Skip to content

Commit

Permalink
Added validate.yaml action (#305)
Browse files Browse the repository at this point in the history
* Added validate.yaml action

* Updates

* update

* Rename validate script and made it executable

* update

* Added emojies
  • Loading branch information
devantler authored Aug 21, 2023
1 parent 7fde411 commit 1bf7829
Show file tree
Hide file tree
Showing 3 changed files with 66 additions and 2 deletions.
39 changes: 39 additions & 0 deletions .github/scripts/validate-manifests.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
#!/usr/bin/env bash

set -o errexit
set -o pipefail

# mirror kustomize-controller build options
kustomize_flags=("--load-restrictor=LoadRestrictionsNone")
kustomize_config="kustomization.yaml"

# skip Kubernetes Secrets due to SOPS fields failing validation
kubeconform_flags=("-skip=Secret")
kubeconform_config=("-strict" "-ignore-missing-schemas" "-schema-location" "default" "-schema-location" "/tmp/flux-crd-schemas" "-verbose")

echo "🔍 INFO - Downloading Flux OpenAPI schemas"
mkdir -p /tmp/flux-crd-schemas/master-standalone-strict
curl -sL https://github.com/fluxcd/flux2/releases/latest/download/crd-schemas.tar.gz | tar zxf - -C /tmp/flux-crd-schemas/master-standalone-strict

find . -type f -name '*.yaml' -print0 | while IFS= read -r -d $'\0' file; do
echo "🔍 INFO - Validating $file"
yq e 'true' "$file" >/dev/null
done

echo "🔍 INFO - Validating clusters"
find ./k8s/clusters -maxdepth 2 -type f -name '*.yaml' -print0 | while IFS= read -r -d $'\0' file; do
kubeconform "${kubeconform_flags[@]}" "${kubeconform_config[@]}" "${file}"
if [[ ${PIPESTATUS[0]} != 0 ]]; then
exit 1
fi
done

echo "🔍 INFO - Validating kustomize overlays"
find . -type f -name $kustomize_config -print0 | while IFS= read -r -d $'\0' file; do
echo "🔍 INFO - Validating kustomization ${file/%$kustomize_config/}"
kustomize build "${file/%$kustomize_config/}" "${kustomize_flags[@]}" |
kubeconform "${kubeconform_flags[@]}" "${kubeconform_config[@]}"
if [[ ${PIPESTATUS[0]} != 0 ]]; then
exit 1
fi
done
4 changes: 2 additions & 2 deletions .github/workflows/update-flux.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: update-flux
name: Update Flux

on:
workflow_dispatch:
Expand All @@ -10,7 +10,7 @@ permissions:
pull-requests: write

jobs:
components:
update-flux:
runs-on: ubuntu-latest
strategy:
matrix:
Expand Down
25 changes: 25 additions & 0 deletions .github/workflows/validate-manifests.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
name: Validate manifests

env:
SCRIPTS_DIR: ./.github/scripts

on:
pull_request:
push:
branches: [ '*' ]
tags-ignore: [ '*' ]

jobs:
validate-manifests:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup yq
uses: fluxcd/pkg/actions/yq@main
- name: Setup kubeconform
uses: fluxcd/pkg/actions/kubeconform@main
- name: Setup kustomize
uses: fluxcd/pkg/actions/kustomize@main
- name: Validate manifests
run: $SCRIPTS_DIR/validate-manifests.sh

0 comments on commit 1bf7829

Please sign in to comment.