Skip to content
Validate Manifests

fix(helm): update chart cert-manager to v1.16.3 #1078

Sign in to view logs

fix(helm): update chart cert-manager to v1.16.3

fix(helm): update chart cert-manager to v1.16.3 #1078

Workflow file for this run

.github/workflows/ci.yaml at f405ccb
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
# yamllint disable rule:comments
name: Validate Manifests
on: # yamllint disable-line rule:truthy
push: {}
permissions:
contents: read
jobs:
lint:
name: Lint yaml
runs-on: ubuntu-latest
steps:
- name: Code Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Run yamllint
uses: ibiqlik/action-yamllint@2576378a8e339169678f9939646ee3ee325e845c # v3.1.1
with:
file_or_dir: .
format: github # OUTPUT format (github=fancy github output)
helm:
name: Render helm chart templates
runs-on: ubuntu-latest
steps:
- name: Code Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Render helm chart templates
run: |
parallel -j0 "helm dependency update "{//}" && helm template --include-crds --namespace testns -- testchart "{//}"" ::: "$(find apps/ -regex ".*/upstream/Chart.ya?ml")"
kustomize:
name: Build kustomization files
runs-on: ubuntu-latest
steps:
- name: Code Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Build kustomize files
run: |
parallel -j0 "kustomize build "{//}"" ::: "$(find apps/ -name kustomization.yaml)" bootstrap/argo-cd/kustomization.yaml
kubeconform:
name: Validate kubernetes manifests
runs-on: ubuntu-latest
steps:
- name: Code Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup Go environment
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
go-version: stable
cache: false # no deps to cache
- name: Install kubeconform
run: |
go install github.com/yannh/kubeconform/cmd/kubeconform@latest
- name: Generate cache key
id: generate-cache-key
run: |
datree_sha="$(curl -s -H 'Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' \
-H "Accept: application/vnd.github.VERSION.sha" \
"${GITHUB_API_URL}/repos/datreeio/CRDs-catalog/commits/main")"
schemastore_sha="$(curl -s -H 'Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' \
-H "Accept: application/vnd.github.VERSION.sha" \
"${GITHUB_API_URL}/repos/schemastore/schemastore/commits/master")"
echo "key=$(echo -n "$datree_sha$schemastore_sha" | md5sum | cut -c 1-7)" >> "$GITHUB_OUTPUT"
- name: Restore cached schemas
id: cache-kubeconform-restore
uses: actions/cache/restore@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0
with:
fail-on-cache-miss: false
path: |
${{ github.workspace }}/.cache/kubeconform
key: kubeconform-schemas-${{ steps.generate-cache-key.outputs.key }}
- name: Get cached schemas
if: steps.cache-kubeconform-restore.outputs.cache-hit == 'true'
run: |
ls -R "$GITHUB_WORKSPACE/.cache/kubeconform"
- name: Validate manifests with kubeconform
run: |
mkdir -p "$GITHUB_WORKSPACE/.cache/kubeconform"
kubeconform \
-n "$(nproc)" \
--cache "$GITHUB_WORKSPACE/.cache/kubeconform" \
--skip CustomResourceDefinition \
--ignore-filename-pattern "apps/.*/upstream/.*\.ya?ml" \
--ignore-filename-pattern "apps/.*/files/.*\.ya?ml" \
--ignore-filename-pattern "apps/.*/overlays/.*\.ya?ml" \
--ignore-filename-pattern "/.*\.json" \
--schema-location default \
--schema-location "https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/{{.Group}}/{{.ResourceKind}}_{{.ResourceAPIVersion}}.json" \
--schema-location "https://json.schemastore.org/{{.ResourceKind}}.json" \
--summary \
--strict \
--verbose \
-- apps/
- name: Cache schemas
id: cache-kubeconform-save
if: steps.cache-kubeconform-restore.outputs.cache-hit != 'true'
uses: actions/cache/save@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0
with:
path: |
${{ github.workspace }}/.cache/kubeconform
key: kubeconform-schemas-${{ steps.generate-cache-key.outputs.key }}