Add kubeval parameter ignored_filename_patterns to action

Dockerfile

@@ -1,9 +1,18 @@
-FROM garethr/kubeval:0.14.0 AS kubeval
+FROM ubuntu:18.04
 
-FROM makocchi/alpine-curl-jq:latest
+# Kubeval Version
+ARG KUBEVAL_VERSION='v0.16.1'
 
 COPY entrypoint.sh /entrypoint.sh
-COPY --from=kubeval /kubeval .
+RUN apt-get update\
+    && apt-get install -y curl jq
+###################
+# Install Kubeval #
+###################
+RUN curl -L --output kubeval-linux-amd64.tar.gz https://github.com/instrumenta/kubeval/releases/download/${KUBEVAL_VERSION}/kubeval-linux-amd64.tar.gz \
+    && tar xf kubeval-linux-amd64.tar.gz \
+    && mv kubeval /usr/local/bin \
+    && rm kubeval-linux-amd64.tar.gz
 
 WORKDIR /
 ENTRYPOINT ["/entrypoint.sh"]

LICENSE

@@ -1,13 +1,15 @@
-        DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE 
-                    Version 2, December 2004 
+   Kubeval - Validate Kubernetes configuration files
 
- Copyright (C) 2004 Sam Hocevar <[email protected]> 
+   Copyright (C) 2017 Gareth Rushgrove
 
- Everyone is permitted to copy and distribute verbatim or modified 
- copies of this license document, and changing it is allowed as long 
- as the name is changed. 
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
 
-            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE 
-   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 
+       https://www.apache.org/licenses/LICENSE-2.0
 
-  0. You just DO WHAT THE FUCK YOU WANT TO.
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

README.md

@@ -1,46 +1,21 @@
-# Validate Kubernetes manifests by kubeval
+# Kubeval
 
-[<img src="https://github.com/makocchi-git/actions-k8s-manifests-validate-kubeval/workflows/Perform checks/badge.svg"/>](https://github.com/makocchi-git/actions-k8s-manifests-validate/actions)
+`kubeval` is a tool for validating a Kubernetes YAML or JSON configuration file.
+It does so using schemas generated from the Kubernetes OpenAPI specification, and
+therefore can validate schemas for multiple versions of Kubernetes.
 
-Validate [Kubernetes](https://github.com/kubernetes/kubernetes) manifests in your repository.  
-This action uses [Kubeval](https://kubeval.instrumenta.dev/) for validating.
+[![CircleCI](https://circleci.com/gh/instrumenta/kubeval.svg?style=svg)](https://circleci.com/gh/instrumenta/kubeval)
+[![Go Report
+Card](https://goreportcard.com/badge/github.com/instrumenta/kubeval)](https://goreportcard.com/report/github.com/instrumenta/kubeval)
+[![GoDoc](https://godoc.org/github.com/instrumenta/kubeval?status.svg)](https://godoc.org/github.com/instrumenta/kubeval)
 
-<img src="./img/check.png" alt="sample comment" width="80%" />
 
-## Usage
-
-### Basic
-
-```yaml
-# .github/workflows/manifests-validation.yml
-name: Pull Request Check
-
-on: [pull_request]
-
-jobs:
-  validation:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - name: validate manifests in dir1 and dir2
-        uses: makocchi-git/[email protected]
-        with:
-          files: dir1,dir2
-          token: ${{ secrets.GITHUB_TOKEN }}
+```
+$ kubeval my-invalid-rc.yaml
+WARN - fixtures/my-invalid-rc.yaml contains an invalid ReplicationController - spec.replicas: Invalid type. Expected: [integer,null], given: string
+$ echo $?
+1
 ```
 
-### Input parameters
-
-| Parameter                | Description                                                      | Default  |
-| ------------------------ | ---------------------------------------------------------------- | -------- |
-| `files`                  | Files or directories to validate                                 | `.`      |
-| `version`                | Version of Kubernetes to validate against                        | `master` |
-| `strict`                 | Whether to not to check for extra properties                     | `true`   |
-| `openshift`              | Whether to use the schemas from OpenShift rather than Kubernetes | `false`  |
-| `ignore_missing_schemas` | Whether or not to skip custom resources                          | `true`   |
-| `comment`                | Write validation details to pull request comments                | `true`   |
-| `token`                  | Github token for api. This is required if `comment` is true      | `""`     |
 
-_NOTICE_: Currently kubeval does not support to ignore specify files in the target directories.
-So when you set the `files` parameter to "."(default),
-your action would say "ERR  - .github/workflows/your_action.yml: Missing 'kind' key".😥
+For full usage and installation instructions see [kubeval.com](https://kubeval.com/).

action.yml

@@ -22,6 +22,10 @@ inputs:
     description: "Whether or not to skip custom resources (kubeval --ignore-missing-schemas)" 
     default: true
     required: false
+  ignored_filename_patterns:
+    description: "A comma-separated list of regular expressions specifying paths to ignore (kubeval --ignored-filename-patterns)" 
+    default: ""
+    required: false
   comment:
     description: "Send comment to pull requests"
     default: true
@@ -39,6 +43,7 @@ runs:
     - ${{ inputs.strict }}
     - ${{ inputs.openshift }}
     - ${{ inputs.ignore_missing_schemas }}
+    - ${{ inputs.ignored_filename_patterns }}
     - ${{ inputs.comment }}
     - ${{ inputs.token }}
 branding:

entrypoint.sh

@@ -10,9 +10,9 @@ VERSION=$2
 STRICT=$3
 OPENSHIFT=$4
 IGNORE_MISSING_SCHEMAS=$5
-COMMENT=$6
-GITHUB_TOKEN=$7
-
+IGNORED_FILENAME_PATTERNS=$6
+COMMENT=$7
+GITHUB_TOKEN=$8
 # ------------------------
 # Vars
 # ------------------------
@@ -27,7 +27,7 @@ cd ${GITHUB_WORKSPACE}/${WORKING_DIR}
 set +e
 
 # exec kubeval
-CMD="/kubeval --directories ${FILES} --output stdout --strict=${STRICT} --kubernetes-version=${VERSION} --openshift=${OPENSHIFT} --ignore-missing-schemas=${IGNORE_MISSING_SCHEMAS}"
+CMD="kubeval --directories ${FILES} --output stdout --strict=${STRICT} --kubernetes-version=${VERSION} --openshift=${OPENSHIFT} --ignored-filename-patterns=\"${IGNORED_FILENAME_PATTERNS}\" --ignore-missing-schemas=${IGNORE_MISSING_SCHEMAS}"
 OUTPUT=$(sh -c "${CMD}" 2>&1)
 SUCCESS=$?
 
@@ -55,6 +55,7 @@ $(echo "${OUTPUT}" | grep -v ^PASS | grep -v "Set to ignore missing schemas")
 
 # comment to github
 if [ "${COMMENT}" = "true" ];then
+	echo "Comment PR is activated"
 	PAYLOAD=$(echo '{}' | jq --arg body "${GIT_COMMENT}" '.body = $body')
 	COMMENTS_URL=$(cat ${GITHUB_EVENT_PATH} | jq -r .pull_request.comments_url)
 	curl -sS -H "Authorization: token ${GITHUB_TOKEN}" --header "Content-Type: application/json" --data "${PAYLOAD}" "${COMMENTS_URL}" >/dev/null