From c5b8c84a3c53684dba8b7bb7fb179045aec5f0e4 Mon Sep 17 00:00:00 2001 From: aggarwalakshun Date: Fri, 12 Dec 2025 22:59:55 +0530 Subject: [PATCH 1/7] better handle multiple manifests in same file --- .gitea/workflows/kubeconform.yml | 45 ++++++++++++++++++-------------- 1 file changed, 25 insertions(+), 20 deletions(-) diff --git a/.gitea/workflows/kubeconform.yml b/.gitea/workflows/kubeconform.yml index 7a421db..1382ca7 100644 --- a/.gitea/workflows/kubeconform.yml +++ b/.gitea/workflows/kubeconform.yml @@ -53,6 +53,7 @@ jobs: ["IPAddressPool"]="metallb.io/ipaddresspool_v1beta1.json" ["SealedSecret"]="bitnami.com/sealedsecret_v1alpha1.json" ["ClusterPolicy"]="nvidia.com/clusterpolicy_v1.json" + ["Plan"]="upgrade.cattle.io/plan_v1.json" ) EXIT_CODE=0 @@ -62,29 +63,33 @@ jobs: while IFS= read -r file; do [ -z "$file" ] && continue echo "=== Validating: $file ===" - KIND=$(yq -r '.kind // ""' "$file" 2>/dev/null || echo "") + MANIFESTS=$(yq e '.[]' "$file" | jq -c 'select(.kind != null)') - if [[ -n "$KIND" && -n "${SCHEMA_MAP[$KIND]}" ]]; then - echo "Found $KIND - using custom schema" - SCHEMA_URL="https://raw.githubusercontent.com/datreeio/CRDs-catalog/refs/heads/main/${SCHEMA_MAP[$KIND]}" + for manifest in "${MANIFESTS[@]}"; do + KIND=$(echo $manifest | yq -r '.kind // ""') - if ! /kubeconform \ - -schema-location "$SCHEMA_URL" \ - -cache "$KUBECONFORM_CACHE_DIR" \ - -output json \ - "$file"; then - EXIT_CODE=1 + if [[ -n "$KIND" && -n "${SCHEMA_MAP[$KIND]}" ]]; then + echo "Found $KIND - using custom schema" + SCHEMA_URL="https://raw.githubusercontent.com/datreeio/CRDs-catalog/refs/heads/main/${SCHEMA_MAP[$KIND]}" + + if ! /kubeconform \ + -schema-location "$SCHEMA_URL" \ + -cache "$KUBECONFORM_CACHE_DIR" \ + -output json \ + "$manifest"; then + EXIT_CODE=1 + fi + else + echo "Validating with default schemas" + if ! /kubeconform \ + -schema-location default \ + -cache "$KUBECONFORM_CACHE_DIR" \ + -output json \ + "$manifest"; then + EXIT_CODE=1 + fi fi - else - echo "Validating with default schemas" - if ! /kubeconform \ - -schema-location default \ - -cache "$KUBECONFORM_CACHE_DIR" \ - -output json \ - "$file"; then - EXIT_CODE=1 - fi - fi + done echo "" done <<< "${ALL_CHANGED_FILES}" From 944bc1f158bf3864eb1b537181aa615c15040790 Mon Sep 17 00:00:00 2001 From: aggarwalakshun Date: Fri, 12 Dec 2025 23:00:14 +0530 Subject: [PATCH 2/7] change yaml to yml --- ...stem-upgrade-controller.yaml => system-upgrade-controller.yml} | 0 .../{system-upgrade-plan.yaml => system-upgrade-plan.yml} | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename clusters/default/system-upgrade/{system-upgrade-controller.yaml => system-upgrade-controller.yml} (100%) rename clusters/default/system-upgrade/{system-upgrade-plan.yaml => system-upgrade-plan.yml} (100%) diff --git a/clusters/default/system-upgrade/system-upgrade-controller.yaml b/clusters/default/system-upgrade/system-upgrade-controller.yml similarity index 100% rename from clusters/default/system-upgrade/system-upgrade-controller.yaml rename to clusters/default/system-upgrade/system-upgrade-controller.yml diff --git a/clusters/default/system-upgrade/system-upgrade-plan.yaml b/clusters/default/system-upgrade/system-upgrade-plan.yml similarity index 100% rename from clusters/default/system-upgrade/system-upgrade-plan.yaml rename to clusters/default/system-upgrade/system-upgrade-plan.yml From 0345ca3f5bc5ab5b21f4dad8a03830d607a74e28 Mon Sep 17 00:00:00 2001 From: aggarwalakshun Date: Fri, 12 Dec 2025 23:07:40 +0530 Subject: [PATCH 3/7] run workflow on push event --- .gitea/workflows/kubeconform.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.gitea/workflows/kubeconform.yml b/.gitea/workflows/kubeconform.yml index 1382ca7..1e33203 100644 --- a/.gitea/workflows/kubeconform.yml +++ b/.gitea/workflows/kubeconform.yml @@ -1,10 +1,10 @@ name: Validate Kubernetes Manifests on: - pull_request: - branches: [main] push: - branches: [main] + paths: + - '**.yml' + - '! .gitea/workflows/**' jobs: kubeconform: From 4226377ff4075c7f3632010b91362fb7b08cf1c6 Mon Sep 17 00:00:00 2001 From: aggarwalakshun Date: Fri, 12 Dec 2025 23:10:04 +0530 Subject: [PATCH 4/7] run kubeconform on push paths --- .gitea/workflows/kubeconform.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitea/workflows/kubeconform.yml b/.gitea/workflows/kubeconform.yml index 1e33203..2473c17 100644 --- a/.gitea/workflows/kubeconform.yml +++ b/.gitea/workflows/kubeconform.yml @@ -4,7 +4,9 @@ on: push: paths: - '**.yml' + - '**.yaml' - '! .gitea/workflows/**' + - '! clusters/**/system-upgrade/crd.yml' jobs: kubeconform: From 7f7416de79f3c2bac787d5a49f78cf9fac3e2d10 Mon Sep 17 00:00:00 2001 From: aggarwalakshun Date: Fri, 12 Dec 2025 23:10:12 +0530 Subject: [PATCH 5/7] change yml to yaml --- ...stem-upgrade-controller.yml => system-upgrade-controller.yaml} | 0 .../{system-upgrade-plan.yml => system-upgrade-plan.yaml} | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename clusters/default/system-upgrade/{system-upgrade-controller.yml => system-upgrade-controller.yaml} (100%) rename clusters/default/system-upgrade/{system-upgrade-plan.yml => system-upgrade-plan.yaml} (100%) diff --git a/clusters/default/system-upgrade/system-upgrade-controller.yml b/clusters/default/system-upgrade/system-upgrade-controller.yaml similarity index 100% rename from clusters/default/system-upgrade/system-upgrade-controller.yml rename to clusters/default/system-upgrade/system-upgrade-controller.yaml diff --git a/clusters/default/system-upgrade/system-upgrade-plan.yml b/clusters/default/system-upgrade/system-upgrade-plan.yaml similarity index 100% rename from clusters/default/system-upgrade/system-upgrade-plan.yml rename to clusters/default/system-upgrade/system-upgrade-plan.yaml From 710afcb1e4ccb6e09944dc49417759ff40a6f869 Mon Sep 17 00:00:00 2001 From: aggarwalakshun Date: Fri, 12 Dec 2025 23:11:13 +0530 Subject: [PATCH 6/7] exclude system-upgrade crd.yml from changed files in kubeconform workflow --- .gitea/workflows/kubeconform.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitea/workflows/kubeconform.yml b/.gitea/workflows/kubeconform.yml index 2473c17..87e0d46 100644 --- a/.gitea/workflows/kubeconform.yml +++ b/.gitea/workflows/kubeconform.yml @@ -39,6 +39,7 @@ jobs: files: | **.yml !.gitea/workflows/** + !clusters/**/system-upgrade/crd.yml - name: Validate Manifests if: steps.changed-files.outputs.any_changed == 'true' From bb39ae220515c0262aeea5e0b95bef0e086997af Mon Sep 17 00:00:00 2001 From: aggarwalakshun Date: Fri, 12 Dec 2025 23:12:45 +0530 Subject: [PATCH 7/7] remove whitespace --- .gitea/workflows/kubeconform.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/kubeconform.yml b/.gitea/workflows/kubeconform.yml index 87e0d46..360750e 100644 --- a/.gitea/workflows/kubeconform.yml +++ b/.gitea/workflows/kubeconform.yml @@ -5,8 +5,8 @@ on: paths: - '**.yml' - '**.yaml' - - '! .gitea/workflows/**' - - '! clusters/**/system-upgrade/crd.yml' + - '!.gitea/workflows/**' + - '!clusters/**/system-upgrade/crd.yml' jobs: kubeconform: