The following sections detail the CI tasks which run as part of this repository.
All configuration for CI can be found within the .github/workflows/kustomize-checks.yaml files of this repository.
These all execute as Github actions and the scripts can be found in the bin directory of this repository.
Within a cluster all HelmRelease resources need to be uniquely named.
The script can be found here.
This script is executed within our kubernetes-toolkit container which can be found here.
We validate the resources within each sub-directory under the kustomize directory against the JSON schema definitions for:
- The version of Kubernetes we are using.
- The version of flux we are using.
This is made possible by leveraging a tool called kubeconform.
The script can be found here.
These checks are executed within our kubernetes-toolkit container which can be found here.
Throughout the evolution of Kubernetes the API versions that specific resources use become deprecated.
A prime example of this was the API versions that became deprecated as part of the 1.16 release see here for more information.
Therefore, to remain ahead of the curve we want to be making sure we are not using deprecated API versions within our helm charts prior to them being deployed to our EKS clusters.
This is made possible by leveraging Pluto which can be found here.
The script used to validate this, can be found here.
This script is executed within our kubernetes-toolkit container which can be found here.
We validate the resources within each sub-directory under the environments directory against the JSON schema definitions for the version of Istio we are using.
This is made possible by leveraging a tool called istioctl which can be found here.
The script used to validate this, can be found here.
This script is executed within our kubernetes-toolkit container which can be found here.
We also validate each kustomization.yaml file within the repository to make sure it aligns with the recommended structure.
The script used to validate this, can be found here.
This script is executed within our kubernetes-toolkit container which can be found here.
As we are using kustomize the changes made as part of a Pull Request got execute a number of changes across multiple clusters.
This job is responsible for obtaining those changes and printing them as a comment on the Pull Request to make reviewal easier.
The job uses the following two GitHub Actions