Makefile.*.mk
diff --git a/Makefile.gen.app.mk b/Makefile.gen.app.mk
index e462d9e..ab9f6f5 100644
--- a/Makefile.gen.app.mk
+++ b/Makefile.gen.app.mk
@@ -1,6 +1,6 @@
 # DO NOT EDIT. Generated with:
 #
-#    devctl@5.8.0
+#    devctl@5.9.0
 #
 
 ##@ App