Merge pull request 'only validate changed files' (#202) from refactor-kubeconform-worflow into main

Reviewed-on: #202
2025-12-12 11:05:09 +00:00
parent b91d813ea7 1766460069
commit 84e3091e08
1 changed files with 17 additions and 23 deletions
--- a/.gitea/workflows/kubeconform.yml
+++ b/.gitea/workflows/kubeconform.yml
@@ -22,25 +22,30 @@ jobs:
            jq \
            npm \
            nodejs \
-            bash
+            bash \
+            git

      - name: Checkout code
        uses: actions/checkout@v6
        with:
          fetch-depth: 0

-      - name: Create kubeconform configuration
-        run: |
-          cat > /tmp/kubeconform-config.yaml << 'EOF'
-          schema_location:
-            - default
-            - "https://raw.githubusercontent.com/datreeio/CRDs-catalog/refs/heads/main/{{ .ResourceKind }}_{{ .ResourceAPIVersion }}.json"
-          EOF
+      - name: Get changed files
+        id: changed-files
+        uses: tj-actions/changed-files@v47
+        with:
+          files: |
+            **.yml
+            !.gitea/workflows/**

      - name: Validate Manifests
+        if: steps.changed-files.outputs.any_changed == 'true'
+        env:
+          ALL_CHANGED_FILES: ${{ steps.changed-files.outputs.all_changed_files }}
        shell: bash
        run: |
-          # Define schema mappings
+          set -o pipefail
+
          declare -A SCHEMA_MAP=(
            ["HelmRelease"]="helm.toolkit.fluxcd.io/helmrelease_v2.json"
            ["HelmRepository"]="source.toolkit.fluxcd.io/helmrepository_v1.json"
@@ -50,24 +55,13 @@ jobs:
            ["ClusterPolicy"]="nvidia.com/clusterpolicy_v1.json"
          )

-          # Create cache directory
+          EXIT_CODE=0
          export KUBECONFORM_CACHE_DIR="/tmp/kubeconform-cache"
          mkdir -p "$KUBECONFORM_CACHE_DIR"

-          # Exit code tracking
-          EXIT_CODE=0
-
-          # Process all YAML files
          while IFS= read -r file; do
+            [ -z "$file" ] && continue
            echo "=== Validating: $file ==="
-
-            # Skip excluded paths
-            if [[ "$file" == *".gitea/"* ]] || [[ "$file" == *"clusters/default/system-upgrade/"* ]]; then
-              echo "Skipping excluded file"
-              continue
-            fi
-
-            # Detect resource kind
            KIND=$(yq -r '.kind // ""' "$file" 2>/dev/null || echo "")

            if [[ -n "$KIND" && -n "${SCHEMA_MAP[$KIND]}" ]]; then
@@ -93,6 +87,6 @@ jobs:
            fi

            echo ""
-          done < <(find . -type f \( -name "*.yml" \) -print)
+          done <<< "${ALL_CHANGED_FILES}"

          exit $EXIT_CODE