Merge pull request #483 from stefanprodan/flux-schema

ci: Validate manifests with Flux Schema CLI
2026-05-23 01:42:45 +00:00 · 2026-05-20 10:30:26 +03:00
parent ceabb6441a 720a592d93
commit 473f808b28
2 changed files with 6 additions and 49 deletions
--- a/.github/actions/kubeconform/action.yml
+++ b/.github/actions/kubeconform/action.yml
@@ -1,38 +0,0 @@
-name: Setup kubeconform
-description: A GitHub Action for running kubeconform commands
-author: Stefan Prodan
-branding:
-  color: blue
-  icon: command
-inputs:
-  version:
-    description: "kubeconform version e.g. 0.5.0 (defaults to latest stable release)"
-    required: false
-  arch:
-    description: "arch can be amd64 or arm64"
-    required: true
-    default: "amd64"
-runs:
-  using: composite
-  steps:
-    - name: "Download binary to the GH runner cache"
-      shell: bash
-      run: |  
-        ARCH=${{ inputs.arch }}
-        VERSION=${{ inputs.version }}
-
-        if [ -z $VERSION ]; then
-          VERSION=$(curl https://api.github.com/repos/yannh/kubeconform/releases/latest -sL | grep tag_name | sed -E 's/.*"([^"]+)".*/\1/' | cut -c 2-)
-        fi
-        
-        BIN_URL="https://github.com/yannh/kubeconform/releases/download/v${VERSION}/kubeconform-linux-${ARCH}.tar.gz"
-        BIN_DIR=$RUNNER_TOOL_CACHE/kubeconform/$VERSION/$ARCH
-        
-        if [[ ! -x "$BIN_DIR/kind" ]]; then
-          mkdir -p $BIN_DIR
-          cd $BIN_DIR
-          curl -sL $BIN_URL | tar xz
-          chmod +x kubeconform
-        fi
-        
-        echo "$BIN_DIR" >> "$GITHUB_PATH"
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -10,8 +10,7 @@ permissions:
  contents: read

 env:
-  KUBERNETES_VERSION: 1.35.0
-  HELM_VERSION: 4.1.1
+  HELM_VERSION: 4.2.0

 jobs:
  test:
@@ -26,12 +25,8 @@ jobs:
          cache-dependency-path: |
            **/go.sum
            **/go.mod
-      - name: Setup kubectl
-        uses: azure/setup-kubectl@15650b3ad78fff148532a140b8a4c821796b2d7b # v5.0.0
-        with:
-          version: v${{ env.KUBERNETES_VERSION }}
-      - name: Setup kubeconform
-        uses: ./.github/actions/kubeconform
+      - name: Setup Flux Schema CLI
+        uses: fluxcd/flux-schema/actions/setup@c90d3f83707614d21c20226183a9e714d8ba9626 # v0.3.0
      - name: Setup Helm
        uses: azure/setup-helm@dda3372f752e03dde6b3237bc9431cdc2f7a02a2 # v5.0.0
        with:
@@ -45,10 +40,10 @@ jobs:
      - name: Validate Helm chart
        run: |
          helm lint ./charts/podinfo/
-          helm template ./charts/podinfo/ | kubeconform -strict -summary -kubernetes-version ${{ env.KUBERNETES_VERSION }}
+          helm template ./charts/podinfo/ | flux-schema validate --verbose
      - name: Validate Kustomize overlay
        run: |
-          kubectl kustomize ./kustomize/ | kubeconform -strict -summary -kubernetes-version ${{ env.KUBERNETES_VERSION }}
+          kubectl kustomize ./kustomize/ | flux-schema validate --verbose
      - name: Verify CUE formatting
        working-directory: ./timoni/podinfo
        run: |
@@ -64,7 +59,7 @@ jobs:
        working-directory: ./timoni/podinfo
        run: |
          timoni mod lint . 
-          timoni build podinfo . -f test_values.cue | kubeconform -strict -summary -skip=ServiceMonitor -kubernetes-version ${{ env.KUBERNETES_VERSION }}
+          timoni build podinfo . -f debug_values.cue | flux-schema validate --skip-missing-schemas --verbose
      - name: Check if working tree is dirty
        run: |
          if [[ $(git diff --stat) != '' ]]; then