Add workflows for the chart to CI

.github/dependabot.yml

@@ -0,0 +1,25 @@
+version: 2
+updates:
+  # Dependencies listed in go.mod
+  - package-ecosystem: "gomod"
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "weekly"
+
+  # Dependencies listed in .github/workflows/*.yml
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+
+  # Dependencies listed in Dockerfile
+  - package-ecosystem: "docker"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+
+  # Dependencies listed in frontend/package.json
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "weekly"

.github/release.yml

@@ -0,0 +1,17 @@
+changelog:
+  exclude:
+    labels:
+      - ignore
+  categories:
+    - title: Enhancements 🚀
+      labels:
+        - enhancement
+    - title: Bug Fixes 🐛
+      labels:
+        - bug
+    - title: Dependency Updates ⬆️
+      labels:
+        - dependencies
+    - title: Other Changes
+      labels:
+        - "*"

.github/workflows/chart-release.yml

@@ -0,0 +1,35 @@
+name: Release Charts
+
+on:
+  push:
+    branches:
+    - master
+    paths:
+    - 'charts/**'
+
+jobs:
+  chart-release:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+
+    - name: Configure Git
+      run: |
+        git config user.name "$GITHUB_ACTOR"
+        git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
+
+    - name: Install Helm
+      uses: azure/setup-helm@v4
+      with:
+        version: v3.7.1
+
+    - name: Run chart-releaser
+      uses: helm/chart-releaser-action@v1.6.0
+      with:
+        charts_dir: charts
+        config: charts/cr.yaml
+      env:
+        CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"

.github/workflows/chart-test.yaml

@@ -0,0 +1,107 @@
+name: Chart Test
+on:
+  push:
+    tags:
+      - v*
+    branches:
+      - master
+  pull_request:
+    branches:
+      - master
+
+jobs:
+  chart:
+    name: Chart
+
+    runs-on: ubuntu-latest
+    outputs:
+      changed: ${{ steps.changes.outputs.changed }}
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Set up Helm
+        uses: azure/setup-helm@v4
+        with:
+          version: v3.10.3
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.10"
+
+      - name: Set up chart-testing
+        uses: helm/chart-testing-action@v2.6.1
+
+      - name: Lint
+        run: ct lint
+
+      - name: Check generated docs
+        run: |
+          make docs
+          test "$(git diff --name-only)" == "" \
+          || ( printf >&2 "\nREADME files are not up to date (run 'make docs'), differences:\n\n%s\n\n" "$(git diff)" ; exit 1 ; )
+
+      - name: Detect changes
+        id: changes
+        run: |
+          changed=$(ct list-changed)
+          if [[ -n "$changed" ]]; then
+            echo "changed=true" >> $GITHUB_OUTPUT
+          fi
+
+  chart-test:
+    name: Chart Test
+    runs-on: ubuntu-latest
+    needs: chart
+    if: needs.chart.outputs.changed == 'true'
+    strategy:
+      fail-fast: false
+      matrix:
+        kube: ["1.24", "1.25", "1.26"]
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Set up Helm
+        uses: azure/setup-helm@v4
+        with:
+          version: v3.10.3
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.10"
+
+      - name: Set up chart-testing
+        uses: helm/chart-testing-action@v2.6.1
+
+      # See https://github.com/kubernetes-sigs/kind/releases/tag/v0.17.0
+      - name: Determine KinD node image version
+        id: node_image
+        run: |
+          case ${{ matrix.kube }} in
+            1.24)
+              NODE_IMAGE=kindest/node:v1.24.7@sha256:577c630ce8e509131eab1aea12c022190978dd2f745aac5eb1fe65c0807eb315 ;;
+            1.25)
+              NODE_IMAGE=kindest/node:v1.25.3@sha256:f52781bc0d7a19fb6c405c2af83abfeb311f130707a0e219175677e366cc45d1 ;;
+            1.26)
+              NODE_IMAGE=kindest/node:v1.26.0@sha256:691e24bd2417609db7e589e1a479b902d2e209892a10ce375fab60a8407c7352 ;;
+            esac
+
+            echo "image=$NODE_IMAGE" >> $GITHUB_OUTPUT
+
+      - name: Create KinD cluster
+        uses: helm/kind-action@v1.12.0
+        with:
+          version: v0.17.0
+          node_image: ${{ steps.node_image.outputs.image }}
+
+      - name: Test
+        run: ct install

.github/workflows/publish-latest.yaml

@@ -24,12 +24,12 @@ jobs:
         with:
           tags: flant/ovpn-admin:openvpn-latest
           platforms: linux/amd64,linux/arm64,linux/arm
-          file:  Dockerfile.openvpn
+          file: Dockerfile.ovpn-admin
           push: true
       - name: Push ovpn-admin image to Docker Hub
         uses: docker/build-push-action@v4
         with:
           tags: flant/ovpn-admin:latest
           platforms: linux/amd64,linux/arm64,linux/arm
-          file: Dockerfile
-          push: true
+          file: Dockerfile.openvpn
+          push: true

.github/workflows/publish-tag.yaml

@@ -1,39 +1,52 @@
-name: Build and publish tags to Docker Hub (tags only)
+name: Build and publish tags to ghcr.io
 on:
   push:
     tags:
-      - '*'
+      - v*
+    branches:
+      - master
+  pull_request:
+    branches:
+      - master
+
+env:
+  WERF_STAGED_DOCKERFILE_VERSION: v2
+  # WERF_BUILDAH_MODE: auto
 
 jobs:
   build:
     name: build images for tag
     runs-on: ubuntu-latest
+
     steps:
       - name: Checkout code
         uses: actions/checkout@v2
         with:
           fetch-depth: 0
-      - name: Get the version
-        id: get_version
-        run: echo ::set-output name=VERSION::${GITHUB_REF/refs\/tags\//}
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
-      - name: Login to Docker Hub
-        uses: docker/login-action@v2
-        with:
-          username: ${{ secrets.DOCKER_USER }}
-          password: ${{ secrets.DOCKER_PASS }}
-      - name: Push openvpn image to Docker Hub
-        uses: docker/build-push-action@v4
-        with:
-          tags: flant/ovpn-admin:openvpn-${{ steps.get_version.outputs.VERSION }}
-          platforms: linux/amd64,linux/arm64,linux/arm
-          file: Dockerfile.openvpn
-          push: true
-      - name: Push ovpn-admin image to Docker Hub
-        uses: docker/build-push-action@v4
+
+      - uses: werf/actions/install@v1.2
+
+      - name: Login into ghcr.io
+        shell: bash
+        run: werf cr login -u ${{ github.actor }} -p ${{ github.token }} ghcr.io/${{ github.repository }}
+
+      - name: Extract Docker metadata
+        uses: docker/metadata-action@v5.6.1
         with:
-          tags: flant/ovpn-admin:${{ steps.get_version.outputs.VERSION }}
-          platforms: linux/amd64,linux/arm64,linux/arm
-          file: Dockerfile
-          push: true
+          images: ghcr.io/${{ github.repository }}/${{ matrix.name }}
+
+      - name: Build Image
+        if: ${{ github.event_name == 'pull_request' }}
+        run: |
+          source "$(werf ci-env github --as-file)"
+          source <(jq -r '.labels | to_entries | to_entries[] | "export WERF_EXPORT_ADD_LABEL_\(.key)=\"\(.value.key)=\(.value.value)\""' <<< $DOCKER_METADATA_OUTPUT_JSON)
+
+          werf build
+
+      - name: Build and Push Image
+        if: ${{ github.event_name != 'pull_request' }}
+        run: |
+          source "$(werf ci-env github --as-file)"
+          source <(jq -r '.labels | to_entries | to_entries[] | "export WERF_EXPORT_ADD_LABEL_\(.key)=\"\(.value.key)=\(.value.value)\""' <<< $DOCKER_METADATA_OUTPUT_JSON)
+
+          werf export --tag ghcr.io/${{ github.repository }}/%image%:${{ github.ref_name }}

.gitignore

@@ -1,13 +1,11 @@
+bin/
+
 easyrsa
 easyrsa_master
 easyrsa_slave
 ccd
 ccd_master
 ccd_slave
-openvpn-web-ui*
-openvpn-ui*
-openvpn-admin*
-ovpn-admin*
 frontend/node_modules
 
 main-packr.go

Dockerfile → Dockerfile.ovpn-admin

@@ -1,11 +1,11 @@
 FROM node:16-alpine3.15 AS frontend-builder
-COPY frontend/ /app
+COPY ../frontend /app
 RUN apk add --update python3 make g++ && cd /app && npm install && npm run build
 
 FROM golang:1.17.3-buster AS backend-builder
 RUN go install github.com/gobuffalo/packr/v2/packr2@latest
 COPY --from=frontend-builder /app/static /app/frontend/static
-COPY . /app
+COPY .. /app
 ARG TARGETARCH
 RUN cd /app && packr2 && env CGO_ENABLED=1 GOOS=linux GOARCH=${TARGETARCH} go build -a -tags netgo -ldflags '-linkmode external -extldflags -static -s -w' -o ovpn-admin && packr2 clean
 
@@ -17,4 +17,4 @@ RUN apk add --update bash easy-rsa openssl openvpn coreutils  && \
     ln -s /usr/share/easy-rsa/easyrsa /usr/local/bin && \
     wget https://github.com/pashcovich/openvpn-user/releases/download/v1.0.4/openvpn-user-linux-${TARGETARCH}.tar.gz -O - | tar xz -C /usr/local/bin && \
     rm -rf /tmp/* /var/tmp/* /var/cache/apk/* /var/cache/distfiles/*
-RUN if [ -f "/usr/local/bin/openvpn-user-${TARGETARCH}" ]; then ln -s /usr/local/bin/openvpn-user-${TARGETARCH} /usr/local/bin/openvpn-user; fi
+RUN if [ -f "/usr/local/bin/openvpn-user-${TARGETARCH}" ]; then ln -s /usr/local/bin/openvpn-user-${TARGETARCH} /usr/local/bin/openvpn-user; fi

Makefile

@@ -0,0 +1,54 @@
+export PATH := $(abspath bin/protoc/bin/):$(abspath bin/):${PATH}
+export SHELL := env PATH=$(PATH) /bin/sh
+
+GOOS?=$(shell go env GOOS)
+GOARCH?=$(shell go env GOARCH)
+GOLANGCI_VERSION = 1.55.2
+HELM_DOCS_VERSION = 1.11.0
+
+ifeq ($(GOARCH),arm)
+	ARCH=armv7
+else
+	ARCH=$(GOARCH)
+endif
+
+COMMIT=$(shell git rev-parse --verify HEAD)
+
+###########
+# BUILDING
+###########
+
+###########
+# LINTING
+###########
+bin/golangci-lint: bin/golangci-lint-${GOLANGCI_VERSION}
+	@ln -sf golangci-lint-${GOLANGCI_VERSION} bin/golangci-lint
+
+bin/golangci-lint-${GOLANGCI_VERSION}:
+	curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | BINARY=golangci-lint bash -s -- v${GOLANGCI_VERSION}
+	@mv bin/golangci-lint $@
+
+###########
+# HELM
+###########
+
+bin/helm-docs: bin/helm-docs-${HELM_DOCS_VERSION}
+	@ln -sf helm-docs-${HELM_DOCS_VERSION} bin/helm-docs
+bin/helm-docs-${HELM_DOCS_VERSION}:
+	@mkdir -p bin
+	curl -L https://github.com/norwoodj/helm-docs/releases/download/v${HELM_DOCS_VERSION}/helm-docs_${HELM_DOCS_VERSION}_$(shell uname)_x86_64.tar.gz | tar -zOxf - helm-docs > ./bin/helm-docs-${HELM_DOCS_VERSION} && chmod +x ./bin/helm-docs-${HELM_DOCS_VERSION}
+
+.PHONY: lint fix
+lint: bin/golangci-lint
+	bin/golangci-lint run
+
+fix: bin/golangci-lint
+	bin/golangci-lint run --fix
+
+.PHONY: docs
+docs: bin/helm-docs
+	bin/helm-docs -s file -c charts/ -t README.md.gotmpl
+
+###########
+# TESTING
+###########

charts/openvpn-admin/Chart.yaml

@@ -0,0 +1,15 @@
+apiVersion: v1
+appVersion: "2.0.2"
+description: Simple web UI to manage OpenVPN users, their certificates & routes in Linux. While backend is written in Go, frontend is based on Vue.js.
+name: openvpn-admin
+version: "0.0.1"
+kubeVersion: ">=1.14.0-0"
+maintainers:
+- name: nabokihms
+  email: max.nabokih@gmail.com
+  url: github.com/nabokihms
+sources:
+  - https://github.com/palark/openvpn-admin
+keywords:
+  - kubernetes
+  - openvpn