-
Notifications
You must be signed in to change notification settings - Fork 374
96 lines (90 loc) · 3.42 KB
/
lint-helm.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
name: Lint helm chart
on:
push:
branches:
- main
- v*
paths:
- 'install/kubernetes/**'
- 'pkg/k8s/apis/cilium.io/client/crds/v1alpha1/*.yaml'
- '.github/workflows/lint-helm.yaml'
pull_request:
paths:
- 'install/kubernetes/**'
- 'pkg/k8s/apis/cilium.io/client/crds/v1alpha1/*.yaml'
- '.github/workflows/lint-helm.yaml'
permissions:
pull-requests: write
env:
MIN_K8S_VERSION: "1.23.0"
# renovate: datasource=python-version
PYTHON_VERSION: "3.12"
jobs:
generated-files:
runs-on: ubuntu-latest
steps:
- name: Checkout source code
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
# Build Tetragon Helm chart
- name: Check if Tetragon Helm chart is up to date
run: |
make -C install/kubernetes
test -z "$(git status --porcelain)"
if [ $? != 0 ]; then
git status --porcelain
echo "The Tetragon Helm chart is outdated."
echo "Please run 'make -C install/kubernetes' and submit your changes."; exit 1
fi
# Validate Tetragon Helm chart
- name: Check if openapi2jsonschema.py is up-to-date
id: validate_openapi2jsonschema_script
run: |
make -C install/kubernetes openapi2jsonschema.py
test -z "$(git status --porcelain)"
if [ $? != 0 ]; then
git status --porcelain
echo "openapi2jsonschema.py seems to be outdated."
echo "Please run 'make -C install/kubernetes openapi2jsonschema.py' and submit your changes."; exit 1
fi
- name: Run Kubeconform with minimum supported K8s version
if: success() || steps.validate_openapi2jsonschema_script.outcome == 'failure'
id: kubeconform_min_k8s_version
uses: mathiasvr/command-output@34408ea3d0528273faff3d9e201761ae96106cd0 # v2.0.0
with:
shell: bash
run: |
make -C install/kubernetes kubeconform K8S_VERSION=${{ env.MIN_K8S_VERSION }}
- name: Run Kubeconform with latest K8s version
if: success() || steps.validate_openapi2jsonschema_script.outcome == 'failure'
id: kubeconform_latest_k8s_version
uses: mathiasvr/command-output@34408ea3d0528273faff3d9e201761ae96106cd0 # v2.0.0
with:
shell: bash
run: |
make -C install/kubernetes kubeconform
# Post Kubeconform issues as comment on the GH PR, if there are any
- name: Comment Kubeconform Output
if: failure() && (steps.kubeconform_min_k8s_version.outcome == 'failure' || steps.kubeconform_latest_k8s_version.outcome == 'failure')
uses: marocchino/sticky-pull-request-comment@331f8f5b4215f0445d3c07b4967662a32a2d3e31 # v2
with:
hide_and_recreate: true
skip_unchanged: true
message: |
## Kubeconform with minimum supported K8s version ${{ env.MIN_K8S_VERSION }}
STDOUT:
```
${{ steps.kubeconform_min_k8s_version.outputs.stdout }}
```
STDERR:
```
${{ steps.kubeconform_min_k8s_version.outputs.stderr }}
```
## Kubeconform with latest K8s version
STDOUT:
```
${{ steps.kubeconform_latest_k8s_version.outputs.stdout }}
```
STDERR:
```
${{ steps.kubeconform_latest_k8s_version.outputs.stderr }}
```