Skip to content
Validate Kubernetes Resources

Update actions/checkout action to v4 #908

Sign in to view logs

Update actions/checkout action to v4

Update actions/checkout action to v4 #908

Workflow file for this run

.github/workflows/validate.yaml at b547611
name: Validate Kubernetes Resources
on:
pull_request:
branches: ["main"]
jobs:
validate:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Check if Services have changed
id: changed-services
uses: tj-actions/changed-files@3f54ebb830831fc121d3263c1857cfbdc310cdb9 # v42
with:
files: |
apps/**/svc.yaml
apps/**/*-svc.yaml
- name: Check if Deployments/Statefulsets have changed
id: changed-workloads
uses: tj-actions/changed-files@3f54ebb830831fc121d3263c1857cfbdc310cdb9 # v42
with:
files: |
apps/**/deployment.yaml
apps/**/statefulset.yaml
- name: Check if configMap/Secrets have changed
id: changed-configs
uses: tj-actions/changed-files@3f54ebb830831fc121d3263c1857cfbdc310cdb9 # v42
with:
files: |
apps/**/cm.yaml
apps/**/secret.yaml
- name: Check if Permissions have changed
id: changed-rbac
uses: tj-actions/changed-files@3f54ebb830831fc121d3263c1857cfbdc310cdb9 # v42
with:
files: |
apps/**/rb.yaml
apps/**/crb.yaml
apps/**/role.yaml
apps/**/cr.yaml
- name: Check if Storage resources have changed
id: changed-storage
uses: tj-actions/changed-files@3f54ebb830831fc121d3263c1857cfbdc310cdb9 # v42
with:
files: |
apps/**/pvc.yaml
apps/**/class.yaml
apps/**/pv.yaml
- name: Install Kubeconform
run: |
(wget -qO- https://github.com/yannh/kubeconform/releases/download/v0.5.0/kubeconform-linux-amd64.tar.gz | sudo tar xvz -C /usr/bin) && sudo chmod +x /usr/bin/kubeconform
- name: Validate new Services
id: validate-service
uses: mathiasvr/command-output@v1
if: steps.changed-services.outputs.any_changed == 'true'
with:
run: |
find . -maxdepth 15 -name svc.yaml -exec kubeconform --verbose -exit-on-error -ignore-missing-schemas -kubernetes-version "1.26.0" -schema-location default {} \;
- name: Validate new Workloads
id: validate-workloads
uses: mathiasvr/command-output@v1
if: steps.changed-workloads.outputs.any_changed == 'true'
with:
run: |
find . -maxdepth 15 -name deployment.yaml -exec kubeconform --verbose -exit-on-error -ignore-missing-schemas -kubernetes-version "1.26.0" -schema-location default {} \;
find . -maxdepth 15 -name statefulset.yaml -exec kubeconform --verbose -exit-on-error -ignore-missing-schemas -kubernetes-version "1.26.0" -schema-location default {} \;
- name: Validate new configMaps or Secrets
id: validate-configs
uses: mathiasvr/command-output@v1
if: steps.changed-configs.outputs.any_changed == 'true'
with:
run: |
find . -maxdepth 15 -name cm.yaml -exec kubeconform --verbose -exit-on-error -ignore-missing-schemas -kubernetes-version "1.26.0" -schema-location default {} \;
find . -maxdepth 15 -name secret.yaml -exec kubeconform --verbose -exit-on-error -ignore-missing-schemas -kubernetes-version "1.26.0" -schema-location default {} \;
- name: Validate new Permissions and RBAC resources
id: validate-configs

Check failure on line 82 in .github/workflows/validate.yaml

View workflow run for this annotation

GitHub Actions / Validate Kubernetes Resources

Invalid workflow file 

The workflow is not valid. .github/workflows/validate.yaml (Line: 82, Col: 13): The identifier 'validate-configs' may not be used more than once within the same scope. .github/workflows/validate.yaml (Line: 93, Col: 13): The identifier 'validate-configs' may not be used more than once within the same scope.
uses: mathiasvr/command-output@v1
if: steps.changed-rbac.outputs.any_changed == 'true'
with:
run: |
find . -maxdepth 15 -name rb.yaml -exec kubeconform --verbose -exit-on-error -ignore-missing-schemas -kubernetes-version "1.26.0" -schema-location default {} \;
find . -maxdepth 15 -name crb.yaml -exec kubeconform --verbose -exit-on-error -ignore-missing-schemas -kubernetes-version "1.26.0" -schema-location default {} \;
find . -maxdepth 15 -name role.yaml -exec kubeconform --verbose -exit-on-error -ignore-missing-schemas -kubernetes-version "1.26.0" -schema-location default {} \;
find . -maxdepth 15 -name cr.yaml -exec kubeconform --verbose -exit-on-error -ignore-missing-schemas -kubernetes-version "1.26.0" -schema-location default {} \;
- name: Validate new Storage resources
id: validate-configs
uses: mathiasvr/command-output@v1
if: steps.changed-storage.outputs.any_changed == 'true'
with:
run: |
find . -maxdepth 15 -name pvc.yaml -exec kubeconform --verbose -exit-on-error -ignore-missing-schemas -kubernetes-version "1.26.0" -schema-location default {} \;
find . -maxdepth 15 -name pv.yaml -exec kubeconform --verbose -exit-on-error -ignore-missing-schemas -kubernetes-version "1.26.0" -schema-location default {} \;
find . -maxdepth 15 -name clas.yaml -exec kubeconform --verbose -exit-on-error -ignore-missing-schemas -kubernetes-version "1.26.0" -schema-location default {} \;
- name: Find Comment
uses: peter-evans/find-comment@d5fe37641ad8451bdd80312415672ba26c86575e # v3
id: fc
with:
issue-number: ${{ github.event.pull_request.number }}
comment-author: 'github-actions[bot]'
body: |
## List of Kubernetes resources schema validation
- name: Update comment with Service resouces
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4
if: steps.changed-services.outputs.any_changed == 'true'
with:
comment-id: ${{ steps.fc.outputs.comment-id }}
issue-number: ${{ github.event.pull_request.number }}
body: |
<details>
<summary><b>Kubernetes `Service` resources</b></summary>
> ${{ steps.validate-service.outputs.stdout }}
</details>
edit-mode: append
- name: Update comment with workload resouces
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4
if: steps.changed-workloads.outputs.any_changed == 'true'
with:
comment-id: ${{ steps.fc.outputs.comment-id }}
issue-number: ${{ github.event.pull_request.number }}
body: |
<details>
<summary><b>Kubernetes Deployment/Statefulset resources</b></summary>
> ${{ steps.validate-workloads.outputs.stdout }}
</details>
edit-mode: append
- name: Update comment with config resouces
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4
if: steps.changed-configs.outputs.any_changed == 'true'
with:
comment-id: ${{ steps.fc.outputs.comment-id }}
issue-number: ${{ github.event.pull_request.number }}
body: |
<details>
<summary><b>Kubernetes `configMap` and `Secret` resources</b></summary>
> ${{ steps.validate-configs.outputs.stdout }}
</details>
edit-mode: append
- name: Update comment with RBAC resouces
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4
if: steps.changed-rbac.outputs.any_changed == 'true'
with:
comment-id: ${{ steps.fc.outputs.comment-id }}
issue-number: ${{ github.event.pull_request.number }}
body: |
<details>
<summary><b>Kubernetes `RoleBinding`, `ClusteRoleBinding`, `Role` and `ClusterRole` resources</b></summary>
> ${{ steps.validate-rbac.outputs.stdout }}
</details>
edit-mode: append
- name: Update comment with Storage resouces
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4
if: steps.changed-storage.outputs.any_changed == 'true'
with:
comment-id: ${{ steps.fc.outputs.comment-id }}
issue-number: ${{ github.event.pull_request.number }}
body: |
<details>
<summary><b>Kubernetes `PersistentVolume`, `PersistentVolumeClaim`, and `StorageClass` resources</b></summary>
> ${{ steps.validate-storage.outputs.stdout }}
</details>
edit-mode: append