diff --git a/.gitea/workflows/kubeconform.yml b/.gitea/workflows/kubeconform.yml index 7a421db..5fd4e79 100644 --- a/.gitea/workflows/kubeconform.yml +++ b/.gitea/workflows/kubeconform.yml @@ -53,40 +53,49 @@ jobs: ["IPAddressPool"]="metallb.io/ipaddresspool_v1beta1.json" ["SealedSecret"]="bitnami.com/sealedsecret_v1alpha1.json" ["ClusterPolicy"]="nvidia.com/clusterpolicy_v1.json" + ["Plan"]="upgrade.cattle.io/plan_v1.json" ) EXIT_CODE=0 export KUBECONFORM_CACHE_DIR="/tmp/kubeconform-cache" mkdir -p "$KUBECONFORM_CACHE_DIR" - while IFS= read -r file; do + for file in ${ALL_CHANGED_FILES}; do [ -z "$file" ] && continue echo "=== Validating: $file ===" - KIND=$(yq -r '.kind // ""' "$file" 2>/dev/null || echo "") - - if [[ -n "$KIND" && -n "${SCHEMA_MAP[$KIND]}" ]]; then - echo "Found $KIND - using custom schema" - SCHEMA_URL="https://raw.githubusercontent.com/datreeio/CRDs-catalog/refs/heads/main/${SCHEMA_MAP[$KIND]}" - - if ! /kubeconform \ - -schema-location "$SCHEMA_URL" \ - -cache "$KUBECONFORM_CACHE_DIR" \ - -output json \ - "$file"; then - EXIT_CODE=1 + DOC_COUNT=$(yq eval-all '...' "$file" | grep -c '^---') + for i in $(seq 0 $((DOC_COUNT - 1))); do + TMP_DOC="/tmp/doc_${i}_$$.yaml" + yq eval-all ".[$i]" "$file" > "$TMP_DOC" + if [[ ! -s "$TMP_DOC" ]] || grep -q '^\s*$' "$TMP_DOC"; then + echo "Skipping empty or invalid document $i in $file" + rm -f "$TMP_DOC" + continue fi - else - echo "Validating with default schemas" - if ! /kubeconform \ - -schema-location default \ - -cache "$KUBECONFORM_CACHE_DIR" \ - -output json \ - "$file"; then - EXIT_CODE=1 + KIND=$(yq eval ".kind // \"\"" "$TMP_DOC") + if [[ -n "$KIND" && -n "${SCHEMA_MAP[$KIND]}" ]]; then + echo "Found $KIND in document $i - using custom schema" + SCHEMA_URL="https://raw.githubusercontent.com/datreeio/CRDs-catalog/refs/heads/main/${SCHEMA_MAP[$KIND]}" + if ! /kubeconform \ + -schema-location "$SCHEMA_URL" \ + -cache "$KUBECONFORM_CACHE_DIR" \ + -output json \ + "$TMP_DOC"; then + EXIT_CODE=1 + fi + else + echo "Validating document $i with default schemas" + if ! /kubeconform \ + -schema-location default \ + -cache "$KUBECONFORM_CACHE_DIR" \ + -output json \ + "$TMP_DOC"; then + EXIT_CODE=1 + fi fi - fi - + rm -f "$TMP_DOC" + done echo "" - done <<< "${ALL_CHANGED_FILES}" + done exit $EXIT_CODE diff --git a/clusters/default/system-upgrade/system-upgrade-controller.yaml b/clusters/default/system-upgrade/system-upgrade-controller.yml similarity index 99% rename from clusters/default/system-upgrade/system-upgrade-controller.yaml rename to clusters/default/system-upgrade/system-upgrade-controller.yml index 3a178e3..906aed0 100644 --- a/clusters/default/system-upgrade/system-upgrade-controller.yaml +++ b/clusters/default/system-upgrade/system-upgrade-controller.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Namespace metadata: diff --git a/clusters/default/system-upgrade/system-upgrade-plan.yaml b/clusters/default/system-upgrade/system-upgrade-plan.yml similarity index 86% rename from clusters/default/system-upgrade/system-upgrade-plan.yaml rename to clusters/default/system-upgrade/system-upgrade-plan.yml index cbf64b5..fae52da 100644 --- a/clusters/default/system-upgrade/system-upgrade-plan.yaml +++ b/clusters/default/system-upgrade/system-upgrade-plan.yml @@ -1,3 +1,4 @@ +--- # Server plan apiVersion: upgrade.cattle.io/v1 kind: Plan @@ -16,7 +17,7 @@ spec: serviceAccountName: system-upgrade upgrade: image: rancher/k3s-upgrade - channel: https://update.k3s.io/v1-release/channels/stable + channel: https://update.k3s.io/v1-release/channels/v1.33 --- # Agent plan apiVersion: upgrade.cattle.io/v1 @@ -39,4 +40,4 @@ spec: serviceAccountName: system-upgrade upgrade: image: rancher/k3s-upgrade - channel: https://update.k3s.io/v1-release/channels/stable + channel: https://update.k3s.io/v1-release/channels/v1.33