-
-
Notifications
You must be signed in to change notification settings - Fork 7
49 lines (42 loc) · 1.49 KB
/
manifest-validate.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
---
name: Manifest validate
on:
workflow_dispatch:
push:
branches: ['*']
paths: ['cluster/**']
pull_request:
branches: ['*']
paths: ['cluster/**']
env:
KUBERNETES_DIR: ./cluster
SCHEMA_DIR: /home/runner/.datree/crdSchemas
KUBE_VERSION: 1.26.0
jobs:
manifest-validate:
runs-on: ubuntu-latest
container: ghcr.io/budimanjojo/kubernetes-toolbox:latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- name: Download CRDs
run: |
mkdir -p ${{ env.SCHEMA_DIR }}
flux pull artifact oci://ghcr.io/budimanjojo/kubernetes-schemas-oci:latest \
--output=${{ env.SCHEMA_DIR }}
- name: Validate Kubernetes Manifests
run: |
#!/usr/bin/env bash
set -o errexit
kustomize_config="kustomization.yaml"
find ${{ env.KUBERNETES_DIR }} -type f -name $kustomize_config -print0 | while IFS= read -r -d $'\0' file;
do
echo "== Validating kustomization ${file/%$kustomize_config} =="
kustomize build "$(dirname $file)" | kubeconform \
-strict \
-ignore-missing-schemas \
-kubernetes-version ${{ env.KUBE_VERSION }} \
-skip Secret,CustomResourceDefinition \
-schema-location default \
-schema-location ${{ env.SCHEMA_DIR }}/\{\{.Group\}\}/\{\{.ResourceKind\}\}_\{\{.ResourceAPIVersion\}\}.json \
-verbose
done