CI: Improved K8s Kubeconformance validation #705
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Lint helm chart | |
on: | |
push: | |
branches: | |
- main | |
- v* | |
paths: | |
- 'install/kubernetes/**' | |
- 'pkg/k8s/apis/cilium.io/client/crds/v1alpha1/*.yaml' | |
- '.github/workflows/lint-helm.yaml' | |
pull_request: | |
paths: | |
- 'install/kubernetes/**' | |
- 'pkg/k8s/apis/cilium.io/client/crds/v1alpha1/*.yaml' | |
- '.github/workflows/lint-helm.yaml' | |
env: | |
MIN_K8S_VERSION: "1.23.0" | |
# renovate: datasource=python-version | |
PYTHON_VERSION: "3.12" | |
jobs: | |
generated-files: | |
runs-on: ubuntu-latest | |
steps: | |
# Get source | |
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 | |
# Check / install dependencies | |
- name: Check if vendored openapi2jsonschema.py script is up to date | |
run: | | |
make -C install/kubernetes openapi2jsonschema.py | |
test -z "$(git status --porcelain)" | |
if [ $? != 0 ]; then | |
git status --porcelain | |
echo "Vendored openapi2jsonschema.py script is out of date." | |
echo "Please run 'make -C install/kubernetes openapi2jsonschema.py' and submit your changes."; exit 1 | |
fi | |
- name: Setup Python | |
id: setup-python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ env.PYTHON_VERSION }} | |
- name: Install pipenv | |
id: install-pipenv | |
shell: bash | |
run: | | |
python -m pip install --upgrade --no-cache-dir pip | |
python -m pip install --no-cache-dir pipenv | |
- name: Cache Pipfile | |
id: cache-pipfile | |
uses: actions/cache@v4 | |
with: | |
path: ~/.local/share/virtualenvs | |
key: ${{ runner.os }}-python-${{ steps.setup-python.outputs.python-version }}-pipenv-${{ hashFiles('Pipfile.lock') }} | |
- name: Sync Pipfile | |
id: sync-pipfile | |
shell: bash | |
working-directory: install/kubernetes | |
run: | | |
pipenv sync --dev --python ${{ env.PYTHON_VERSION }} | |
- name: Check if vendored CRD JSON schemas are up to date | |
run: | | |
make -C install/kubernetes generate-jsonschemas | |
test -z "$(git status --porcelain)" | |
if [ $? != 0 ]; then | |
git status --porcelain | |
echo "Vendored CRD JSON schemas are out of date." | |
echo "Please run 'make -C install/kubernetes generate-jsonschemas' and submit your changes."; exit 1 | |
fi | |
- name: Install Helm CLI # Required for the Helm chart templating | |
uses: azure/[email protected] | |
# Validate Helm chart | |
- name: Generate Helm chart | |
run: | | |
make -C install/kubernetes | |
- name: Validate generated files | |
run: | | |
test -z "$(git status --porcelain)" | |
if [ $? != 0 ]; then | |
git status --porcelain | |
echo "Please run 'make -C install/kubernetes' and submit your changes."; exit 1 | |
fi | |
# (Re-)run Kubeconform checks explicitly once again to catch specific errors in that regard (to get the STDOUT/STDERR) | |
- name: Run Kubeconform with minimum supported K8s version | |
id: kubeconform_min_k8s_version | |
uses: mathiasvr/[email protected] | |
with: | |
shell: bash | |
run: | | |
make -C install/kubernetes kubeconform K8S_VERSION=${{ env.MIN_K8S_VERSION }} | |
- name: Run Kubeconform with latest K8s version | |
id: kubeconform_latest_k8s_version | |
uses: mathiasvr/[email protected] | |
with: | |
shell: bash | |
run: | | |
make -C install/kubernetes kubeconform | |
# Post Kubeconform issues as comment on the GH PR, if there are any | |
- name: Comment Kubeconform Output | |
if: failure() && (steps.kubeconform_min_k8s_version.outcome != 'success' || steps.kubeconform_latest_k8s_version.outcome != 'success') | |
uses: marocchino/sticky-pull-request-comment@v2 | |
with: | |
hide_and_recreate: true | |
skip_unchanged: true | |
message: | | |
## Kubeconform with minimum supported K8s version ${{ env.MIN_K8S_VERSION }} | |
STDOUT: | |
``` | |
${{ steps.kubeconform_min_k8s_version.outputs.stdout }} | |
``` | |
STDERR: | |
``` | |
${{ steps.kubeconform_min_k8s_version.outputs.stderr }} | |
``` | |
## Kubeconform with latest K8s version | |
STDOUT: | |
``` | |
${{ steps.kubeconform_latest_k8s_version.outputs.stdout }} | |
``` | |
STDERR: | |
``` | |
${{ steps.kubeconform_latest_k8s_version.outputs.stderr }} | |
``` |